Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

[HPADM] [SUMMARY] Class B addresses in reverse lookup file

9 views

Skip to first unread message

ro...@unix1.psych.westminster.edu

unread,

Jun 16, 2000, 3:00:00 AM6/16/00

Admins,
Thanks go to Andy Cranston <Andy.C...@euphony.co.uk> and "Bob Vance"
<BVa...@sbm.com>
Summary: Andy's and Bob's replies dealt very well with the Class B database
setup and I think I have the named.boot and db.psych and db.10.20 setup fine.
Basically if you put
primary 10.20.in-addr.arpa db.10.20
Then the db.10.20 file contains lines something like this
187.1 IN PTR pc101.psych.westminster.edu.
54.1 IN PTR pc102.psych.westminster.edu.
If you have the following lines in named.boot
primary 10.20.187.in-addr.arpa db.10.20.187
primary 10.20.54.in-addr.arpa db.10.20.54
Then you would have two database files called db.10.20.187 and db.10.20.54
db.10.20.187 would contain the line
1 IN PTR pc101.psych.westminster.edu.
and db.10.20.54 would contain the line
1 IN PTR pc102.psych.westminster.edu.
Hope this will help someone else.
Ron
Replies:
***** Reply 1 from Andy ********
Hi Ron,

If I understand it you are in a situation similar to...

A domain called say "example.com". All the hosts will have an IP address in
the range:

10.20.XXX.XXX

For examples sake IP's have only so far been allocated to:

10.20.1.XXX
10.20.2.XXX
10.20.3.XXX

For this set up I would have the following FOUR DNS zone files:

db.example.com
db.10.20.1
db.10.20.2
db.10.20.3

The db.example.com file holds the forward lookups and other stuff like MX
records. The other 3 have only reverse lookup information.

Of course your named.[boot|conf] will load up all 4 zones files.

Now when you add a host you put the forward lookup in db.example.com and
then select the appropriate reverse lookup file to modify based on IP
address.

It's really just like maintaining three class C networks which share one
common forward lookup zone file. That's not a politically correct in DNS
speak but I hope it gets the idea across :-)

When you start to require more IP address and your existing ranges fill up
then pick up another "class C" range from the class B subnet like:

10.20.4.XXX

which will have a zone file named something like:

db.10.20.4

Now you will have a total of FIVE DNS zone files.

I think it is possible to have a zone file called:

db.10.20

with *all* the class B reverse lookups in it but it is uncommon and
difficult to manage in my opinion.

Note you can call your zone files whatever you like in the file system but
keeping to some sort of *sane* naming convention will make the set up easier
to diagnose and easier for other people to understand to boot!

Hope this helps.

You might want to take a look at some notes I've made on DNS:

http://www.rescript.fsnet.co.uk/unixdoc/dns/index.htm

Not much but better than nothing. Also checkout the much richer resources
at:

http://www.isc.org/products/BIND/
http://www.acmebw.com/

Regards,

Andy Cranston,
Euphony Communications.
***** Reply 2 from Andy ******
Hmmm,

Your stretching my knowledge a bit here but here goes...

For each server which is to be visible on the internet you will need a valid
IP address as assigned by (probably) your ISP.

Your firewall will probably have an ability called NAT - Network Address
Translation. This is a feature that maps, say the server called "fred" with
an IP of 10.20.180.22 on your internal network to the external (i.e.
internet) address of (for examples sake) 195.224.160.252 (don't use *this*
address - it belongs to Freeserve.com!).

You set up an external DNS server on the internet side of your firewall and
have this server resolve fred.yourdomain.com to 195.224.160.252. On the DNS
server internal to your LAN you set fred.yourdomain.com to resolve to
10.20.180.22.

Note that your external DNS server needs to be registered with the internet
authorities. I've never done this myself but your ISP should be able to
help. This will involve setting up a secondary of your external DNS server.
Most ISP's will be a secondary for you - change ISP's if they don't :-)

Now how do your internal hosts resolve internet addresses? Well one of the
simplest ways is to have your internal DNS server (which only knows about
local addresses) use the external DNS server (which knows about internet
addresses) as a forwarder. More simply you specify the address of the
external DNS server as a forwarder in the named.[boot|conf] file on your
internal DNS server.

You mentioned you have the DNS and BIND book - good! It's an essential for
this kind of stuff. Have you got edition 3? Actually edition 4 is being
worked on - perhaps it's out?

I hope this helps a little more.

If someone else manages the firewall have a chat with them. Also get in
touch with someone from your ISP and talk through your requirements.

All this networking seems very daunting at first (it did to me I can assure
you and many parts of it still do!) but it is rewarding when you work it out
and you get up and running.

Andy.

-----Original Message-----
From: ro...@unix1.psych.westminster.edu
[mailto:ro...@unix1.psych.westminster.edu]
Sent: 08 June 2000 15:12
To: Andy Cranston
Subject: RE: [HPADM] Class B addresses in reverse lookup file

Andy,
Thanks for your reply. It has helped me a lot. I do have two sets of IPs
10.20.180.x and 10.20.30.x The first is for my servers which are going to
be setup to be referenced by people outside the firewall by a specific
static ip. The second IP is for PCs inside the firewall and they will be
referncing the server by the 10.20.180.x. This leads me to another
question which has been buging me. I believe we need a DNS server outside
the firewall which would feed the outside information to the world that is
seperate from the inside DNS server which feeds the local 10.20.x.x
numbers to the local machines and also goes through the firewall to get
the IP's of yahoo.com, someuniv.edu, etc. for the local machines. Is my
analysis of this right? Are am I completely messed up on this one?
Thanks for the info.
Ron
***** Reply from Bob Vance ********
You can do it either way, but the "primary" statement domain
must match:

If named.boot has:
primary 10.10.in-addr.arpa named.atlsbmr_arw ; ##20000211jrv

then your data would have 2-digit PTR names

If named.boot has:
primary 72.10.10.in-addr.arpa named.atlsbmr_arw ; ##20000211jrv

then your data would have 1-digit PTR names

***** Original Message *******
Admins,
We are moving our network behind a fire wall and using the unroutable 10.x.x.x
and subnetting it to a class b network with 255.255.0.0 mask. I had a small
subnet before and am now going to be on the main network but maintain the DNS
server for our subdomain. psych.westminster.edu. This is to maintain our
webserver address we had for a long time. I have always done class c networking.
I at first though just replace the IP addresses with the new ones. I have a
question about the reverse domain database which had just the 4th number of the
ip address on a line like below.
1 IN PTR unix1.psych.westminster.edu.

This corresponded with the file name db.192.204.23 or 23.204.192.rev.
With the class B type address do I need to do it like this
1.2 IN PTR unix1.psych.westminster.edu.
in a reverse lookup database file called db.10.20 or 20.10.rev.
I have used O'Reillys DNS and Bind book but could not find an example of this
type of IP class B:

I am no expert on this and since I have only two servers don't change things
that much so any help would be appreciated.
I will summerize answer I receive.
Thanks.
Ron

--
---> Please post QUESTIONS and SUMMARIES only!! <---
To subscribe/unsubscribe to this list, contact majo...@dutchworks.nl
Name: hpux-...@dutchworks.nl Owner: owner-hp...@dutchworks.nl

Archives: ftp.dutchworks.nl:/pub/digests/hpux-admin (FTP, browse only)
http://www.dutchworks.nl/htbin/hpsysadmin (Web, browse & search)

------------- End Forwarded Message -------------

0 new messages