Classless Reverse Zones PTR Dig Format Issue

[Nagesh Thati]

Hello,
I have created a network with *199.192.0.0/11 * and
created 4 subnets with */13* mask in that network,
Network: *199.192.0.0/11  : 192.199.in-addr.arpa*,
Subnet1: *199.192.0.0/13  :
0-13.192.199.in-addr.arpa*,
Subnet2: *199.200.0.0/13  :
0-13.200.199.in-addr.arpa*,
Subnet3: *199.208.0.0/13  :
0-13.208.199.in-addr.arpa*,
Subnet4: *199.216.0.0/13  :
0-13.216.199.in-addr.arpa*.
I fallowed the *RFC 2317 to create CNAME and NS records* in parent zone
which is 192.199.in-addr.arpa
When I dig for a PTR for object *199.192.0.2* in below dig format,
#*dig @localhost -x 199.192.0.2 - GOT RESULT*
I am getting the answer, But, when I dig for object *199.200.255.202* in
below format not getting the answer,
#*dig @localhost -x 199.200.255.202 - NO RESULT*
But if I dig in specific format,
#*dig @localhost 202.255.0-13.200.199.in-addr.arpa PTR - GOT RESULT*

My Question is,
Can it be possible to *dig 199.200.255.202* object with *-x* using a *dig
command*, if yes, what changes needs to be done in the parent and child
reverse zones?

Thanks in advance,
Nagesh.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Advice for DNS reverse zones

[Bob Harold]

On Wed, Feb 6, 2019 at 1:03 PM Mik J via bind-users <
bind-users@lists.isc.org> wrote:

> Hello,
>
> I would like to know how do you manage reverse zones and the 10.x.x.x zone
> particularly.
>
> I can see three choices:
> - One global 10.in-addr.arpa zone
> - Many /24 zones 1.1.10.in-addr.arpa zone
> - Something in between
>
> One global zone:
> The problem is that I end having a very populated zone and if someone asks
> me to setup an acl or anything like that it has to be global.
> This solution might be the easiest but definatly not the best in terms of
> scalability
>
> Many /24 zones:
> The problem is that I end creating zones all the time or make them first
> in one go, so 65536 zones...
> And when someone has a /16 network I need to delete the 256 x /24 zones to
> make one single.
>
> What do you people do on your DNS servers ?
>
> And is it possible to make a 1.1.10.in-addr.arpa for the 16 first
> adresses (a /28 network) ?
>
> Regards
>

For ranges with few records, that don't need to be acl'ed or delegated, put
them in the 10.in-addr.arpa zone.
Any /16 that has a lot of records can be split off into its own
2.10.in-addr.arpa.
An if a /24 gets really busy, you can split it out 5.1.10.in-addr.arpa

There is no need to create all 256 /16's or all the /24's, just create them
as needed.

If having different sizes is too confusing, I suggest all /16's.

-- 
Bob Harold
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Advice for DNS reverse zones

[Tony Finch]

Mik J via bind-users  wrote:

> I would like to know how do you manage reverse zones and the 10.x.x.x
> zone particularly.

Our setup is peculiar :-) https://www.dns.cam.ac.uk/domains/reverse/ten.html

We basically set things up to reduce the number of zones we have to
manage, and the zones are populated from a database.

There's a longer explanation from a less parochial perspective here:
https://tools.ietf.org/html/draft-fanf-dnsop-rfc2317bis-01#section-8

Tony.
-- 
f.anthony.n.finchhttp://dotat.at/
Lundy, Fastnet: Cyclonic gale 8 to storm 10, becoming southwest 5 to 7. Rough
or very rough, occasionally high. Rain or thundery showers. Good, occasionally
poor.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Advice for DNS reverse zones

[Mik J via bind-users]

Hello,
I would like to know how do you manage reverse zones and the 10.x.x.x zone 
particularly.
I can see three choices:- One global 10.in-addr.arpa zone- Many /24 zones 
1.1.10.in-addr.arpa zone- Something in between
One global zone:The problem is that I end having a very populated zone and if 
someone asks me to setup an acl or anything like that it has to be global.This 
solution might be the easiest but definatly not the best in terms of scalability
Many /24 zones:The problem is that I end creating zones all the time or make 
them first in one go, so 65536 zones...And when someone has a /16 network I 
need to delete the 256 x /24 zones to make one single.
What do you people do on your DNS servers ?

And is it possible to make a 1.1.10.in-addr.arpa for the 16 first adresses (a 
/28 network) ?
Regards
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: zone change notification Response: Not implemented

[Tony Finch]

AL RSM  wrote:

> The faulty slave responded with: "Reply code: Not implemented (4)"

What software is it running? Is there a broken middlebox?

Tony.
-- 
f.anthony.n.finchhttp://dotat.at/
Southeast Iceland: Cyclonic 5 or 6 in south, otherwise easterly or
northeasterly 7 to severe gale 9. Very rough or high. Rain or sleet. Moderate
or poor.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users