[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: delegating in-addr.arpa.
>
> (So much for changing the block to protect the innocent. ;)
>
whoops :)
> Yes, *but* this is one of those times when people using your primary
> nameserver as a recursive resolver will bite you in the ass. If you
> do that, and you don't own the entire block, then anyone using you as
> a resolver will not be able to look up anything in that block (that
> you aren't doing DNS for anyway).
>
that makes sense, and is what i feared. the nameserver is
recursive and a lot of clients depend on it being so.
> If that's not a concern (in other words, if you've long since set your
> nameserver to be non-recursive), then go for it. Otherwise, just run
> the following (modified appropriately, of course):
>
> perl -e 'for ($n=0;$n<256;$n++) { print "$n\tIN\tNS\tns.foo.bar\n" }' \
> >> /var/named/db.192.168.200
>
so, setting an NS record for each individual ip address will
work? that just seems bizarre.
> It's ugly, but it will work.
>
> Another alternative would be to use a wildcard, but the O'Reilly book
> seems to frown on that. I'll admit that I'm not sure why, and I don't
> have the book handy to check. Perhaps someone else would care to
> enlighten us...
>
i do have the book, and i am not familiar with the wild card.
the thing that confounds me is that oreilly seems to show in
their book that you can do this with just a single NS record
pointing to the class c space.
they tuck it into their root zone of "."
if anyone with the book wants to see what i am talking about, its
on page 388 of the 3rd edition book under the title of, of all
things, "in-addr.arpa delegation".
thanks -cjm
-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.