Search Again: Re: Classless reverse delegation to NT From: Men & Mice Support Date: Thursday, July 20, 2000 Time: 5:17:54 pm At 2:34 PM -0700 7/20/00, Peter Lalor wrote: >Hi, > >We're attempting to delegate a classless reverse domain to an NT >server and having some trouble. It seems trivial from QDNS's point >of view: we've created the secondary entry for 128/25.186.184.208, >but the NT admin is having some trouble actually creating the zone. >He gets: > >REVERSE19A.DB:53: data "253.186.184.208.IN-ADDR.ARPA" outside zone >"128/25.186.184.208.IN-ADDR.ARPA" (ignored) >or > >REVERSE19A.DB:26: data "128/25.133.186.184.208.IN-ADDR.ARPA" outside >zone "128/25.186.184.208.IN-ADDR.ARPA" (ignored) > >As this is the first time I've attempted to delegate a classless >reverse, I'm on shaky ground. Could someone explain (again) how >things look from the perspective of the NT box? > >I believe the NT software is Freeware BIND 4.9.7. Your end of things is more than just creating a secondary entry. You currently have PTR records in the range you mentioned: 129.186.184.208.in-addr.arpa. PTR router.mossyford.infoasis.com. 130.186.184.208.in-addr.arpa. PTR untitled.mossyford.infoasis.com. 131.186.184.208.in-addr.arpa. PTR untitled.mossyford.infoasis.com. [etc.] These must be removed, though if the unititled are generated from a wildcard, you don't have to worry about them. Then you must add NS records to your reverse zone, to delegate the subzone: 128/25.186.184.208.in-addr.arpa. NS <name server 1> 128/25.186.184.208.in-addr.arpa. NS <name server 2> One for each server that will be serving the zone. After that, you'll need CNAME records: 129.186.184.208.in-addr.arpa. CNAME 129.128/25.186.184.208.in-addr.arpa. 130.186.184.208.in-addr.arpa. CNAME 130.128/25.186.184.208.in-addr.arpa. 131.186.184.208.in-addr.arpa. CNAME 131.128/25.186.184.208.in-addr.arpa. [...] 254.186.184.208.in-addr.arpa. CNAME 254.128/25.186.184.208.in-addr.arpa. On the NT side of things, they create a reverse zone called 128/25.186.184.208.in-addr.arpa. Then they need the following records, using BIND shortcut notation: $ORIGIN 128/25.186.184.208.in-addr.arpa. @ SOA [... usual SOA values ...] NS <name server 1> NS <name server 2> [etc. - add more NS records if there are more servers for the zone] 129 PTR [canonical name for 208.184.186.129] 130 PTR [canonical name for 208.184.186.130] [etc.] So, from their point of view, the only thing out of the ordinary for their reverse zone file is the origin, which has the extra "128/25". Lastly, let me mention that BIND 4.9.7 is very much out of date and contains several security holes. They should update to BIND 8.2.2p5, the latest version. The source code for this is available from <http://www.isc.org/>. It contains a port for NT, which will compile using MS Visual C++ 6.0. ____________________________________________________________________ Chris Buxton cbuxton@menandmice.com Men & Mice http://www.menandmice.com Makers of: QuickDNS Pro

Messages In This Thread: Classless reverse delegation to NT by Peter Lalor on Jul 20, 2000 at 2:38:08 pm Re: Classless reverse delegation to NT by Men & Mice Support on Jul 20, 2000 at 5:17:54 pm Re: Classless reverse delegation to NT by Peter Lalor on Jul 25, 2000 at 10:02:53 am Re: Classless reverse delegation to NT by Men & Mice Support on Jul 25, 2000 at 11:33:14 am Re: Classless reverse delegation to NT by Charles Wiltgen on Jul 26, 2000 at 4:11:15 pm