Multiple Origin Statements

Saunders, Shawn SSaunders at mednet.ucla.edu
Fri May 7 19:09:39 UTC 2004 

-----Original Message-----
From: Barry Margolin [mailto:barmar at alum.mit.edu] 
Sent: Friday, May 07, 2004 11:30 AM
To: comp-protocols-dns-bind at isc.org
Subject: Re: Multiple Origin Statements

In article <c7giq5$1qvd$1 at sf1.isc.org>,
 saundersconsult at hotmail.com (Shawn) wrote:

> I am responsible and authoritative for 2 domains, and 1 sub-domain
> delegation. Those are simple. What I am having a problem with, is the
> way the DNS was setup, and how to properly setup some specific IP's
> accross multiple zones, that I am not authoritative for, but must
> reference in my DNS as part of my other zones.
> 
> To clarify:
> 
> zone1.domain.com  IN A aaa.bbb.ccc.111
> zone1.domain.com  IN A aaa.bbb.eee.222
> zone1.domain.com  IN A aaa.bbb.fff.333
> 
> Now I have only been given a few specific IP's and have been informed
> that it will not be included in my upstream DNS provider (Government
> Work).
> 
> I am to be authoritative for a few (about 6) different IP's that are
> in other Class B networks, that I am not authoritative for, but must
> resolve, while still allowing all my internal workstations access to
> the rest of these zones that are maintained by my upstream provider.
> 
> Hope that is clear.  Any takers?  How the heck to you provide
> resolution for specific IP's without poisoning your zone files with
> out-of-zone entries.  And if I create zone files for these zones, then
> my server will consider itself authorative, and I won't be able to
> reach the other devices on the other network, which are part of that
> zone...  I am perplexed.

It's not clear what you're asking.  Are you trying to find out how to 
set up reverse DNS for these addresses?

You could have the maintainer of the parent zone delegate the specific 
reverse entries to you, e.g. the bbb.aaa.in-addr.arpa zone could contain:

111.ccc IN NS ns1.yourdomain.com.
        IN NS ns2.yourdomain.com.
222.eee IN NS ns1.yourdomain.com.
        IN NS ns2.yourdomain.com.
333.fff IN NS ns1.yourdomain.com.
        IN NS ns2.yourdomain.com.

Then you can create zones for each of these on your server.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

Yes, Barry, I guess I will request them to delegate those specific IP's. But
I am curious, if I setup these zone files won't that stop my DNS server from
resolving IP's in those zones, that are not delegated to me?  I think I'll
re-read RFC 2317.  Someone suggested that might shed some light on this for
me.  They are not delegating subnets, but specific IP's from multiple
subnets that they manage to me.  And I am expected to be authoritative for
those specific IPs.  It seems it would have been easier just to give me a 6
host subnet and not have to worry about this weirdness.  But we work with
what we have.

Thank you.

Shawn

More information about the bind-users mailing list