reverse cidr zones

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed Aug 25 15:22:30 UTC 2004


On Wed, Aug 25, 2004 at 10:03:43AM -0500,
 Jeff Stevens <jstevens at vnet.ibm.com> wrote 
 a message of 11 lines which said:

> If I have a CIDR subnet from 192-255 (in zone 12.145.185), how is
> the zone defined such that we are authoritative only for that
> 192-255 range and not the entire 12.145.185 range?

The full details are in RFC 2317. To summary: it is mostly the job of
the zone above yours (i.e. your ISP).
 
> I currently have a 185.145.12.in-addr.arpa zone with aliases that
> point to a 192-255.185.145.12.in-addr.arpa.

You mean 192/26.185.145.12.in-addr.arpa? 

> zone that has the actual PTRs.  

Except it is broken:

% check_soa 192/26.185.145.12.in-addr.arpa. 
cmtu.mt.ns.els-gms.att.net is not authoritative for 192/26.185.145.12.in-addr.arpa.
cbru.br.ns.els-gms.att.net is not authoritative for 192/26.185.145.12.in-addr.arpa.
kramer.allenedmonds.com: expected 1 answer, got 0

> am unsure how to prevent our DNS from responding as authoritative
> for the range 0-191.185.145.12.in-addr.arpa.?

You do not add other zones in your named.conf and that's all (besides,
the rest of the world will not ask you about them, anyway).


More information about the bind-users mailing list