On Mar 10, 2014, at 8:28 AM, Maechler Philippe <pmaechler...@glattnet.ch> wrote: > Let´s assume that we have a /32 IPv6 subnet for our needs and that we only > publish PTR records where they are needed like for mail servers and maybe DNS > and web servers. > > > Our Network is: 2001:db8::/32 > This would give us a Zone named 8.b.d.0.1.0.0.2.ip6.arpa
You could do that, or you could create one reverse zone per /64, or break it at any label you like. > Our DNS has the ip 2001:db8:193:192::20/64 and the other one has > 2001:db8:193:193::20/64 > > 1) Would you create an entry in 8.b.d.0.1.0.0.2.ip6.arpa like: > > 20.2.9.1.0.3.9.1.0 IN A dns1.example.org. > 20.3.9.1.0.3.9.1.0 IN A dns2.example.org. The correct answer is: $ORIGIN 8.b.d.0.1.0.0.2.ip6.arpa. 0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.9.1.0.3.9.1.0 PTR dns1.example.com. 0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.9.1.0.3.9.1.0 PTR dns1.example.com. Again, you can delegate subzones at any arbitrary label. > 2) In the near future we will have a lot more entries in the reverse Zone > and, so I guess, some parts of it will be delegated to other servers. When > would you start delegating parts of Zone 8.b.d.0.1.0.0.2.ip6.arpa into other > Zone-Files? > How far down the tree would you go for de delegation? Personally, I would create a reverse zone for each /64 subnet. > 3) Will a recursive resolver have problems if I only have a SOA for > 8.b.d.0.1.0.0.2.ip6.arpa and no SOA for the zones below like > 1.0.3.9.1.0.8.b.d.0.1.0.0.2.ip6.arpa? There's a difference between zones and domains. A zone is equal to a domain minus any delegated subzones. You are permitted to delegated a subzone several labels down the tree from its parent zone. In other words, it's perfectly legitimate to have a zone at the /32 level and then child zones at the /64 level, with no delegated subzones in between (at the /36, /40, /44, etc. levels). > The reason I ask is: > We had generic A records for our IPv4 space: > dynamic.001-002.003-004.catv.example.org IN A 1.2.3.4 and some mailservers > complained that there was no zone for 001-002.003-004.catv.example.org. nor > 003-0004.catv.example.org. and no entry for catv.example.org. (we only had > the example.org Zone with host a host dynamic.001-002.003-004.catv) That's a different question, for the names of your A records. I don't know why a mail server would complain about this, but perhaps others with recent mail server admin experience can comment here. Regards, Chris Buxton _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
