Menu
▾
▴
Re: [webmin-l] Reverse DNS CIDR additions.
|
From: Grant P. <gp...@th...> - 2006-11-28 13:53:48
|
Thanks Kris,
As it turns out, my upline provider does not use the RFC2317.
However, as long as I have recusion turned off in bind, (and I do), and I
use authoritive nameserver only for reverse, I can use the /24 arpa zone, as
somehow they map my specific CIDR address to me.
I have tested and it does work.
I notice when I setup and delete a zone in webmin, there is the option of
'Update reverse in other zones". I am hoping this really says: When you add
or delete (for example) a zone:
mydomain.ext ip 1.2.3.4,
it will update (add or delete the line)
4 PTR mydomain.ext.
in the arpa zone:
3.2.1.in-addr.arpa
Is this correct?
-Grant
----- Original Message -----
From: "Kris Deugau" <kd...@vi...>
To: "Webmin users list" <web...@li...>
Sent: Monday, November 27, 2006 12:42 PM
Subject: Re: [webmin-l] Reverse DNS CIDR additions.
> Grant Peel wrote:
>> It is time I canged my reverse DNS setup to the mainstream way of doing
>> things.
>
> It looks like you're already set up using one method for classless rDNS
> delegation. Is there any particular reason you'd like to make a change?
>
>> Can anyone walk me through a setup for a single zone, using the webmin
>> interface, for a CIDR block?
>>
>> Network:
>> 216.187.107.192 / 27
>>
>> My Usable IPs:
>> 196-222
>>
>> Yes, my ISP has delegated my nameservers for reverse (I am already doing
>> reverse on these IPs, using a single zone for each IP).
>
> OK, the change you want to make is a different manner of delegating CIDR
> rDNS. What you have right now is the setup where the upstream
> delegation is done via NS records for each IP delegated, resulting in
> one zone per IP on your side.
>
> The other method uses sets of CNAMEs pointing into a new zone, eg for
> 192.168.1.0/27: (Assuming you're using BIND, only showing actual zone
> data)
>
> Upstream 1.168.192.in-addr.arpa. zone includes:
>
> 2 IN CNAME 2.0-27.1.168.192.in-addr.arpa.
> 3 IN CNAME 3.0-27.1.168.192.in-addr.arpa.
> ...
> 29 IN CNAME 29.0-27.1.168.192.in-addr.arpa.
> 30 IN CNAME 30.0-27.1.168.192.in-addr.arpa.
>
> ("Usable IPs" in a netblock are *usually* "netnum plus two" through to
> the second-last IP in the block; most setups I've met use the "netnum
> plus one" as the router, and the highest IP as the broadcast. If you
> really only have 196-222 as usable, then your upstream is doing odd
> things and "stealing" two more IPs from your netblock.)
>
> There would then also be suitable NS records entered in the upstream
> 1.168.192.in-addr.arpa. zone:
> 0-27 IN NS ns1.yoursystem.com.
> 0-27 IN NS ns2.yoursystem.com.
>
> You would then set up a zone 0-27.1.168.192.in-addr.arpa., with suitable
> records for each IP:
>
> 2 IN PTR your-rdns-2.yoursystem.com.
> 3 IN PTR your-rdns-3.yoursystem.com.
> ... etc.
>
> The details of how this is implemented vary from ISP to ISP (in
> particular, the name of the actual delegated zone may be just about
> anything, and the CNAMEs pointed *to* can follow quite a few possible
> patterns); there is no "one right way", but the general concept of
> using CNAME pointers from the "real" zone into your delegated zone
> applies.
>
> Note that this is **NOT** just a change on your end; this also requires
> your ISP to change how they delegate the rDNS to you! If you've already
> got something up and running, I'd say you're better off leaving that in
> place. If you can convince your upstream provider to change things,
> you'll have to get details of how they implement this from them.
>
>> I have read, and sorta understand the RFC's and Have gone through Joe's
>> book on this a few times, now just looking for a working example to tie
>> off the loose ends.
>
> If you've got specific questions, ask away. Like I noted above,
> however, making this change *will* require you to consult your provider
> to find out how (or even if) they'll delegate rDNS this way - it's not
> just a change on your system.
>
> rDNS is so much easier when you can delegate along /24 divisions. <g>
>
> -kgd
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share
> your
> opinions on IT & business topics through brief surveys - and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> -
> Forwarded by the Webmin mailing list at
> web...@li...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-list
>
>
|
