[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] How-to: Delegate Reverse DNS authority
- Subject: Re: [cobalt-users] How-to: Delegate Reverse DNS authority
- From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
- Date: Mon Oct 14 13:30:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
JE> Date: Mon, 7 Oct 2002 16:33:07 -0400
JE> From: Jeff Edwards
JE> Here is the Question: How do I delegate authority for
JE> certain IP addresses so that Raq4 servers leased from me and
JE> the DNS running on them is authoritative for Reverse?? These
JE> Raq4 servers have not been assigned a subnet (/30 /29 etc...)
JE> but instead have only been assigned 2 or 4 IP addresses and I
JE> need then to be authoritative for those IP addresses.
You still can delegate a la RFC2317.
Furthermore, you SHOULD have been delegated a contiguous subnet.
If not, that means you're on the same subnet as other entities,
which is a substantial security hole.
If you've been delegated reverse for a subnet, but wish to spread
authority between machines, let one or two machines be auth to
the outside world. Slave or rsync the zones from the machines
that truly are authoritative.
It's a bit of effort, but all very doable.
Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@xxxxxxxxx>, or you are likely to
be blocked.