Why are the reverse Zone files in Bind split by octets instead of subnets?
This is what I would expect to see:
subnets: 172.0.208/22 10.0.2.0/25 10.0.2.128/25host# ls /path/to/zone/files 208.0.172.in-addr.arpa 0.2.0.10.in-addr.arpa 18.104.22.168.in-addr.arpa
A query for 22.214.171.124 will be for a record at
126.96.36.199.in-addr.arpa, which isn’t under the
208.0.172.in-addr.arpa zone. This is also why you can’t have a reverse DNS delegation for a subnet smaller than /24, either; there’s no ability or logic in the DNS standard to “split” the delegations for these zones into smaller chunks.
DNS serves name data; it has no special logic built around serving data for subnets, so the standard for reverse zones conforms to the “DNS-looking” format of the dot-separated numbers.
Leave a comment
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?
- Can Windows RDC admin users be immune from being kicked?
- Domain Administrators account policy (After PCI audit)