classless delegation [Re: IP address fee??]

[Peter van Dijk <peter () dataloss nl>]

On Fri, Sep 06, 2002 at 04:06:40PM +0200, Brad Knowles wrote:
> At 3:32 PM +0200 2002/09/06, Brad Knowles wrote:
> > >  Have a look, for example, at the reverses for 193.109.122.192/28 and
> > >  let me know if you can find anything wrong with those.
[snip]
>       The key phrase is "A correctly operating resolving proxy DNS 
> server must discard them ...".

Yes. This is your original complaint about matching apexes with
delegations. I am not violating that condition, however.

>       Now, if you wanted to do separate zone files, and make sure that 
> each zone file doesn't contain any out-of-zone data, that would be a 
> different issue.  But this is like handing people sticks of dynamite, 
> flamethrowers, and encouraging them to ignite the explosives they're 
> holding in their hands.

I am doing separate zone files. Each IP delegated to me is a separate
zone. Now, again, what is wrong with that?

>                               DNS Expert
>           Detailed Report for 192.122.109.193.in-addr.arpa.
>        9/6/02, 4:05 PM, using the analysis setting "Everything"
> ======================================================================
>
> Information
> ----------------------------------------------------------------------
> Serial number:           1031317961
> Primary name server:     ns.dataloss.nl.
> Primary mail server:     N/A
> Number of records:       N/A
>
>
> Errors
> ----------------------------------------------------------------------
> o The reverse zone contains one or more A records
>     The reverse domain "192.122.109.193.in-addr.arpa." contains one
>     or more A records.  A records should only be placed in
>     forward-mapping domains.

What A-records is it talking about? I am not seeing any.

[axfr is closed]
[banter about SOA values]
[all servers on the same subnet]

>                               DNS Expert
>           Detailed Report for 193.122.109.193.in-addr.arpa.
>        9/6/02, 4:05 PM, using the analysis setting "Everything"
> ======================================================================
>
> Information
> ----------------------------------------------------------------------
> Serial number:           1031317961
> Primary name server:     ns.dataloss.nl.
> Primary mail server:     N/A
> Number of records:       N/A
>
>
> Errors
> ----------------------------------------------------------------------
> o The reverse zone contains one or more A records
>     The reverse domain "193.122.109.193.in-addr.arpa." contains one
>     or more A records.  A records should only be placed in
>     forward-mapping domains.

Again, I am not seeing any A records.

[no axfr]
[soa values]
[all servers on the same subnet]

>       What about this?
>
> % dnswalk -ralF 122.109.193.in-addr.arpa.
> Checking 122.109.193.in-addr.arpa.
> Getting zone transfer of 122.109.193.in-addr.arpa. from ns2.bit.nl...done.
> SOA=ns.bit.nl   contact=root.bit.nl

[hosts outside my /29]
[failed zonetransfers]

Nothing there that's wrong with my /29.

>                               DNS Expert
>             Detailed Report for 122.109.193.in-addr.arpa.

This is the parent zone.

>        9/6/02, 3:56 PM, using the analysis setting "Everything"
> ======================================================================
>
> Information
> ----------------------------------------------------------------------
> Serial number:           2002090401
> Primary name server:     ns.bit.nl.
> Primary mail server:     N/A
> Number of records:       112 (34 NS, 0 MX, 0 A, 0 CNAME, 78 PTR, 0
>                          Other)
>
>
> Errors
> ----------------------------------------------------------------------
[hosts outside my /29]

Indeed, you found some things wrong with the /24 zone, but that was
not the subject, and nothing you found wrong with the /24 is related
to the /29.

Greetz, Peter
-- 
peter () dataloss nl  |  http://www.dataloss.nl/  |  Undernet:#clue