Friday 1 March 2013

BIND DNS: reverse delegation of IP range

Besides mapping domain name to IP address, DNS systems can also map IP address to domain name. Many applications rely on DNS reverse mapping to function properly.
NetBackup will throw error if reverse mapping is not setup or is setup incorrectly, email system also needs correct reverse mapping.

Suppose we have the whole range of IP addresses in 222.222.222.0/24, we can configure reverse mapping in named.conf:

zone "222.222.222.in-addr.arpa" {
    type master;
    file "222.222.222.rev";
};

If we only have part of the IP addresses in 222.222.222.0/24, suppose 222.222.222.64 to 222.222.222.91, the reverse mapping is called classless reverse delegation.

From 222.222.222.64 to 222.222.222.95 there are 30 usable addresses, plus the network and broadcast address, there are 32 addresses, 32 = 2^5, 8 x 4 - 5 = 27. so our IP range can be represented as 222.222.222.64/27

ISP should have defined reverse delegation in their reverse zone file:
64/27    IN    NS    ns.sg.linuxscripter.blogspot.com

Now we can define the reverse mapping for our IP range in our own named.conf:
zone "64/27.222.222.222.in-addr.arpa" {
    type master;
    file "64-95.222.222.222.rev";
};
Note: The domain name and IP addresses in this post are dummy ones, I use them for easier writing.

No comments:

Post a Comment