I'm not recommending any of this, but you did ask if is was possible...

Is it your /16? Want 1 file for the /20 for some department or division?

As an example suppose you are working in the file for 10.66/16 and needed to
delegate the 10.66.32/20 block

You could keep those 4096 entries in a seperate file that there is an
INCLUDE for in the /16's file.

An entry for 10.66.37.25 would look like:

25.37    ptr    snoopy.hot.dog.org.

I think it us uglier than the /24 delegations, but this has delegations at
all - all of the /20's entries are IN the /16 file (or sucked in via
INCLUDE).

To delegate the WHOLE block so someone else can maintain the ptr records in
one file, you could  put all 4096 entries in the /16  as CNAMEs pointing to
names in a zone in or out of in-addr.arpa space but dedicated to handle all
4096 entries. See RFC-2317 for the basic concept and examples using
in-addr.arpa space.

If you wish to keep the .prt records out of in-addr space, try adding these
4096 seperate entries in the /16's  file:

0.32    cname    rev-10-66-32-0.rev-my-20.fool.net.
1.32    cname    rev-10-66-32-1.rev-my-20.fool.net.
...
255.32    cname    rev-10-66-32-255.rev-my-20.fool.net.
0.33    cname    rev-10-66-33-0.rev-my-20.fool.net.
1.33    cname    rev-10-66-33-1.rev-my-20.fool.net.
...etc.
255.33    cname    rev-10-66-33-255.rev-my-20.fool.net.
... down to
255.47    cname    rev-10-66-47-255.rev-my-20.fool.net.

And then in the rev-my-20.fool.net zone each of the 4096 addresses is done
as follows:

rev-10-66-37-25    ptr    snoopy.hot.dog.org.
rev-10-66-37-26    ptr    piglett.cold.cat.net.

It is wise to have the nameserver for the /16 at least secondary the
rev-my-20.fool.net zone. Some folks use lesserslush products.

You can obviously just cname them all into the fool.net zone itself if you
don't need a seperate file for ptr records, and equally easily, these
address could be cnamed  into 4096 totally different zones if you want to
delegate a the /32 level. The point of RFC-2317 was delegation on non-octet
aligned boundaries so you don't have to slice on nice CIDR block boundaries.
Start and end where you want.

Obviously have a script to the work.

--- Original Message -----
From: "Michael Loftis" <mloftis@...>
To: <isp-dns@isp-dns.com>
Sent: Thursday, November 21, 2002 4:00 PM
Subject: [isp-dns] Re: Reverse delegation


> *This message was transferred with a trial version of CommuniGate(tm) Pro*
> mmm yes and no.
>
> You can but you'll break things for anyone else in your /16.  If a host
> reverses for something in you range of /20 they'll think you're
> authoritative for the entire /16, and thus query you for things you're not
> authoritative for.
>
> The only way to do it right is multiple zones unless you have the whole
/16.
>
> On sort of the same topic you can use the $GENERATE statement to make it
> easier to produce the individual files (Assuming you're using BIND8 or 9)
> -- http://www.isc.org/products/BIND/docs/bind8.2_master-file.html for more
> info.
>
> --On Thursday, November 21, 2002 3:21 PM -0500 Chris Saunders
> <listacct@...> wrote:
>
> > Hello all....
> >
> > I am wondering if you can setup a reverse zone for a /20 without
multiple
> > zone files for each /24. And how if you can =)
> >
> > Thanks
> >
> >
> >




>
>
>




>

Replies

[isp-dns] Reverse delegation, Chris Saunders

[isp-dns] Re: Reverse delegation, Michael Loftis