Re: Is 10.in-addr.arpa not recommended?

2010-09-28 Thread Kevin Darcy

On 9/27/2010 8:48 PM, donovan jeffrey j wrote:


I run a number of internal clients on 10 address space. what i did was break up 
each Zone into Class B's 10.1.x.x , 10.2.x.x then my forward and reverse files 
into class C's. Each record 10.1.1.x . 10.1.2.x, 10.1.3.x, . then scale ass 
needed. providing the means to add forward and reverse to any address within 
that address space.

   
Ugh, pet peeve. 10/8 is, if one uses obsolete classful terminology 
instead of CIDR, a Class A, which covers the whole range. Nothing 
sliced out of 10/8 can be a Class B or a Class C. Correct 
terminology for what you described would be /16 or /24, respectively. In 
the old scheme, Class Bs start(ed) at 128.*.*.* and Class Cs 
start(ed) at 192.*.*.*. Google classful if you don't believe me.




- Kevin



___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


Is 10.in-addr.arpa not recommended?

2010-09-27 Thread Christopher Cain
Hi all.

I am setting up a new appliance-based DNS solution that will contain a fair
number of separately managed Windows DNS slave servers (in addition to the
DNS appliances that will handle the .

Currently there are just over 8000 host records that resolve to IP's in the
10.x.x.x space.  I am wrestling with whether or not I should create a single
10.in-addr.arpa zone or if I should create 256 /16 zones (i.e. -
0.10.in-addr.arpa to 255.10.in-addr.arpa).

The reason I want to encompass the entire 10 space is so new arpa zones will
not have to be defined on all servers (specifically on the Windows slaves)
if a new part of the 10 space is used at some point.

Any recommendations or comments would be greatly appreciated.

Thanks,

Christopher Cain
E: ch...@christophercain.ca
http://ca.linkedin.com/in/christophercain
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Is 10.in-addr.arpa not recommended?

2010-09-27 Thread Chris Buxton
On Sep 27, 2010, at 1:03 PM, Christopher Cain wrote:

 Hi all.
 
 I am setting up a new appliance-based DNS solution that will contain a fair 
 number of separately managed Windows DNS slave servers (in addition to the 
 DNS appliances that will handle the .
 
 Currently there are just over 8000 host records that resolve to IP's in the 
 10.x.x.x space.  I am wrestling with whether or not I should create a single 
 10.in-addr.arpa zone or if I should create 256 /16 zones (i.e. - 
 0.10.in-addr.arpa to 255.10.in-addr.arpa).
 
 The reason I want to encompass the entire 10 space is so new arpa zones will 
 not have to be defined on all servers (specifically on the Windows slaves) if 
 a new part of the 10 space is used at some point.
 
 Any recommendations or comments would be greatly appreciated.

There's nothing wrong with a single 10.in-addr.arpa zone. If you need to break 
it up amongst different master servers, a 10.in-addr.arpa zone can still be 
used to delegate child zones to their respective servers.

You might break it up if, for example, the DDNS traffic from DHCP clients 
across the enterprise would be too much for one master server to accommodate. 
The BIND name server writes to its journal file synchronously, for every 
update, and this can be quite a bottleneck. (The same is true for slave 
servers, which keep a journal file for zone transfers in order to service IXFR 
requests sent to them.)

Regards,
Chris Buxton
BlueCat Networks

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


Re: Is 10.in-addr.arpa not recommended?

2010-09-27 Thread Sten Carlsen
 While a single zone is perfectly fine from a standards point of view,
some clients might be served addresses they don't like 10.x.x.0 and
10.x.x.255.

Just a reminder that this could be a reason if something appears weird.

On 27/09/10 23:07, Chris Buxton wrote:
 On Sep 27, 2010, at 1:03 PM, Christopher Cain wrote:

 Hi all.

 I am setting up a new appliance-based DNS solution that will contain a fair 
 number of separately managed Windows DNS slave servers (in addition to the 
 DNS appliances that will handle the .

 Currently there are just over 8000 host records that resolve to IP's in the 
 10.x.x.x space.  I am wrestling with whether or not I should create a single 
 10.in-addr.arpa zone or if I should create 256 /16 zones (i.e. - 
 0.10.in-addr.arpa to 255.10.in-addr.arpa).

 The reason I want to encompass the entire 10 space is so new arpa zones will 
 not have to be defined on all servers (specifically on the Windows slaves) 
 if a new part of the 10 space is used at some point.

 Any recommendations or comments would be greatly appreciated.
 There's nothing wrong with a single 10.in-addr.arpa zone. If you need to 
 break it up amongst different master servers, a 10.in-addr.arpa zone can 
 still be used to delegate child zones to their respective servers.

 You might break it up if, for example, the DDNS traffic from DHCP clients 
 across the enterprise would be too much for one master server to accommodate. 
 The BIND name server writes to its journal file synchronously, for every 
 update, and this can be quite a bottleneck. (The same is true for slave 
 servers, which keep a journal file for zone transfers in order to service 
 IXFR requests sent to them.)

 Regards,
 Chris Buxton
 BlueCat Networks

 ___
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users

-- 
Best regards

Sten Carlsen

No improvements come from shouting:

   MALE BOVINE MANURE!!! 

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Is 10.in-addr.arpa not recommended?

2010-09-27 Thread Warren Kumari

On Sep 27, 2010, at 6:55 PM, Sten Carlsen wrote:

 While a single zone is perfectly fine from a standards point of view, some 
 clients might be served addresses they don't like 10.x.x.0 and 10.x.x.255.
 

But that would be DHCP config, no?


 Just a reminder that this could be a reason if something appears weird.


Fair 'nuff,

W
 
 On 27/09/10 23:07, Chris Buxton wrote:
 On Sep 27, 2010, at 1:03 PM, Christopher Cain wrote:
 
 
 Hi all.
 
 I am setting up a new appliance-based DNS solution that will contain a fair 
 number of separately managed Windows DNS slave servers (in addition to the 
 DNS appliances that will handle the .
 
 Currently there are just over 8000 host records that resolve to IP's in the 
 10.x.x.x space.  I am wrestling with whether or not I should create a 
 single 10.in-addr.arpa zone or if I should create 256 /16 zones (i.e. - 
 0.10.in-addr.arpa to 255.10.in-addr.arpa).
 
 The reason I want to encompass the entire 10 space is so new arpa zones 
 will not have to be defined on all servers (specifically on the Windows 
 slaves) if a new part of the 10 space is used at some point.
 
 Any recommendations or comments would be greatly appreciated.
 
 There's nothing wrong with a single 10.in-addr.arpa zone. If you need to 
 break it up amongst different master servers, a 10.in-addr.arpa zone can 
 still be used to delegate child zones to their respective servers.
 
 You might break it up if, for example, the DDNS traffic from DHCP clients 
 across the enterprise would be too much for one master server to 
 accommodate. The BIND name server writes to its journal file synchronously, 
 for every update, and this can be quite a bottleneck. (The same is true for 
 slave servers, which keep a journal file for zone transfers in order to 
 service IXFR requests sent to them.)
 
 Regards,
 Chris Buxton
 BlueCat Networks
 
 ___
 bind-users mailing list
 
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
 
 -- 
 Best regards
 
 Sten Carlsen
 
 No improvements come from shouting:
 
MALE BOVINE MANURE!!! 
 
 ___
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


Re: Is 10.in-addr.arpa not recommended?

2010-09-27 Thread Chris Buxton

On Sep 27, 2010, at 3:55 PM, Sten Carlsen wrote:

 While a single zone is perfectly fine from a standards point of view, some 
 clients might be served addresses they don't like 10.x.x.0 and 10.x.x.255.
 
 Just a reminder that this could be a reason if something appears weird. 

Don't confuse zone and DHCP range. Having a 10/8 reverse zone does not mean 
you must have an address range that covers these addresses that might confuse 
users.

You wouldn't want a DHCP range (or a network) that large anyway. The broadcast 
traffic would be a killer.

Regards,
Chris Buxton
BlueCat Networks

 On 27/09/10 23:07, Chris Buxton wrote:
 
 On Sep 27, 2010, at 1:03 PM, Christopher Cain wrote:
 
 Hi all.
 
 I am setting up a new appliance-based DNS solution that will contain a fair 
 number of separately managed Windows DNS slave servers (in addition to the 
 DNS appliances that will handle the .
 
 Currently there are just over 8000 host records that resolve to IP's in the 
 10.x.x.x space.  I am wrestling with whether or not I should create a 
 single 10.in-addr.arpa zone or if I should create 256 /16 zones (i.e. - 
 0.10.in-addr.arpa to 255.10.in-addr.arpa).
 
 The reason I want to encompass the entire 10 space is so new arpa zones 
 will not have to be defined on all servers (specifically on the Windows 
 slaves) if a new part of the 10 space is used at some point.
 
 Any recommendations or comments would be greatly appreciated.
 There's nothing wrong with a single 10.in-addr.arpa zone. If you need to 
 break it up amongst different master servers, a 10.in-addr.arpa zone can 
 still be used to delegate child zones to their respective servers.
 
 You might break it up if, for example, the DDNS traffic from DHCP clients 
 across the enterprise would be too much for one master server to 
 accommodate. The BIND name server writes to its journal file synchronously, 
 for every update, and this can be quite a bottleneck. (The same is true for 
 slave servers, which keep a journal file for zone transfers in order to 
 service IXFR requests sent to them.)
 
 Regards,
 Chris Buxton
 BlueCat Networks
 
 ___
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
 
 -- 
 Best regards
 
 Sten Carlsen
 
 No improvements come from shouting:
 
MALE BOVINE MANURE!!! 
 ___
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Is 10.in-addr.arpa not recommended?

2010-09-27 Thread Chris Buxton
On Sep 27, 2010, at 4:43 PM, Sten Carlsen wrote:

 Well, it depends on your clients. If they don't like .0 or .255, you would 
 have to have a rather large amount of ranges.
 
 E.g. range 10.1.1.1 10.1.1.254; range 10.1.2.1 10.1.2.254; ..
 
 If OTOH you don't have any of those clients, other factors like hashing 
 algorithms and sizes come into play. This was recently discussed on the list, 
 so there should be information about the optimal way to slice the address 
 range from that point of view in the archives. 

I think you're still thinking of this as a DHCP issue. DHCP was not mentioned 
by the OP, and this is not the DHCP Users list. We're not talking about an 
actual network of 10/8, we're talking about a DNS zone of 10.in-addr.arpa. 
There are no hashing algorithm or size issues at play, because we're not 
talking about DHCP.

From a pure BIND/DNS perspective, there's nothing wrong with a 10.in-addr.arpa 
zone, either as a container of PTR records, a starting point for resolution 
(meaning it contains lots of delegations), or a mix of both.

Regards,
Chris Buxton
BlueCat Networks

 On 28/09/10 1:08, Warren Kumari wrote:
 
 On Sep 27, 2010, at 6:55 PM, Sten Carlsen wrote:
 
 While a single zone is perfectly fine from a standards point of view, 
 some clients might be served addresses they don't like 10.x.x.0 and 
 10.x.x.255.
 
 But that would be DHCP config, no?
 
 
 Just a reminder that this could be a reason if something appears weird.
 
 Fair 'nuff,
 
 W
 On 27/09/10 23:07, Chris Buxton wrote:
 On Sep 27, 2010, at 1:03 PM, Christopher Cain wrote:
 
 
 Hi all.
 
 I am setting up a new appliance-based DNS solution that will contain a 
 fair number of separately managed Windows DNS slave servers (in addition 
 to the DNS appliances that will handle the .
 
 Currently there are just over 8000 host records that resolve to IP's in 
 the 10.x.x.x space.  I am wrestling with whether or not I should create a 
 single 10.in-addr.arpa zone or if I should create 256 /16 zones (i.e. - 
 0.10.in-addr.arpa to 255.10.in-addr.arpa).
 
 The reason I want to encompass the entire 10 space is so new arpa zones 
 will not have to be defined on all servers (specifically on the Windows 
 slaves) if a new part of the 10 space is used at some point.
 
 Any recommendations or comments would be greatly appreciated.
 
 There's nothing wrong with a single 10.in-addr.arpa zone. If you need to 
 break it up amongst different master servers, a 10.in-addr.arpa zone can 
 still be used to delegate child zones to their respective servers.
 
 You might break it up if, for example, the DDNS traffic from DHCP clients 
 across the enterprise would be too much for one master server to 
 accommodate. The BIND name server writes to its journal file 
 synchronously, for every update, and this can be quite a bottleneck. (The 
 same is true for slave servers, which keep a journal file for zone 
 transfers in order to service IXFR requests sent to them.)
 
 Regards,
 Chris Buxton
 BlueCat Networks
 
 ___
 bind-users mailing list
 
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
 -- 
 Best regards
 
 Sten Carlsen
 
 No improvements come from shouting:
 
MALE BOVINE MANURE!!! 
 
 ___
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
 
 
 -- 
 Best regards
 
 Sten Carlsen
 
 No improvements come from shouting:
 
MALE BOVINE MANURE!!! 
 ___
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Is 10.in-addr.arpa not recommended?

2010-09-27 Thread donovan jeffrey j

On Sep 27, 2010, at 4:03 PM, Christopher Cain wrote:

 Hi all.
 
 I am setting up a new appliance-based DNS solution that will contain a fair 
 number of separately managed Windows DNS slave servers (in addition to the 
 DNS appliances that will handle the .
 
 Currently there are just over 8000 host records that resolve to IP's in the 
 10.x.x.x space.  I am wrestling with whether or not I should create a single 
 10.in-addr.arpa zone or if I should create 256 /16 zones (i.e. - 
 0.10.in-addr.arpa to 255.10.in-addr.arpa).
 
 The reason I want to encompass the entire 10 space is so new arpa zones will 
 not have to be defined on all servers (specifically on the Windows slaves) if 
 a new part of the 10 space is used at some point.
 
 Any recommendations or comments would be greatly appreciated.

Hi Chris,

I run a number of internal clients on 10 address space. what i did was break up 
each Zone into Class B's 10.1.x.x , 10.2.x.x then my forward and reverse files 
into class C's. Each record 10.1.1.x . 10.1.2.x, 10.1.3.x, . then scale ass 
needed. providing the means to add forward and reverse to any address within 
that address space.

here is a sample, note the sub folders for sanity sake.

## my LAB 
## 10.153 #

zone 1.153.10.in-addr.arpa IN {
file /var/named/in-arpa-10/153/in-arpa.my-lab1.db;
type master;
};
zone 2.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab2.db;
};

zone 3.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab3.db;
};

zone 4.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab4.db;
};

zone 5.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab5.db;
};

zone 6.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab6.db;
};

zone 7.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab7.db;
};

zone 8.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab8.db;
};

zone 9.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab9.db;
};

zone 10.153.10.in-addr.arpa IN {
type master;
file /var/named/in-arpa-10/153/in-arpa.my-lab10.db;
};


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


Re: Is 10.in-addr.arpa not recommended?

2010-09-27 Thread Sten Carlsen


On 28/09/10 2:08, Chris Buxton wrote:
 On Sep 27, 2010, at 4:43 PM, Sten Carlsen wrote:

 Well, it depends on your clients. If they don't like .0 or .255, you
 would have to have a rather large amount of ranges.

 E.g. range 10.1.1.1 10.1.1.254; range 10.1.2.1 10.1.2.254; ..

 If OTOH you don't have any of those clients, other factors like
 hashing algorithms and sizes come into play. This was recently
 discussed on the list, so there should be information about the
 optimal way to slice the address range from that point of view in the
 archives. 

 I think you're still thinking of this as a DHCP issue. DHCP was not
 mentioned by the OP, and this is not the DHCP Users list. We're not
 talking about an actual network of 10/8, we're talking about a DNS
 zone of 10.in-addr.arpa. There are no hashing algorithm or size issues
 at play, because we're not talking about DHCP.
Sorry, reading too fast. My fault.

 From a pure BIND/DNS perspective, there's nothing wrong with a
 10.in-addr.arpa zone, either as a container of PTR records, a starting
 point for resolution (meaning it contains lots of delegations), or a
 mix of both.

 Regards,
 Chris Buxton
 BlueCat Networks

 On 28/09/10 1:08, Warren Kumari wrote:
 On Sep 27, 2010, at 6:55 PM, Sten Carlsen wrote:

 While a single zone is perfectly fine from a standards point of view, 
 some clients might be served addresses they don't like 10.x.x.0 and 
 10.x.x.255.

 But that would be DHCP config, no?


 Just a reminder that this could be a reason if something appears weird.
 Fair 'nuff,

 W
 On 27/09/10 23:07, Chris Buxton wrote:
 On Sep 27, 2010, at 1:03 PM, Christopher Cain wrote:


 Hi all.

 I am setting up a new appliance-based DNS solution that will contain a 
 fair number of separately managed Windows DNS slave servers (in addition 
 to the DNS appliances that will handle the .

 Currently there are just over 8000 host records that resolve to IP's in 
 the 10.x.x.x space.  I am wrestling with whether or not I should create 
 a single 10.in-addr.arpa zone or if I should create 256 /16 zones (i.e. 
 - 0.10.in-addr.arpa to 255.10.in-addr.arpa).

 The reason I want to encompass the entire 10 space is so new arpa zones 
 will not have to be defined on all servers (specifically on the Windows 
 slaves) if a new part of the 10 space is used at some point.

 Any recommendations or comments would be greatly appreciated.

 There's nothing wrong with a single 10.in-addr.arpa zone. If you need to 
 break it up amongst different master servers, a 10.in-addr.arpa zone can 
 still be used to delegate child zones to their respective servers.

 You might break it up if, for example, the DDNS traffic from DHCP clients 
 across the enterprise would be too much for one master server to 
 accommodate. The BIND name server writes to its journal file 
 synchronously, for every update, and this can be quite a bottleneck. (The 
 same is true for slave servers, which keep a journal file for zone 
 transfers in order to service IXFR requests sent to them.)

 Regards,
 Chris Buxton
 BlueCat Networks

 ___
 bind-users mailing list

 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
 -- 
 Best regards

 Sten Carlsen

 No improvements come from shouting:

MALE BOVINE MANURE!!! 

 ___
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users

 -- 
 Best regards

 Sten Carlsen

 No improvements come from shouting:

MALE BOVINE MANURE!!! 
 ___
 bind-users mailing list
 bind-users@lists.isc.org mailto:bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users


-- 
Best regards

Sten Carlsen

No improvements come from shouting:

   MALE BOVINE MANURE!!! 

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users