I think I'm just going to stick with the 4 separate zones. That was an interesting article though, I appreciate you passing it on.
- Sean On Fri, Apr 10, 2009 at 5:48 AM, Jeff Bunting <[email protected]>wrote: > I did this many moons ago under NT4. Took a couple of tries to get the > syntax correct, but worked fine for internet facing DNS. > > Try this article: > http://support.microsoft.com/kb/174419 > > Jeff > > On Thu, Apr 9, 2009 at 6:36 PM, Ben Scott <[email protected]> wrote: > >> On Thu, Apr 9, 2009 at 11:33 AM, Sean Martin <[email protected]> >> wrote: >> > However, I'm unsure about how the reverse lookup zone was created. >> There's a >> > single reverse lookup zone 69.208.in-addr.arpa. >> >> Hmmm. I believe that means your DNS server will be claiming >> authority for 208.69.0.0/16. So perhaps ARIN's "common cause" >> boilerplate was correct after all. >> >> > There doesn't appear to be a way to specify the zone as 208.69.0.0/22. >> >> Yah, I don't think you can do that with DNS. The <in-addr.arpa.> >> branch is structured around the "reverse dotted quad" notation. I >> think I read once about a later RFC which introduced something to >> support classless delegation, but even that still used the classful >> DNS structures to "hook in", and I'm not sure the RFC was ever adopted >> anyway. I'm pretty sure MS-DNS doesn't support it in any event. >> >> > Should I create separate reverse lookup zones for each class C range? >> >> I think so. I've never used MS-DNS for Internet-facing DNS service >> myself, but that's what I think you need to do. That's how I do our >> /24 subnets of 10/8 internally, FWIW. The MS-DNS GUI doesn't group >> them into a "10.x" folder or anything like that. Under the "Reverse >> Lookup Zones" folder, I've got folders for "10.0.0.x Subnet", >> "10.0.10.x Subnet", and so on, all at the same level. But we're >> running Win2K; might be different in the 2003 GUI. >> >> -- Ben >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
