non-24 bit subnets
Alex McKenzie
alex at chem.umass.edu
Wed Oct 6 20:15:22 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Miller wrote:
> On 10/6/2010 3:21 PM, Jay Ford wrote:
>> On Wed, 6 Oct 2010, Alex McKenzie wrote:
>>> Unfortunately, we do have need -- or at least a use -- to have smaller
>>> subnets in multiple files, but without delegating authority. The
>>> problem is that some of those small subnets should have a shorter TTL,
>>> or other settings changed. If there's a way to change all the settings
>>> by host in a single file, that would at least make that easier.
>>
>> You could use one real zone file which is referenced by named.conf,
>> with $INCLUDE directives in that zone file to pull in the parts of the
>> zone from files containing the subsets you want. A $TTL directive at
>> the top of each small file should give you the variable TTL defaulting
>> you want.
>>
>
> You can have a different TTL for each and every record, if you like, in
> the same zone file with no includes (the $TTL directive can appear
> multiple times).
>
> e.g. :
>
> $TTL 300 ; 5 mins
> * PTR host-no-spec.example.com.
> $TTL 3600 ; 1 hour
> 17 PTR mail.example.com.
> $TTL 1800 ; 30 mins
> 18 PTR mail2.example.com.
> $TTL 86400 ; 1 day
> 19 PTR whatever.example.com
> 20 PTR whatever2.example.com
> 22 PTR whatever2.example.com
>
> ^^ This works for me.
>
>>> For larger subnets we can use multiple zones, but I'd hoped to avoid it
>>> if possible. It sounds from this like there isn't a way, though.
>>
>> Right.
>>
Interesting -- I'll keep that in mind. I suspect I can make either that
or the INCLUDE directive work for me.
Out of curiosity: what if it's a /16 or /8 network? Do those also get
built as 24 bit files, or can they be built differently? I seem to
recall seeing an option for a reverse lookup file with hosts declared as:
x.y PTR host.domain.tld.
Does that work, or was that an old format that's been deprecated, or
would it never have worked?
Thanks,
Alex
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkys2NoACgkQWFYfIucpZ2MowQCdEAnTH2n8Ylj2eanapBMXhXoI
pEEAn2ePq2ykapSNVNKT2tiocxyKgAsm
=70tZ
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list