IN-ADDR.ARPA Zone Delegations

Merton Campbell Crockett m.c.crockett at adelphia.net
Sat Jan 13 17:06:02 UTC 2007 

On 10 Jan 2007, at 11:50:23, Mark Andrews wrote:

>> On 10 Jan 2007, at 06:53:26, Stephane Bortzmeyer wrote:
>>
>>> On Wed, Jan 10, 2007 at 06:46:09AM -0800,
>>>  Merton Campbell Crockett <m.c.crockett at adelphia.net> wrote
>>>  a message of 43 lines which said:
>>>
>>>> I forgot to note that I used a $ORIGIN statements in the 10.10.IN-
>>>> ADDR.ARPA zone file instead of the following notation.
>>>
>>> That's the first time that I see someone asking for help by posting
>>> what he did NOT do.
>>
>> What can I say?  After sending my original message it struck me that
>>
>> it might be important to note that I used the following notation.
>>
>> 	$ORIGIN 160.10.10.IN-ADDR.ARPA.
>> 				IN	NS	NS.SUB.DOMAIN.COM.
>
> 	Which is NOT a delegation of 160.10.10.IN-ADDR.ARPA.
> 	$ORIGIN does NOT change the current owner.  You actually
> 	delegated whatever the current owner name is.
>
> 	My first thought would be.  Kill the forward zones as
> 	you are authoritative for 10.10.IN-ADDR.ARPA.
> 	Make sure you have a empty forwarders declaration for
> 	10.10.IN-ADDR.ARPA.

After 20 years of maintaining a stable DNS framework through multiple  
mergers, I am passing the baton for the DNS to the IT organization.   
Their replacement DNS framework makes extensive use of forwarders and  
is extremely restrictive with regard to zone transfers.  For some  
strange reason they think this will increase security.  :)

Until the transition is complete, my name server remains the "name  
server of last resort" while not being permitted to transfer any  
delegated zone information.  As a result, I get the task of making  
things work until IT assumes full responsibility.

IT retired the primary name server for the original CIDR block.  I  
was creating a replacement zone to prevent queries from being sent to  
the root name servers.  I had forgotten that the $ORIGIN statement  
only appends the current origin when a simple host name is defined or  
when the symbol "@" is used.

Thanks.


Merton Campbell Crockett
m.c.crockett at adelphia.net

More information about the bind-users mailing list