Question about RFC-2317

Edward Lewis Ed.Lewis at
Thu Jan 4 18:39:53 UTC 2007

At 9:19 -0800 1/4/07, Clenna Lumina wrote:
>But why?

Because DNS can only delegate every 8 bits, IP can delegate on any bit length.

Let's say you are an ISP and have a /22 allocated to you by an RIR. 
A /22 consists of 4 /24's. to is the range 
(equivalent to 10.12.52/22).

Your first customer gets 256 addresses - - and wants to do DNS.
The second customer gets 128 addresses - - ditto
The third customer gets 128 addresses  - - ditto

The first customer wants to use ns1.example. and ns2.example.
The second customer wants to use and
The third customer wants to use and

How do you break up the second /24?

You have "" and ""  What does the 
zone look like?  Well, you have four... --> for this you run nothing, you have the RIR 
delegate the zone to the first customer, meaning that has this:

52      NS ns1.example.
         NS ns2.example.
53      NS
54      NS
55      NS

For your second and third customers, you would have to use RFC 2317 
to split the range to two different server sets.

@       SOA

$GENERATE    0-127 $ CNAME $

----end of the zone file----

When a query for " PTR comes to your server, 
you will answer with CNAME
and NS NS

At this point, the customer can put whatever entries they want in the 
reverse map, they are independent of you for this.

If you didn't do this, then you'd have to blow an entire /24 on each 
customer that wanted to do DNS or you would have to manage the DNS 
for them.

Edward Lewis                                                +1-571-434-5468

Dessert - aka Service Pack 1 for lunch.

More information about the bind-users mailing list