Re: Reverse zone delegation for 172.16.16.0/20 - HOW TO?

Sun, 20 May 2012 23:40:36 -0700 

Dear Barry!

I tried to delegate 172.16.16.0/ doing the following on the central site:
$ORIGIN 16.172.in-addr.arpa.
$GENREATE 16-31 $ NS srvgate.sokol.msk.united-networks.ru.

It works! :-) You are right! :-)

But I don't understand what do I need do on "sokol.msk"-server?
Do I need create 16 independent files for 16.16.172.in-addr.arpa...31.16.172.in-addr.arpa 
or is there a way which allow me to aggregate all of those in a one file?
It is clear to me how I can treat /16 zones... :-) But I still don't understand what I can make 
with "accepting" server..

Kind regards,
Ellad



In article<mailman.823.1337358596.63724.bind-us...@lists.isc.org>,
  "Ellad G. Yatsko"<eyat...@ngs.ru>  wrote:


Hello!

There is the Supernet 172.16.0.0/12 is distributed through my network.
Some network hierarchy is built in this Supernet. Some addressing plan
is used.

There are some towns. Each town has IP pool of
172.16.0.0/16...172.30.0.0/16.

There are some sites in different districts of above towns, they get a
block of IP-addresess: 172.xx.0.0/20 from its main town's server.

Each ending site uses its networks in the following way:
- servers;
- voice;
- video surveillance;
- top-managers;
- accounting;
- ... some other departaments.

Indeed it's no matter what and why. Now I want to build hierarchic
structure of DNS servers in each location. And delegate zones accordingly.
But I have some troubles in the beginning. How do I describe topmost
172.16.0.0/12 zone?

I used a trick and made zone 172.in-addr.arpa. It is not exact but it works.

The problem with this is that you won't be able to do reverse lookups
for other 172.x.x.x addresses outside the RFC 1918 block.  Maybe you
could download the real 172.in-addr.arpa zone, and merge your changes
into it.


But I can't at all to delegate block 172.16.0.0/16 to second level

In the 172.in-addr.arpa zone, just do a normal delegation:

16 IN NS second-level-server.


server to say nothing about delegation 172.16.16.0/20 from second level
to ending DNS!

You can use $GENERATE for this.  In the zone file for
17.172.in-addr.arpa, do:

$GENERATE 16-31 $ IN NS srvgate.sokol.msk.united-networks.ru.


Then I tried to solve this task in the most general way. I thought If I
learn how to delegate "most difficult zone" I delegate simplier one easily.

So I began to delegate 172.16.16.0/20 (not 172.16.0.0/16) from topmost
server to its neighbor as follows:


zone "172.in-addr.arpa" {
    type master;
    file "/etc/bind/master/reverse/172.in-addr.arpa";
    forwarders { };
};

and (in zone file):

0.16/20.16.172.in-addr.arpa.    IN NS
srvgate.sokol.msk.united-networks.ru.
$GENERATE 0-256 $.16.16.172.in-addr.arpa.       IN CNAME
$.0.16/20.16.172.in-addr.arpa.
$GENERATE 0-256 $.31.16.172.in-addr.arpa.       IN CNAME
$.0.31/20.16.172.in-addr.arpa.

This technique is really only needed for delegations of blocks smaller
than /24.  For anything larger, just do multiple delegations.



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to