6.4 Delegating Reverse-Mapping for Networks with Non-Octet Masks

6.4.1 Problem

You want to delegate responsibility for reverse-mapping a network's IP addresses to a set of name servers, but the network mask or subnet mask doesn't fall on an octet boundary.

6.4.2 Solution

Determine how many reverse-mapping zones correspond to the network. Here's a table to show you how many you'll have.

Size of network	Number of reverse-mapping
/9	128 reverse-mapping zones such as 2.1.in-addr.arpa
/10	64 ""
/11	32 ""
/12	16 ""
/13	8 ""
/14	4 ""
/15	2 ""
/17	128 reverse-mapping zones such as 3.2.1.in-addr.arpa
/18	64 ""
/19	32 ""
/20	16 ""
/21	8 ""
/22	4 ""
/23	2 ""
/25-32	See Section 6.5

For example, say your network is 10/8 and you want to delegate the reverse-mapping zones for the subnet 10.192/10 to your European subsidiary's name servers. That subnetwork corresponds to 64 reverse-mapping zones, from 192.10.in-addr.arpa to 255.10.in-addr.arpa. That's a lot of delegation to add to the 10.in-addr.arpa zone data file: if each zone has two name servers, that's 128 NS records!

BIND name servers give you a shortcut, though. You can use the $GENERATE control statement to add a group of records that differ only by a number. For example, if your European subsidiary's name servers are called ns1.eu.corp.example and ns2.eu.corp.example, you could delegate all 64 reverse-mapping zones to them with just these two $GENERATE control statements:

$GENERATE 192-255 $ NS ns1.eu.corp.example.
$GENERATE 192-255 $ NS ns2.eu.corp.example.

6.4.3 Discussion

Unfortunately, there's no corresponding way to generate the zone statements you'll need on the name servers the zones are delegated to. You'd need a full 64 zone statements in each name server's named.conf file.

6.4.4 See Also

Section 6.5 for handling networks smaller than a /24, and "Subnetting on a Non-Octet Boundary" in Chapter 9 of DNS and BIND.