Advice for DNS reverse zones
mikydevel at yahoo.fr
Thu Feb 7 10:33:01 UTC 2019
Hello Bob, Tony,
Thank you for your answers, I'm going to study this topic.
Le mercredi 6 février 2019 à 21:11:59 UTC+1, Bob Harold <rharolde at umich.edu> a écrit :
On Wed, Feb 6, 2019 at 1:03 PM Mik J via bind-users <bind-users at lists.isc.org> wrote:
I would like to know how do you manage reverse zones and the 10.x.x.x zone particularly.
I can see three choices:- One global 10.in-addr.arpa zone- Many /24 zones 1.1.10.in-addr.arpa zone- Something in between
One global zone:The problem is that I end having a very populated zone and if someone asks me to setup an acl or anything like that it has to be global.This solution might be the easiest but definatly not the best in terms of scalability
Many /24 zones:The problem is that I end creating zones all the time or make them first in one go, so 65536 zones...And when someone has a /16 network I need to delete the 256 x /24 zones to make one single.
What do you people do on your DNS servers ?
And is it possible to make a 1.1.10.in-addr.arpa for the 16 first adresses (a /28 network) ?
For ranges with few records, that don't need to be acl'ed or delegated, put them in the 10.in-addr.arpa zone.Any /16 that has a lot of records can be split off into its own 2.10.in-addr.arpa.An if a /24 gets really busy, you can split it out 5.1.10.in-addr.arpa
There is no need to create all 256 /16's or all the /24's, just create them as needed.
If having different sizes is too confusing, I suggest all /16's.
-- Bob Harold
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users