Bind Zones split by octet
Why are the reverse Zone files in Bind split by octets instead of subnets?
This is what I would expect to see:
subnets:
172.0.208/22
10.0.2.0/25
10.0.2.128/25host# ls /path/to/zone/files
208.0.172.in-addr.arpa
0.2.0.10.in-addr.arpa
128.2.0.10.in-addr.arpa
A query for 172.0.209.1 will be for a record at 1.209.0.172.in-addr.arpa, which isn’t under the 208.0.172.in-addr.arpa zone. This is also why you can’t have a reverse DNS delegation for a subnet smaller than /24, either; there’s no ability or logic in the DNS standard to “split” the delegations for these zones into smaller chunks.
DNS serves name data; it has no special logic built around serving data for subnets, so the standard for reverse zones conforms to the “DNS-looking” format of the dot-separated numbers.
Check more discussion of this question.
Related posts:
Leave a comment
Recent Posts
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?
- Can Windows RDC admin users be immune from being kicked?
- Domain Administrators account policy (After PCI audit)
Tags
active-directory
amazon-ec2
apache
apache2
backup
bash
centos
cisco
command-line
debian
dns
email
exchange
firewall
iis
iis7
iptables
linux
macosx
monitoring
mysql
networking
nginx
performance
permissions
php
postfix
raid
security
sql-server
sql-server-2005
sql-server-2008
ssh
ssl
ubuntu
unix
virtualization
vpn
webserver
windows
windows-7
windows-server-2003
windows-server-2008
windows-server-2008-r2
windows-xp