Advice for DNS reverse zones
rharolde at umich.edu
Wed Feb 6 20:11:46 UTC 2019
On Wed, Feb 6, 2019 at 1:03 PM Mik J via bind-users <
bind-users at lists.isc.org> wrote:
> I would like to know how do you manage reverse zones and the 10.x.x.x zone
> I can see three choices:
> - One global 10.in-addr.arpa zone
> - Many /24 zones 1.1.10.in-addr.arpa zone
> - Something in between
> One global zone:
> The problem is that I end having a very populated zone and if someone asks
> me to setup an acl or anything like that it has to be global.
> This solution might be the easiest but definatly not the best in terms of
> Many /24 zones:
> The problem is that I end creating zones all the time or make them first
> in one go, so 65536 zones...
> And when someone has a /16 network I need to delete the 256 x /24 zones to
> make one single.
> What do you people do on your DNS servers ?
> And is it possible to make a 1.1.10.in-addr.arpa for the 16 first
> adresses (a /28 network) ?
For ranges with few records, that don't need to be acl'ed or delegated, put
them in the 10.in-addr.arpa zone.
Any /16 that has a lot of records can be split off into its own
An if a /24 gets really busy, you can split it out 5.1.10.in-addr.arpa
There is no need to create all 256 /16's or all the /24's, just create them
If having different sizes is too confusing, I suggest all /16's.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users