* Phil Mayers <p.may...@imperial.ac.uk> [2012-06-27 14:29:38 +0100]:
> On 26/06/12 17:25, nex6 wrote: > >* Phil Mayers<p.may...@imperial.ac.uk> [2012-06-26 16:54:55 +0100]: > > > > > >I am not going to be editing files by hand, we actually have a tool. I am > >more > >concerned about best practices, and how to fix the mess. > > > >eg, say we have about 500 vlans (/24s) and say only 350 have reverse zones. > >from what I understand its best to just create the missing zones and fix the > >tools > >so new networks always get reverse zones created. > > > >becuase I dont think i can just create a larger /16 or /8. becuase they will > >overlap and create a bigger mess..... > > Do what works for you. If you would rather create the full range of > x.y.10.in-addr.arpa from your tools, that's fine. > > I'm not sure the "best practice" you are asking about exists in that form. > > One final point though - you *should* have an enclosing > 10.in-addr.arpa zone or "fill the holes", so that you don't leak > reverse lookups to the DNS root servers. You might even find that, > unless you disable it, your nameserver creates the empty zone for > you. so, you *should* have a larger 10.x.x.x zone? *and* smaller 10.x.x.0/24 zones? so i am assuming the workflow would be in this case, records go in the smaller zones, and the larger zone is the catchall to prevent leakage? _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
