• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 842
  • Last Modified:

DNS bind, adding sub-netted reverse look up zones

Hi,

Could any one tell me how to add a single reverse look up zone in Red hat for a /19 network

I know you can add multiple /24 class-full subnets. but I also know you can add variable length subnets.

so could any one point me in the direction of the correct syntax for RedHAT?

Cheers
0
Aaron Street
Asked:
Aaron Street
  • 6
  • 4
2 Solutions
 
Jordan MedlenCommented:
http://www.indelible.org/ink/classless/

This should show you how to configure bind for VLSM.
0
 
Aaron StreetInfrastructure ManagerAuthor Commented:
I have tried the standard

zone "0/19.x.x.x.in-addr.arpa" {
type master;
file "zone.0-19.x.x.x.in-addr.arpa";
allow quesy { any; };
};

and it loads OK but does not seem to catch any thing.
0
 
Jordan MedlenCommented:

zone "0/19.x.x.x.in-addr.arpa" {
type master;
file "zone.0-19.x.x.x.in-addr.arpa";
allow quesy { any; };
};

One problem I see with the above is in bold.

Should be like...

allow-query { 127.0.0.1; net; };
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Aaron StreetInfrastructure ManagerAuthor Commented:
that "any" works fine for our other reverse zones
0
 
Jordan MedlenCommented:
The "any" isn't just what I was referring to. If you're configuration is "allow quesy {..." from a copy/paste, it is typo'd, and therefore wont do anything for you. Should be "allow-query {..." in your bind configuration.
0
 
Aaron StreetInfrastructure ManagerAuthor Commented:
sorry missed that, that was a typo in to the forum though :)

allow-query {.....

is on the server
0
 
Aaron StreetInfrastructure ManagerAuthor Commented:
Dispit trying a few different syntaxes I just can't get it to work.
0
 
Jordan MedlenCommented:
I have looked around at other sites to see if I can find anything different, and all signs point to this working. I will keep looking.
0
 
Aaron StreetInfrastructure ManagerAuthor Commented:
I came across some thing that says it only work for /24 - /30. ie subnets of a class C.

for larger sub-nets the ISP has to delegate a subset of a class B say, and then the customer advertise the entire class B back up.

In this was the ISP will only forward request that you own for your section of the class B.

Now I checked with our ISP and they will only forward these request to us so I can get away with using

18.172.addr-in.arpa

for example, with out worring about affecting any one upstream by answering some thing that does not belong to me.

Seems strange but this was the only documentation i could find about a /19 reverse lookup zone.
0
 
Aaron StreetInfrastructure ManagerAuthor Commented:
Thank you for all the help, but reserching further and it does seem you can only use the subnet mask on subsets of a class C network, no swhere have I found any thing to show examples of class B or above
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now