DNS -- reverse zone delegation on a CIDR subnet - Networking

This is a discussion on DNS -- reverse zone delegation on a CIDR subnet - Networking ; Hello Again, Friends! I am running BIND9 on Debian Linux 3.1 on a Dell Dimension 4100 desktop. I need some help getting conceptual clarity on reverse zone delegation. The terms "registration" and "delegation" seem to be used interchangeably in the ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: DNS -- reverse zone delegation on a CIDR subnet

  1. DNS -- reverse zone delegation on a CIDR subnet

    Hello Again, Friends!

    I am running BIND9 on Debian Linux 3.1 on a Dell Dimension 4100
    desktop.

    I need some help getting conceptual clarity on reverse zone
    delegation.

    The terms "registration" and "delegation" seem to be used
    interchangeably in the literature. Do they mean the same thing, or
    are they different?

    The forward zone delegation for my domain is taken care of by the
    registrar of my domain (Lunarpages).

    However, I believe the delegation of the reverse zone has to be done
    by my ISP (different from the domain registrar, in my case).

    Is that correct?

    To date, my ISP (RCN, which holds a monopoly in our building) has not
    been helpful. (They wouldn't even tell me the static IP address that
    I'm paying them for until I called their Department of Corporate
    Escalations.) Consequently, I don't want discuss reverse zone
    delegation with them until I have a pretty good understanding of what
    I need them to do.

    I have a static IP address from my ISP (RCN) which has provided me
    with the following address information:

    static IP address: 207.237.37.110
    netmask: 255.255.255.224
    network: 207.237.37.96
    broadcast: 207.237.37.127
    gateway: 207.237.37.97
    ns1.dns.rcn.net: 207.172.3.8
    ns2.dns.rcn.net: 207.172.3.9

    An ARIN database search shows that 207.237.37.96 is a subnet of
    of the CIDR network 207.237.0.0/16:

    http://ws.arin.net/whois/?queryinput=207.237.37.96

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Here is the current delegation of my reverse zone (querying not my own
    nameserver but RCN's):

    %nslookup –type=any 207.;237.37.110 ns1.dns.rcn.net

    Server: ns1.dns.rcn.net
    Address: 207.172.3.8#53

    Non-authoritative answer:
    110.37.237.207.in-addr.arpa name = 207-237-37-110.c3-0.nyr-
    ubr2.nyr.ny.static.cable.rcn.com.

    Authoritative answers can be found from:
    37.237.207.in-addr.arpa nameserver = auth4.dns.rcn.net.
    37.237.207.in-addr.arpa nameserver = auth2.dns.rcn.net.
    37.237.207.in-addr.arpa nameserver = auth3.dns.rcn.net.
    37.237.207.in-addr.arpa nameserver = auth1.dns.rcn.net.
    auth1.dns.rcn.net internet address = 207.172.3.20
    auth2.dns.rcn.net internet address = 207.172.11.14
    auth3.dns.rcn.net internet address = 207.172.3.21
    auth4.dns.rcn.net internet address = 207.172.3.22
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    All the material I have read on DNS configuration ("DNS and BIND",
    "Linux System Administration") starts from the assumption that you
    have authority delegated for a whole subnet. The subnet is identified
    in named.conf, and the hosts within the subnet are identified in PTR
    records in the reverse zone file. I don't have a subnet -- just a
    static IP address on a subnet that my RCN is operating. RCN is not
    going to delegate the whole subnet to me., so I don't know how I would
    handle this case.

    From reading the DNS HOWTO http://tldp.org/HOWTO/DNS-HOWTO-5.html
    ("You've Got a Classless Subnet"), I learned that configuring a
    reverse lookup for a classless subnet is tricky, and that my ISP may
    not know how to do it. Unfortunately, the hyperlink "Ask Mr. DNS"
    http://www.acmebw.com/askmrdns/00007.htm which is supposed to explain
    how to configure a reverse lookup for a classless subnet is broken, so
    I can't read what appears to be very important material on this topic.

    Does anyone happen to have access to the contents of "Ask Mr. DNS"?
    Alternatively, is there another source on this topic?

    Thanks, as always, for your insights.

    Best Regards,

    Vwaju
    New York City

  2. Re: DNS -- reverse zone delegation on a CIDR subnet

    Vwaju wrote:
    > I need some help getting conceptual clarity on reverse zone
    > delegation.


    > The terms "registration" and "delegation" seem to be used
    > interchangeably in the literature. Do they mean the same thing, or
    > are they different?


    Probably different, but like many words they can mean only what the
    writer intends them to mean[*].


    > The forward zone delegation for my domain is taken care of by the
    > registrar of my domain (Lunarpages).


    > However, I believe the delegation of the reverse zone has to be done
    > by my ISP (different from the domain registrar, in my case).


    Yes, that's correct. Your ISP "owns" the IP address space that you're
    using, so it's up to them to create the rDNS entry for you.


    > I have a static IP address from my ISP (RCN) which has provided me
    > with the following address information:


    > 110.37.237.207.in-addr.arpa name = 207-237-37-110.c3-0.nyr-
    > ubr2.nyr.ny.static.cable.rcn.com.


    Start with your preferred canonical forward DNS entry for your
    server. Maybe it's server.manhattanhandyman.com.

    Then you go to your ISP and say something along the lines of,
    "please create an rDNS entry for my static IP, 207.236.37.110, of
    server.manhattanhandyman.com. Here's the proof that I own that domain..."

    You won't get (and shouldn't expect) delegation for a single IP address,
    but you should be able to get them to create you an rDNS entry.

    What you then do with your local DNS server is entirely up to you.
    Personally I use gw.roaima.co.uk as a reference to my external IP address,
    and everything else from my internal DNS refers to the 192.168.* networks
    that I use internally. This means that (e.g.) www.roaima.co.uk resolves to
    an internal address, whereas if you query it you'll see a public address.

    Chris
    [*] attributed to Humpty Dumpty

+ Reply to Thread