The Reverse Zone

If you want to be able to resolve IP addresses to host names, you need to set up a reverse zone for the domain. A reverse zone is very similar to a forward zone with the IP address-to-host name records being called pointers.

When you are setting up a public DNS server that controls a domain (as in the case of palmcoder.net), it is unlikely that you will be able to use a reverse zone, and the authority for the range of IP addresses your ISP has allocated to you will be controlled by their DNS servers. You will be very lucky to find an ISP that will hand over delegation of an IP address in the DNS system to you.

When you are running a DNS server in a network where you control the IP address allocation (for example, using non-routable addresses), a reverse zone is possible.

We will take the following zone as the internal forward representation (see Listing 21-4) and work back from that.

LISTING 21-4

Internal DNS Representation intpalmcoder.net. IN SOA ns.intpalmcoder.net. admin.intpalmcoder.net. (

200407111 10800 3600 604800 38400 )

NS

zen

MX

10 mail

mail

A

192.168.

.0.

2

files

A

192.168.

.0.

.5

intranet

A

192.168.

.0.

10

In this zone definition, we have used the default zone values as before, with the addition of a nameserver entry of zen.palmcoder.net and a mail exchanger entry of mail.palmcoder.net. We have also defined address entries for mail.palmcoder.net as 192.168.0.2, files.palmcoder.net as 192.168.0.5, and intranet.palmcoder.net as 192.168.0.10.

Now that we have the internal network configuration, we can create the reverse zone to allow our internal IP addresses to be resolved into their respective host names (see Listing 21-5).

LISTING 21-5

Reverse Zone for 192.168.0.0/24

SOA ns.intpalmcoder.net. admin.intpalmcoder.net. ( 200407111 10800 3600 604800 38400 )

NS ns.intpalmcoder.net.

PTR mail.intpalmcoder.net. PTR files.intpalmcoder.net. PTR intranet.intpalmcoder.net.

In the reverse zone definition, you can see the first entry in the file has been replaced with the @ symbol. The @ symbol is very important and is interpreted as the zone this file relates to. In the case of a reverse map, the zone is 0.168.192.in-addr.arpa. The in-addr.arpa is a special address that signifies this is an IP address lookup. The zone itself is a reverse of the IP address we are looking for.

In much the same way that the intpalmcoder.net zone contains an entry for each host, which is appended with the zone name, the reverse map is the same. This is why the zone is the subnet component of the addresses you are interested in.

For each reverse address, you have to specify the host name in its full form because the zone that contains the reverse map has no idea what forward domain it refers to. Whereas in the case of forward domains, you can let BIND take care of the host name completion, you must specify the fully qualified domain name (FQDN) with the full stop.

Was this article helpful?

0 0

Post a comment