CIDR Reverse-DNS Zone Updates

Simon Hobson dhcp1 at
Thu Aug 10 07:12:15 UTC 2006

Suertreus wrote:
>I run a network on half of a 10.x.x.x Class A private address space 
>using CIDR.  My network is
>, so the associated DNS zones are as follows in BIND named.conf:
>01        zone "" {
>02                type master;
>03                file "";
>04                update-policy { grant dhcp-key subdomain 
>"" A AAAA TXT; };
>05        };
>06        zone "" {
>07                type master;
>08                file "";
>09        };
>10        zone "128/" {
>11                type master;
>12                file "";
>13                update-policy { grant dhcp-key subdomain 
>"128/" PTR TXT; };
>14        };

Check the archives, there has been a discussion of how to handle this 
several times over the years - normally to manage updates of a range 
smaller than /24. The key things to remember are :

DHCP does NOT support updating of arbitrary zones, it takes the ip 
address, reverses the octets, and appends the reverse domain name 

What you can do in the general case is this :

create your local zone, for example "" - it can be 
anything as long as dhcp can update d.c.b.a.something for address 

For you subnets in the range, set the base zone for ddns 
updates to "". It will now treat as 
the root for reverse dns updates in those subnet(s).

Build the relevant zones/delegations in dns, bearing in mind that as 
some point you need entries of the form " CNAME" which can be achieved by the use of 
$GENERATE. You are probably doing this in some way already just to 
make dns work.

However, what you have is effectively a supernet which makes things 
very, very, very much simpler IF you reconfigure your dns. You might 
benefit from this anyway as the pain of managing a 
128/ can be higher than managing the zones that make it up.

To do this you simply define separate zones for :,, and so on.

More information about the dhcp-users mailing list