[Herefordshire] I am in a real bind!!!

Andrew Hodgson andrew.hodgson at allpay.net
Wed Jun 22 08:55:38 BST 2005



-----Original Message-----
From: herefordshire-bounces at mailman.lug.org.uk
[mailto:herefordshire-bounces at mailman.lug.org.uk] On Behalf Of Mark
Broadbent
Sent: 21 June 2005 22:54
To: Herefordshire Linux Users Group.
Subject: Re: [Herefordshire] I am in a real bind!!!

>Hi Andrew,

>On Tue, 2005-06-21 at 08:58 +0100, Andrew Hodgson wrote:
>> Hi,
>> 
>> I am wondering whether any of you on the list can help me with a bit of a
>> DNS quandary I am in.
>> 
>> I am going on broadband tomorrow and my ISP has given me an IP block
>> 81.2.105.208/28.  I have to host PTR records on my DNS server using the
>> subnetted style 208-223.105.2.81.in-addr.arpa. - this is fine.  The ISP
host
>> the zone 105.2.81.in-addr.arpa (or most of it), and have created CNAME
>> records pointing to the subnetted zone, listing my public nameserver as
the
>> primary for the subnetted zone.

>It should be possible to create the 208-223 zone in your dns setup to
>place your PTR information and (by virtue of a zone not being in your
>local configuration) let other hosts be resolved externally.

This isn't what I did in the end, but it would have worked.  As I said I am
using classless delegation, hence the cname records.  My idea was to create
the zone as discussed and let the nameserver resolve the root records back
to my cname, then it would be able to pick up the local copy of the zone.
However, one catch to this is if you are not connected to the Internet, you
loose the RDNS capabilities if you don't have the relevant data in the
cache.

>> However, I run a split horizon DNS setup with the public information on
one
>> server and LAN-specific information on the other.  This is mainly because
>> our lan uses the subdomain ad.hodgsonfamily.org.  I host the records on
both
>> on two completely different instances.

>If your running a split dns, can you not configure the internal DNS
>server to forward requests onto the external server that it cannot
>resolve (ie. external addresses), it should be a simple matter of
>inserting a forwarder statement in the configuration (if your using
>bind9).

This is sort of what I did.

Create the super zone 105.2.81.in-addr.arpa, create my records, then forward
everything else onto the ISP using the $generate statement - it now works.


>> The issue I have is I want to create the reverse zone for inside my LAN,
but
>> here I have an issue, as if I created 105.2.81.in-addr.arpa, the rest of
>> that zone (i.e, for IP addresses I don't own) are not being resolved
since
>> the DNS server can pick up the zone locally.  If I create the subnetted
>> zone, there would be no CNAME records in the parent to get resolution
>> working.

>I'm a little confused about your usage of CNAME here.  IIRC a CNAME is
>used to point to an A or another CNAME record when performing forward
>lookups (name to IP).  When performing reverse DNS there is only PTR
>records to tie the *.in-addr.arpa IP addresses to a name.  
>Correct me if I'm wrong but do you mean that you are the authoritative
>nameserver for these PTR records?  In fact (answering my own question) I
>know you are, try:

No, the actual DNS servers are primary-dns.co.uk and secondary-dns.co.uk,
they host cname records for the classless delegation.  Since my range is not
within a subnet boundary, the whole subnet cannot be delegated to my
servers, so the ISP creates the records like so:

Zone 105.2.81.in-addr.arpa
[other data on other IP addresses I don't own)
208	in	cname	208.208-223.105.2.81.in-addr.arpa.
209	in	cname	209.208-223.105.2.81.in-addr.arpa.
[...]
223	in	cname	223.208-223.105.2.81.in-addr.arpa.
208-223.105.2.81.in-addr.arpa	in	ns	Elrond.hodgsonfamily.org.
208-223.105.2.81.in-addr.arpa	in	ns	secondary-dns.co.uk.

[sorry for the mess of the formatting].

If anyone wants to see examples of what I did I will try and dig them out.

Thanks.
Andrew.


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

allpay.net Limited, Fortis et Fides, Whitestone Business Park, Whitestone, Hereford, HR1 3SE. Telephone: 0870 243 3434, Fax: 0870 243 6041. Website: www.allpay.net Email: enquiries at allpay.net




**********************************************************************



More information about the Herefordshire mailing list