In article <mailman.2297.1437162090.26362.bind-us...@lists.isc.org>, Leandro <ingrog...@gmail.com> wrote:
> Hello guys. > I was writting the reverse zone definitions you recommended some weeks ago. > What I understood is that RFC 1918/3330/5735 defines the reserved ips > for internal or experimental use. They can not be routed outside a > private network. > It means that my dns cache server should not send those queries to root > servers. > I declarer all those ips on a single reverse zone (just showing 3 zones): > > zone "10.in-addr.arpa" IN{ //for 10.X.X.X > type master; > file "named.loopback"; > allow-update { none; }; > }; > > zone "16.172.in-addr.arpa" IN{ //for 172.16.X.X > type master; > file "named.loopback"; > allow-update { none; }; > }; > zone "168.192.in-addr.arpa" IN{ // for 192.168.X.X > type master; > file "named.loopback"; > allow-update { none; }; > }; > > and use the " named.loopback" file for all of them wich contains: > $TTL 1D > @ IN SOA @ rname.invalid. ( > 0 ; serial > 1D ; refresh > 1H ; retry > 1W ; expire > 3H ) ; minimum > NS @ > A 127.0.0.1 > AAAA ::1 > PTR localhost. You shouldn't use @ so much in a reverse zone. @ is replaced with the origin, which defaults to the zone name. But 10.in-addr.arpa is not a valid hostname to use in an NS record (although you're apparently making it valid with the A and AAAA records). > > Im not shure how to declare a RR to point to "nowhere". My workaround > is working but I wonder if it is good practice. You don't need to do anything. The lack of a record makes it point to nowhere. The server will never recurse for something within these zones, since there's no delegation, it will just return an authoritative NXDOMAIN for any address within these blocks. -- Barry Margolin Arlington, MA _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users