[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: delegating in-addr.arpa.



>
> (So much for changing the block to protect the innocent.  ;)
>

	whoops :)

> Yes, *but* this is one of those times when people using your primary
> nameserver as a recursive resolver will bite you in the ass.  If you
> do that, and you don't own the entire block, then anyone using you as
> a resolver will not be able to look up anything in that block (that
> you aren't doing DNS for anyway).
>

	that makes sense, and is what i feared. the nameserver is
	recursive and a lot of clients depend on it being so.

> If that's not a concern (in other words, if you've long since set your
> nameserver to be non-recursive), then go for it.  Otherwise, just run
> the following (modified appropriately, of course):
>
>     perl -e 'for ($n=0;$n<256;$n++) { print "$n\tIN\tNS\tns.foo.bar\n" }' \
>         >> /var/named/db.192.168.200
>

	so, setting an NS record for each individual ip address will
	work? that just seems bizarre.

> It's ugly, but it will work.
>
> Another alternative would be to use a wildcard, but the O'Reilly book
> seems to frown on that.  I'll admit that I'm not sure why, and I don't
> have the book handy to check.  Perhaps someone else would care to
> enlighten us...
>

	i do have the book, and i am not familiar with the wild card.
	the thing that confounds me is that oreilly seems to show in
	their book that you can do this with just a single NS record
	pointing to the class c space.
	they tuck it into their root zone of "."

	if anyone with the book wants to see what i am talking about, its
	on page 388 of the 3rd edition book under the title of, of all
	things, "in-addr.arpa delegation".

	thanks -cjm

-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.