Creating reverse lookup zone with wider subnet mask

My Active Directory server is also a DNS server. Right now there is a reverse lookup zone of 192.16.172.in-addr.arpa which is fine for anything in the IP range of 172.16.192.0/24. However, I need a reverse lookup zone that can handle 172.16.192.0/21. How do I set this up?
LVL 21
Russ SuterAsked:
Who is Participating?
 
Russ SuterAuthor Commented:
Ultimately, none of these suggestions worked for me. I just created a separate reverse lookup zone for each IP range. It's not the prettiest but it did work and since my subnet only contains 8 different octets it's still manageable. I'd hate to do it on a class A subnet with a low bitmask though.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
When you are working with your Reverse Zones they are not slash notation specific (/24) by default, when you are using the NetworkID. You need to modify the Reverse Zone Name. So rather than using the NetworkID you need to use the Reverse Lookup Zone Name.

So for /21 Reverse notation should look like below...
2048/21.100.168.192.in-addr.arpa

You can also reference the MS KB below for additional details.
https://support.microsoft.com/en-us/kb/174419

Will.
0
 
matrix8086Commented:
If your range it will be from 172.16.192.0 to 172.16.199.255 (21 bits range) the reverse IP notation must be

192/21.16.172.in-addr.arpa

Best regards
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
Will SzymkowskiSenior Solution ArchitectCommented:
Matrix i do not believe you are correct. Based on the article it is

#ofhost/subnet.reverse ip
2048/21.192.16.172.in-addr.arpa

Will.
0
 
matrix8086Commented:
@Will: Where did you see that in the article??? Copy/paste from your article:

The syntax

Delegated subnetted reverse lookup zones can be used to transfer administrative control between any parent and child IN-ADDR.ARPA zone in the DNS. Common configurations involve an ISP (Parent) delegating to a Customer Site (Child) or a Corporate Headquarters (Parent) delegating to a Corporate Remote Site (Child). Because the ISP scenario is most typical, it will be used in the following example.

When creating classless reverse lookup zones, you may use notation such as the following:
<subnet>-<subnet mask bit count>.100.168.192.in-addr.arpa or

<subnet>/<subnet mask bit count>.100.168.192.in-addr.arpa or

<subnet>.<subnet mask bit count>.100.168.192.in-addr.arpa or

SubnetX<subnet>.100.168.192.in-addr.arpa (where X is the subnet number assigned by parent) or

<subnet>.100.168.192.in-addr.arpa
For example:
64-26.100.168.192.in-addr.arpa or

64/26.100.168.192.in-addr.arpa or

64.26.100.168.192.in-addr.arpa or

Subnet3.100.168.192.in-addr.arpa or

64.100.168.192.in-addr.arpa
This indicates that the subnetted reverse lookup zone is the 64 subnetwork that is using 26 bits for its subnet mask.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Take a look at the link below.  in a /26 configuration 64 is the available addresses that this network can support (its actually 62 available addresses because you do not use NetworkID and Broadcast address)
http://www.aelius.com/njh/subnet_sheet.html

Or am i reading this wrong?

Will.
0
 
matrix8086Commented:
Will:

In a /26 configuration there are 64 IP addresses. You are right!

In a /21 configuration there are 2048 IP addresses. You are also right!

But you are making a confusion: 64 from 64/26 does not means the number of IP addresses, but the "network address" (starting address) and it is referring at the first address, which it cannot be allocated to a host (network address and broadcast address - the last one - which cannot be used neither on hosts, as you said, only 62 can be used).

So, 64/26 is referring to 192.168.100.64 - network address from the pool 192.168.100.64 to 192.168.100.127 which can be noted as 192.168.100.64/26 an has the notation of PTR 64/26.100.168.192.in-addr.arpa for reverse DNS record.

Best regards!
0
 
Russ SuterAuthor Commented:
So this debate now has me confused. I'd like to restate my original question which is:

How do I create a Reverse Lookup Zone for the IP range 172.16.192.0/21?
0
 
Russ SuterAuthor Commented:
The bickering on this question got confusing. Ultimately I just gave up and figured a way around it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.