On Mon, Jun 23, 2003 at 06:50:46PM +0200, Hans Wilmer wrote: > Having that zone, it seems to override anything that?s between > 193.158.67.0 and 193.158.67.255. This is what one would expect --- but > it?s not what I need. > > What I need is a way to restrict the above zone to *only* the IPs > listed in the zone file, i. e. to the range of our own addresses. How > can I do that?
What you describe is known as classless in-addr.arpa. delegations, and is described in RFC 2317. If you haven't already read it, it's probably a good idea to do so. It will give you a good idea of exactly how it is that reverse delegations on non-octet-boundaries work. Also install bind9-doc, which includes the BIND Administrator's Reference Manual (/usr/share/doc/bind9-doc/arm/). Read that. Basically, you don't want to set up a zone for 67.158.193.in-addr.arpa in named.conf, but rather for something like 64-71.67.158.193.in-addr.arpa. Googling for "bind classless in-addr.arpa" and related strings will likely answer your questions. If not, asking for help in comp.protocols.tcp-ip.domains might help. noah
pgp00000.pgp
Description: PGP signature