reverse zone of type forward when /28 subnet

[Dmitri Tarkhov]

Hi, all,

thank you very much for discussion. It was interesting and very useful.
You can pretty well imagine that I am not much dns involved,
I am rather unix and unix HW guy.
Unfortunately I saw dns cache poisoning attack and although it could be
provoked by side effects it's better to get rid of it altogether.
For just 14 (241-254) addresses it is not difficult to maintain 2 types
of master zones in sync (RFC 2317 and RFC 1035) and it's enough to put a
couple of comment lines to not forget it later.
Yes, life is short but this is not the reason to not train the brain,
can help to hook a life a bit longer ...
Bring stir to the chicken coop and request compliance is generally
good idea and fingers itch but I don't expect much from our ISPs ...
So first I'll try "type forward" within a view,
then I'm sure, one address zones can serve me right.
I will also contact the ISP but without great expectations.

Why I do all this is:
- enforce security
- assure stable mail exchange (which depends on reverse resolving)

Mark Andrews wrote:

> In message <50DCD454.2070303 at dougbarton.us>, Doug Barton writes:
> 
>>On 12/27/2012 11:18 AM, Mark Andrews wrote:
>>
>>>zone "241.Z.X.Y.IN-ADDR.ARPA" {
>>>	type master;
>>>	file "241.Z.X.Y.IN-ADDR.ARPA";
>>>};
>>
>>That's great locally, but it doesn't match the 2317 delegation from the 
>>upstream, and usually it's not possible to change what they send you.
>>
>>Or are you suggesting maintaining both the individual versions of the 
>>zones, and the 2317 zone?
> 
> 
> No.  I'm suggesting that they tell their ISP to do RFC 2317 right
> or do RFC 1035 delegations.   If their ISP won't do either change
> ISP.
> 
> 
>>Doug
>>_______________________________________________
>>Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>
>>bind-users mailing list
>>bind-users at lists.isc.org
>>https://lists.isc.org/mailman/listinfo/bind-users

-- 
Best regards,
Dmitri Tarkhov