Reverse zone with subnet larger than Class C

Joe Greco jgreco at ns.sol.net
Wed Mar 1 23:53:15 UTC 2006


> 	RFC 2317 is a good fit for /25 - /32.  It was never intended for
> 	shorter prefixes.  It removes the one zone per PTR record
> 	management headache.

Right, I understand, I was there.  :-)  I remember the "resolvers will
not handle this properly" debates all too clearly.

> 	Normal delegation gives you 256 PTR records per zone for /24s which
> 	IMHO is a reasonable trade off.  4 zones for 1024 PTR records.
> 
> 	You need to create 1024 CNAME records in the /16 zone to handle
> 	a /22.
> 
> 	0/22.168.192.IN-ADDR.ARPA NS NS1.EXAMPLE.NET
> 	0/22.168.192.IN-ADDR.ARPA NS NS2.EXAMPLE.NET
> 	0.0.168.192.IN-ADDR.ARPA CNAME 0.0.0/22.168.192.IN-ADDR.ARPA
> 	...
> 	255.0.168.192.IN-ADDR.ARPA CNAME 255.0.0/22.168.192.IN-ADDR.ARPA
> 	0.1.168.192.IN-ADDR.ARPA CNAME 0.1.0/22.168.192.IN-ADDR.ARPA
> 	...
> 	255.1.168.192.IN-ADDR.ARPA CNAME 255.1.0/22.168.192.IN-ADDR.ARPA
> 	...
> 	255.255.168.192.IN-ADDR.ARPA CNAME 255.255.0/22.168.192.IN-ADDR.ARPA
> 
> 	32768 CNAME records for /17.
> 
> 	No sane /16 (/8) administator will do that.

And here I thought that was the magic of $GENERATE...

But really, experience says that mistakes are more likely to happen when
you're dealing with multiple zones.  Delegating a significant chunk out
of a /16 would be a PITA, I would think.

> 	These days you could do
> 
> 	0.168.192.IN-ADDR.ARPA. DNAME 0.0/22.168.192.IN-ADDR.ARPA.
> 	1.168.192.IN-ADDR.ARPA. DNAME 1.0/22.168.192.IN-ADDR.ARPA.
> 	2.168.192.IN-ADDR.ARPA. DNAME 2.0/22.168.192.IN-ADDR.ARPA.
> 	4.168.192.IN-ADDR.ARPA. DNAME 3.0/22.168.192.IN-ADDR.ARPA.
> 	0/22.168.192.IN-ADDR.ARPA NS NS1.EXAMPLE.NET
> 	0/22.168.192.IN-ADDR.ARPA NS NS2.EXAMPLE.NET
> 
> 	in the 168.192.IN-ADDR.ARPA zone but it also requires that
> 	all the servers for 168.192.IN-ADDR.ARPA support DNAME.
> 
> 	It also increases the load on the 168.192.IN-ADDR.ARPA servers
> 	as the synthesised CNAME have a zero TTL.

Yeah, that'd be bad.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.



More information about the bind-users mailing list