6.4.1 Problem
You want to delegate responsibility for reverse-mapping a network's IP addresses to a set of name servers, but the network mask or subnet mask doesn't fall on an octet boundary.
6.4.2 Solution
Determine how many reverse-mapping zones correspond to the network. Here's a table to show you how many you'll have.
Size of network |
Number of reverse-mapping |
---|---|
/9 |
128 reverse-mapping zones such as 2.1.in-addr.arpa |
/10 |
64 "" |
/11 |
32 "" |
/12 |
16 "" |
/13 |
8 "" |
/14 |
4 "" |
/15 |
2 "" |
/17 |
128 reverse-mapping zones such as 3.2.1.in-addr.arpa |
/18 |
64 "" |
/19 |
32 "" |
/20 |
16 "" |
/21 |
8 "" |
/22 |
4 "" |
/23 |
2 "" |
/25-32 |
See Section 6.5 |
For example, say your network is 10/8 and you want to delegate the reverse-mapping zones for the subnet 10.192/10 to your European subsidiary's name servers. That subnetwork corresponds to 64 reverse-mapping zones, from 192.10.in-addr.arpa to 255.10.in-addr.arpa. That's a lot of delegation to add to the 10.in-addr.arpa zone data file: if each zone has two name servers, that's 128 NS records!
BIND name servers give you a shortcut, though. You can use the $GENERATE control statement to add a group of records that differ only by a number. For example, if your European subsidiary's name servers are called ns1.eu.corp.example and ns2.eu.corp.example, you could delegate all 64 reverse-mapping zones to them with just these two $GENERATE control statements:
$GENERATE 192-255 $ NS ns1.eu.corp.example. $GENERATE 192-255 $ NS ns2.eu.corp.example.
6.4.3 Discussion
Unfortunately, there's no corresponding way to generate the zone statements you'll need on the name servers the zones are delegated to. You'd need a full 64 zone statements in each name server's named.conf file.
6.4.4 See Also
Section 6.5 for handling networks smaller than a /24, and "Subnetting on a Non-Octet Boundary" in Chapter 9 of DNS and BIND.
Getting Started
Zone Data
BIND Name Server Configuration
Electronic Mail
BIND Name Server Operations
Delegation and Registration
Security
Interoperability and Upgrading
Resolvers and Programming
Logging and Troubleshooting
IPv6