Reverse records in /22 network

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Reverse records in /22 network

Cuttler, Brian (HEALTH)
I have dynamic dhcp and DNS in production now, but think that I may have left something out.

Machines register in DHCP, and I see A and PTR records appear in DNS.

However, I'm using a /22 address space, 10.57.36-39.0 and I only declared a single pointer database

Zone "36.57.10.in-addr.arpa." in {
Type slave;
Masters {xx.xx.xx.xx};
File "db.esp122-ptr";
};

And I now wonder if I don't also need tables for 37.57.10.in-addr.arpa and 38 and 39 as well. And then how to properly declare in dhcpd.conf.

Thanks for your help, not easy to google this question...

Brian

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: Reverse records in /22 network

Simon Hobson
"Cuttler, Brian (HEALTH)" <[hidden email]> wrote:

> Machines register in DHCP, and I see A and PTR records appear in DNS.
>
> However, I'm using a /22 address space, 10.57.36-39.0 and I only declared a single pointer database
>
> Zone "36.57.10.in-addr.arpa." in {
> Type slave;
> Masters {xx.xx.xx.xx};
> File "db.esp122-ptr";
> };
>
> And I now wonder if I don't also need tables for 37.57.10.in-addr.arpa and 38 and 39 as well.

Yes you do. Any mask shorter than 24 bits is OK - you just have multiple reverse zones (unless the mask is 8 or 16 bits long). It's only when you have a mask longer than 24 bits that things become more difficult.

> And then how to properly declare in dhcpd.conf.

Just declare zones for the extra three zones in the DNS - the same as the one I assume you already have declared for 36.57.10.in-addr.arpa
Actually dhcpd will work out the right server to update is all the delegation is done correctly - ie a lookup on the SOA for (eg) 36.57.10.in-addr.arpa returns the correct master server. You only need to define zones to either a) provide a key for secure updates, or b) of the DNS isn't setup correctly and you need to tell dhcpd where to send updates.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

RE: Reverse records in /22 network

Cuttler, Brian (HEALTH)
Simon,

So add 3 new stanzas, and let the server create three new ptr files, by changing the name of the "file" in the stanza, or if I leave one file, will it add "origin" information to the file for me?

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of Simon Hobson
Sent: Thursday, March 19, 2015 12:10 PM
To: Users of ISC DHCP
Subject: Re: Reverse records in /22 network

"Cuttler, Brian (HEALTH)" <[hidden email]> wrote:

> Machines register in DHCP, and I see A and PTR records appear in DNS.
>
> However, I'm using a /22 address space, 10.57.36-39.0 and I only
> declared a single pointer database
>
> Zone "36.57.10.in-addr.arpa." in {
> Type slave;
> Masters {xx.xx.xx.xx};
> File "db.esp122-ptr";
> };
>
> And I now wonder if I don't also need tables for 37.57.10.in-addr.arpa and 38 and 39 as well.

Yes you do. Any mask shorter than 24 bits is OK - you just have multiple reverse zones (unless the mask is 8 or 16 bits long). It's only when you have a mask longer than 24 bits that things become more difficult.

> And then how to properly declare in dhcpd.conf.

Just declare zones for the extra three zones in the DNS - the same as the one I assume you already have declared for 36.57.10.in-addr.arpa Actually dhcpd will work out the right server to update is all the delegation is done correctly - ie a lookup on the SOA for (eg) 36.57.10.in-addr.arpa returns the correct master server. You only need to define zones to either a) provide a key for secure updates, or b) of the DNS isn't setup correctly and you need to tell dhcpd where to send updates.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: Reverse records in /22 network

/dev/rob0
In reply to this post by Simon Hobson
On Thu, Mar 19, 2015 at 04:10:16PM +0000, Simon Hobson wrote:

> "Cuttler, Brian (HEALTH)" <[hidden email]> wrote:
>
> > Machines register in DHCP, and I see A and PTR records appear in DNS.
> >
> > However, I'm using a /22 address space, 10.57.36-39.0 and I only
> > declared a single pointer database
> >
> > Zone "36.57.10.in-addr.arpa." in {
> > Type slave;
> > Masters {xx.xx.xx.xx};
> > File "db.esp122-ptr";
> > };
> >
> > And I now wonder if I don't also need tables for
> > 37.57.10.in-addr.arpa and 38 and 39 as well.
>
> Yes you do. Any mask shorter than 24 bits is OK - you just have
> multiple reverse zones (unless the mask is 8 or 16 bits long). It's
> only when you have a mask longer than 24 bits that things become
> more difficult.

It would be simpler for Brian to just take the whole /16 zone,
57.10.in-addr.arpa, unless other parts of his extended internal
network are using those addresses.  (And in that case, delegation
should have been done.)

> > And then how to properly declare in dhcpd.conf.
>
> Just declare zones for the extra three zones in the DNS - the same
> as the one I assume you already have declared for
> 36.57.10.in-addr.arpa

> Actually dhcpd will work out the right server to update is all the
> delegation is done correctly - ie a lookup on the SOA for (eg)
> 36.57.10.in-addr.arpa returns the correct master server. You only
> need to define zones to either a) provide a key for secure updates,
> or b) of the DNS isn't setup correctly and you need to tell dhcpd
> where to send updates.
--
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

RE: Reverse records in /22 network

Cuttler, Brian (HEALTH)
That though had crossed my mind. Unfortunately everything is a retro-fit and other class-C address ranges are in use, often in other buildings, certainly in other vlans.

I should use new "file" for each of the 4 class-C, or can I use one file and dhcp/dns will add "origin" statements as needed?

Thanks much,
Brian

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of /dev/rob0
Sent: Thursday, March 19, 2015 12:48 PM
To: [hidden email]
Subject: Re: Reverse records in /22 network

On Thu, Mar 19, 2015 at 04:10:16PM +0000, Simon Hobson wrote:

> "Cuttler, Brian (HEALTH)" <[hidden email]> wrote:
>
> > Machines register in DHCP, and I see A and PTR records appear in DNS.
> >
> > However, I'm using a /22 address space, 10.57.36-39.0 and I only
> > declared a single pointer database
> >
> > Zone "36.57.10.in-addr.arpa." in {
> > Type slave;
> > Masters {xx.xx.xx.xx};
> > File "db.esp122-ptr";
> > };
> >
> > And I now wonder if I don't also need tables for
> > 37.57.10.in-addr.arpa and 38 and 39 as well.
>
> Yes you do. Any mask shorter than 24 bits is OK - you just have
> multiple reverse zones (unless the mask is 8 or 16 bits long). It's
> only when you have a mask longer than 24 bits that things become more
> difficult.

It would be simpler for Brian to just take the whole /16 zone, 57.10.in-addr.arpa, unless other parts of his extended internal network are using those addresses.  (And in that case, delegation should have been done.)

> > And then how to properly declare in dhcpd.conf.
>
> Just declare zones for the extra three zones in the DNS - the same as
> the one I assume you already have declared for 36.57.10.in-addr.arpa

> Actually dhcpd will work out the right server to update is all the
> delegation is done correctly - ie a lookup on the SOA for (eg)
> 36.57.10.in-addr.arpa returns the correct master server. You only need
> to define zones to either a) provide a key for secure updates, or b)
> of the DNS isn't setup correctly and you need to tell dhcpd where to
> send updates.
--
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: Reverse records in /22 network

/dev/rob0
I wrote:
> It would be simpler for Brian to just take the whole /16 zone,
> 57.10.in-addr.arpa, unless other parts of his extended internal
> network are using those addresses.  (And in that case, delegation
> should have been done.)

On Thu, Mar 19, 2015 at 04:55:33PM +0000, Cuttler, Brian (HEALTH) wrote:
> That though had crossed my mind. Unfortunately everything is a
> retro-fit and other class-C address ranges are in use, often in
> other buildings, certainly in other vlans.
>
> I should use new "file" for each of the 4 class-C, or can I use one
> file and dhcp/dns will add "origin" statements as needed?

named will need separate zone statements, with separate files, for
every zone you will use.  However, with a correct SOA MNAME, as Simon
pointed out, the nsupdate will know where to go.

You can start out with one file and make four copies of it: just the
SOA & NS records.
--
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: Reverse records in /22 network

Simon Hobson-2
In reply to this post by Cuttler, Brian (HEALTH)
"Cuttler, Brian (HEALTH)" <[hidden email]> wrote:

> So add 3 new stanzas, and let the server create three new ptr files, by changing the name of the "file" in the stanza

Exactly. 4 zones (3 new), each with it's own file.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users