Solved

Reverse zone for a /21 ?

Posted on 2008-06-09
11
215 Views
Last Modified: 2010-04-21
Hello everybody,

I have a /21 PI address space .. which I'll soon get master access for ( tomorrow or so ) and I was wondering how would the zone file for ISC's bind/named would look like for a /21 (reverse entries)..  the config file...

Thanks in advance.
0
Comment
Question by:michaeljohn00
  • 6
  • 5
11 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 21749573

Reverse Lookup Zones are Classful only, if it's a Private IP Range you'd be better served by adding a /16 zone. If you wish to split it you'd have to create /24's for each member of the /21.

Any reference to Classless is for Classless delegation which is possible, but is more of a work-around within Classful zones.

HTH

Chris
0
 

Author Comment

by:michaeljohn00
ID: 21749987
So I'll have to add 7 /24 zones for each class in the 21 ?

zone "t.b.a.in-addr.arpa" {
        type master;
        notify no;
        file "zone/a.b.t.zone";
};

zone "u.b.a.in-addr.arpa" {
        type master;
        notify no;
        file "zone/a.b.u.zone";
};

zone "v.b.a.in-addr.arpa" {
        type master;
        notify no;
        file "zone/a.b.v.zone";
};

zone "w.b.a.in-addr.arpa" {
        type master;
        notify no;
        file "zone/a.b.w.zone";
};

.... ?
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21750042

Afraid so, yes. Unless you go up and add the single /16 (b.a.in-addr.arpa).

Chris
0
 

Author Comment

by:michaeljohn00
ID: 21750122
any disadvantages if I go to a B class ?
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21750169

It makes your DNS server authoritative for the /16 range, that may be a problem if you need to resolve addresses outside of the scopes you've posted above.

If you don't have any other ranges then it's not a problem.

Chris
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:michaeljohn00
ID: 21750207
no, I'll only need to resolve for my /21 .. I'm not authoritative for any others.
0
 

Author Closing Comment

by:michaeljohn00
ID: 31465600
Thanks again.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21750235

Hmm then it's probably best to add them as /24 zones. Less chance of something going wrong.

The disadvantage of that is it's more effort to manage.

Chris
0
 

Author Comment

by:michaeljohn00
ID: 21750254
Neah, I'll just have to add them once .. I don't plan changing the ptrs daily ! :) I can easily make a shell script or something to generate all the files and stuff ..

how would the container of the zone look like ?

--- got from tldp's dns how to... how should ns.linux.bogus & master.linux.bogus. look like here ?

$TTL 3D
@       IN      SOA     ns.linux.bogus. hostmaster.linux.bogus. (
                        199802151 ; Serial, todays date + todays serial
                        8H      ; Refresh
                        2H      ; Retry
                        4W      ; Expire
                        1D)     ; Minimum TTL
                NS      ns.linux.bogus.

1               PTR     gw.linux.bogus.
2               PTR     ns.linux.bogus.
3               PTR     donald.linux.bogus.
4               PTR     mail.linux.bogus.
5               PTR     ftp.linux.bogus.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21750449

That all looks fine, the NS records are perfect :)

Chris
0
 

Author Comment

by:michaeljohn00
ID: 21751689
might be .. but .. --- got from tldp's dns how to.
. how should ns.linux.bogus & master.linux.bogus. look like here ?
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now