Re: [NTISP] DNS Reverse Delegation

Preston Korn ( preston@jaycreek.com )
Fri, 30 Apr 1999 08:27:31 -0700

What would be the process to do this exact same thing with the primary
using Microsoft DNS and the customer using BIND?

Preston

At 02:34 AM 4/30/99 -0500, you wrote:
>At 02:04 PM 4/29/1999 -0600, you wrote:
>>How would you delegate a range of IP's, less than a class C, to another name
>>server? We have a customer down stream who wants to run his own Name server
>>within the range of his /27. Obviously we want to continue to have control
>>of the rest of the IP's in the class C he is part of.
>>
>>We are using Bind for NT.
>>
>>Thanks,
>>
>>Steve Coleman
>>Computer Solutions
>>
>>
>
>OK. Here's how to do it. You must delegate authority for reverse lookup on
>the subnet to your customer. Here's one way to do it (I'm sure there may be
>others, but this works quite well).
>
>Assume that the Class C is 207.236.110.0, and that you want to delegate a
>subnet of 32
>IP addresses starting at 207.236.110.128/27 (making the useable IPs from
>207.236.110.129 thru 207.236.110.158 -- 30 IPs).
>
>Also, assume that your customer's DNS servers are called:
>
>ns1.domain.com 207.236.110.129
>ns2.domain.com 107.236.110.130
>
>
>You enter the following into the db.207.236.110 zone file:
>
>129 IN CNAME 129.subnet128.110.236.207.in-addr.arpa.
>130 IN CNAME 130.subnet128.110.236.207.in-addr.arpa.
>131 IN CNAME 131.subnet128.110.236.207.in-addr.arpa.
>132 IN CNAME 132.subnet128.110.236.207.in-addr.arpa.
>133 IN CNAME 133.subnet128.110.236.207.in-addr.arpa.
>134 IN CNAME 134.subnet128.110.236.207.in-addr.arpa.
>.
>.
>.
>.
>158 IN CNAME 158.subnet128.110.236.207.in-addr.arpa.
>
>
>Then add the following lines to delegate the zone to your customer:
>
>subnet128.110.236.207.in-addr.arpa. 86400 IN NS ns1.domain.com.
>subnet128.110.236.207.in-addr.arpa. 86400 IN NS ns2.domain.com.
>
>
>Then, your customer creates a zone file that looks like this:
>
>
> File: db.207.236.110.subnet128
> Purpose: This file establishes the address-to-name lookup
> information for this zone.
>
>
>@ IN SOA ns1.domain.com. hostmaster.domain.com. (
> 199904001 ; serial number
> 3600 ; refresh every hour
> 900 ; retry after 15 minutes
> 604800 ; expire after 1 week
> 172800) ; default ttl is 2 days
>
>
>=====> name servers
>
>IN NS ns1.domain.com.
>IN NS ns2.domain.com.
>
>
>
>-----> Addresses point to canonical name
>
>129 IN PTR ns1.domain.com.
>130 IN PTR ns2.domain.com.
>131 IN PTR host3.domain.com.
>132 IN PTR host4.domain.com.
>133 IN PTR host5.domain.com.
>134 IN PTR host6.domain.com.
>.
>.
>.
>.
>159 IN PTR host30.domain.com.
>
>
>Then, in your customer's primary DNS named.boot file, add this line:
>
>primary subnet128.110.236.207.in-addr.arpa db.207.236.110.subnet128
>
>
>And, in your customer's secondary DNS named.boot file, add this line:
>
>secondary subnet128.110.236.207.in-addr.arpa 207.236.110.129
>db.207.236.110.subnet128
>
>
>Reload the databases on the servers, and everything should just work. Your
>customer can now change the hosts that the IPs are pointed at, change the
>host names, etc., and the reverse lookup just works.
>
>We delegate reverse lookup on subnets for our clients who want it all the
time.
>
>Hope this helps.
>
>Regards,
>
>Randy
>
>Randy Martin
>President
>Austin Internet
>512-485-7977
>http://www.austintx.net/
>
>
________________________________________________________
Preston Korn Jay Creek Productions
preston@jaycreek.com http://www.jaycreek.com
4401 E. Butler Ave. Flagstaff, AZ 86004
520-526-5069 520-526-5445 FAX
-----------------------------------------------------------------------
Multimedia and Internet Development
Management and Consultation
"When you want to do it right the first time."