>> Classless reverse delegations in now way requires CNAMEs this is really
>> only a BIND-limitation (and not so much a limitation but a combination of
>> administrators laziness and BIND's mindset/zone-file structure).
>>
> I suppose this is rather off topic but I'm very interested. Could you
> elaborate?
Basically in BIND format what you do is:
Assume we want to serve up the hostnames of IP address of 1.2.3.4-1.2.3.9.
So we want to serve PTR records for 4.3.2.1.in-addr.arpa. all the way to
9.3.2.1.in-addr.arpa.
'Normally' (in BIND) what you would do is the server which is hosting the
3.2.1.in-addr.arpa. domain would delegate:
ORIGIN is 3.2.1.in-addr.arpa.
4-9 NS our.nameserver.hostname1.
4-9 NS our.nameserver.hostname1.
4 CNAME 4.4-9
5 CNAME 5.4-9
6 CNAME 6.4-9
7 CNAME 7.4-9
8 CNAME 8.4-9
9 CNAME 9.4-9
and then our nameserver would have:
ORIGIN is 4-9.3.2.1.in-addr.arpa.
4 PTR some-hostname.
5 PTR different-hostname.
...
9 PTR some-otherhostname.
Obviously this is the weird (some call it normal) way to do things using
CNAME's.
Now - let's do it without CNAME's.
The 3.2.1.in-addr.arpa. server does:
ORIGIN is 3.2.1.in-addr.arpa.
4 NS our.nameserver.hostname1.
4 NS our.nameserver.hostname2.
5 NS our.nameserver.hostname1.
5 NS our.nameserver.hostname2.
6 NS our.nameserver.hostname1.
6 NS our.nameserver.hostname2.
7 NS our.nameserver.hostname1.
7 NS our.nameserver.hostname2.
8 NS our.nameserver.hostname1.
8 NS our.nameserver.hostname2.
9 NS our.nameserver.hostname1.
9 NS our.nameserver.hostname2.
which _CAN_ be written in two lines with a 'for-loop'
[can't remember the bind syntax, I think it's:
$GENERATE 4-9 $ NS our.namserver.hostname1.
$GENERATE 4-9 $ NS our.namserver.hostname2.
]
Okay so the stuff is delegated to us.
Now we could simply (or not so simply if we're using BIND, since we
effectively have to create 9-4+1=6 zones) delegate normally, like so:
for each x in 4..9:
ORIGIN is x.3.2.1.in-addr.arpa.
x PTR some-hostname.
//+ SOA record for the zone
OR
we could decide that bind is screwed anyway and DNS servers and cache's
are two fundamentally different animals and shouldn't be mixed anyway (ie.
no DNS server should ever be a cache and vice versa) and we could simply
stick everything in one zone-file (possibly even the root zone if we're
extremely lazy).
The reason why CNAME's are used for reverse delegation is because
administrators are lazy and BIND makes the proper non-CNAME using solution
tiresome to implement. It's a breeze with tinydns/djbdns (once you get to
know the program, but that's normal).
Further reading, using djbdns syntax (not very legible for those used
only to BIND syntax and not willing to learn):
http://cr.yp.to/djbdns/dot-arpa.html
Cheers,
MaZe.
