Classless IN-ADDR.ARPA delegation (RFC 2317) support
Opened this issue · 1 comments
Hi Shreyas,
Greetings to you and I hope this finds you well. I know others have asked about RFC 2317 support and you've offered indirect suggestions on workarounds, but I believe a more formal solution is required.
The RFC itself doesn't offer a definitive answer on how to implement it and gives a couple of suggestions on how to do it, but other platforms have done things like '255-128.10.in-addr.arpa' or '9/128.10.in-addr.arpa for an example of a 10.128.0.0/9 network. Those platforms that have implemented it do it a bit differently between them, but some sort of solution for reverse CIDR authoritative primary/secondary zones and forwarding zones is a necessity for me at this point. My DNS configs get pretty ugly having to create 128 different forwarding zones to point back to my authoritative servers just to get classless reverse DNS functioning properly.
Any insight or help would be appreciated.
Thanks and regards,
Michael
Thanks for the post. The problem with finding a solution to this is that there are several solutions possible and those depend on the scenarios. Which is why its kind if tough to generalize a solution that would fit all use-cases. Some scenarios may like to use CNAME entries like suggested in the RFC while some may need to have NS records to delegate to another name server. In your case, you are using conditional forwarders which is a proprietary option available on this DNS server.
The problem with having zone like 255-128.10.in-addr.arpa
or 9/128.10.in-addr.arpa
is that they are not queryable since they do not follow the reverse lookup request's pattern and thus become unresolvable unless some reverse zone has NS records or CNAME for them.
With forwarder zone setup, you do not really need to create several forwarder zones, you can just have one large scoped forwarder zone with a default FWD record that forwards to "This Server" to allow resolving things normally when there is no answer available. Then add FWD records for specific reverse entries in the same zone which would forward to the required name server.