Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

reverse delegating range of ip addresses

0 views
Skip to first unread message

Kimo R.

unread,
Jan 18, 2003, 8:53:14 PM1/18/03
to

Hello,

I have a class C 192.168.1.0/24. I would like to delegate a range
39-50. In 1.168.192.in-addr.arpa, I add
$GENERATE 39-50 $ NS ns1.otherserver.com.
$GENERATE 39-50 $ NS ns2.otherserver.com.

Now on my secondary, 1.168.192.in-addr.arpa shows:
39 NS ns1.otherserver.com.
NS ns2.otherserver.com.
40 NS ns1.otherserver.com.
NS ns2.otherserver.com.

and so on. So the zone file was created correctly?

Now how would the zone file be for ns1.otherserver.com? In named.conf
what would the zone name be?

Thanks
Kimo R.

Doug Barton

unread,
Jan 18, 2003, 9:10:18 PM1/18/03
to

Kimo R. wrote:
> Hello,
>
> I have a class C 192.168.1.0/24. I would like to delegate a range
> 39-50. In 1.168.192.in-addr.arpa, I add
> $GENERATE 39-50 $ NS ns1.otherserver.com.
> $GENERATE 39-50 $ NS ns2.otherserver.com.

This isn't exactly how this kind of thing is usually done. In order for
this to work the servers you're delegating to would have to have zones
for each one of those individual IP addresses. It would be easier to do
an RFC 2317 delegation. In the 1.168.192.in-addr.arpa zone you would do
this:

$ORIGIN 1.168.192.in-addr.arpa.
39-50 NS ns1.otherserver.com.
39-50 NS ns2.otherserver.com.
$GENERATE 39-50 $ CNAME $.39-50

Then the name servers you're delegating to just need one zone,
39-50.1.168.192.in-addr.arpa.

Hope this helps,

Doug


Kimo R.

unread,
Jan 20, 2003, 1:30:17 AM1/20/03
to

Doug Barton <Do...@dougbarton.net> wrote in message news:<b0d1ea$arce$1...@isrv4.isc.org>...


Perfect. Just what I was looking for.

Thanks
Kimo

Kevin Darcy

unread,
Jan 21, 2003, 4:52:50 PM1/21/03
to

Doug Barton wrote:

> Kimo R. wrote:
> > Hello,
> >
> > I have a class C 192.168.1.0/24. I would like to delegate a range
> > 39-50. In 1.168.192.in-addr.arpa, I add
> > $GENERATE 39-50 $ NS ns1.otherserver.com.
> > $GENERATE 39-50 $ NS ns2.otherserver.com.
>
> This isn't exactly how this kind of thing is usually done. In order for
> this to work the servers you're delegating to would have to have zones
> for each one of those individual IP addresses. It would be easier to do
> an RFC 2317 delegation. In the 1.168.192.in-addr.arpa zone you would do
> this:
>
> $ORIGIN 1.168.192.in-addr.arpa.
> 39-50 NS ns1.otherserver.com.
> 39-50 NS ns2.otherserver.com.
> $GENERATE 39-50 $ CNAME $.39-50
>
> Then the name servers you're delegating to just need one zone,
> 39-50.1.168.192.in-addr.arpa.

Well, for only 12 reverse names, it could go either way. I personally
think that delegating each reverse name is a more logical,
easy-to-understand way of doing "classless delegation" than RFC 2317-style
aliasing, but of course the price to be paid is more delegations in the
parent zone, and more zones to be defined/maintained on the delegated
nameservers. At a certain point, these disadvantages outweigh the
advantages, but different folks will put that "more-pain-than-gain" line
in different places.


- Kevin

Doug Barton

unread,
Jan 21, 2003, 5:50:10 PM1/21/03
to

On Tue, 21 Jan 2003, Kevin Darcy wrote:

> Doug Barton wrote:
> >
> > $ORIGIN 1.168.192.in-addr.arpa.
> > 39-50 NS ns1.otherserver.com.
> > 39-50 NS ns2.otherserver.com.
> > $GENERATE 39-50 $ CNAME $.39-50
> >
> > Then the name servers you're delegating to just need one zone,
> > 39-50.1.168.192.in-addr.arpa.
>
> Well, for only 12 reverse names, it could go either way. I personally
> think that delegating each reverse name is a more logical,
> easy-to-understand way of doing "classless delegation" than RFC 2317-style
> aliasing, but of course the price to be paid is more delegations in the
> parent zone, and more zones to be defined/maintained on the delegated
> nameservers. At a certain point, these disadvantages outweigh the
> advantages, but different folks will put that "more-pain-than-gain" line
> in different places.

Agreed, but since the original poster was missing the forest for the
delegation trees, I thought another way of looking at it might help. Not
to mention, when I first started doing rfc 2317 delegations I also found
them cumbersome and difficult to understand, but now that I've done dozens
of them over the years (and taught several of our ISP's how to do them
properly), they seem quite "natural" to me.

Each to his own,

Doug

--
"We have known freedom's price. We have shown freedom's power.
And in this great conflict, ... we will see freedom's victory."
- George W. Bush, President of the United States
State of the Union, January 28, 2002

Do YOU Yahoo!?


0 new messages