classless delegation [Re: IP address fee??]

Brad Knowles brad.knowles at skynet.be
Fri Sep 6 21:04:36 UTC 2002


At 10:28 PM +0200 2002/09/06, Jeroen Massar wrote:

>  Yes, they get returned, whoo hoo:
>  8<---------
>  jeroen at purgatory:~$ dig 192.122.109.193.in-addr.arpa any

	That could just be your local caching nameserver.  You need to 
ask his nameservers the same question:

% dig @ns.dataloss.nl. 192.122.109.193.in-addr.arpa any

; <<>> DiG 9.2.1 <<>> @ns.dataloss.nl. 192.122.109.193.in-addr.arpa any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56202
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;192.122.109.193.in-addr.arpa.  IN      ANY

;; ANSWER SECTION:
192.122.109.193.in-addr.arpa. 2560 IN   SOA     ns.dataloss.nl. 
hostmaster.192.122.109.193.in-addr.arpa. 1031343156 16384 2048 
1048576 2560
192.122.109.193.in-addr.arpa. 259200 IN NS      ns.dataloss.nl.
192.122.109.193.in-addr.arpa. 259200 IN NS      ns3.dataloss.nl.

;; ADDITIONAL SECTION:
ns.dataloss.nl.         259200  IN      A       193.109.122.194
ns3.dataloss.nl.        86400   IN      A       193.109.122.215

;; Query time: 73 msec
;; SERVER: 193.109.122.194#53(ns.dataloss.nl.)
;; WHEN: Fri Sep  6 23:00:13 2002
;; MSG SIZE  rcvd: 171


	Fortunately, in this case, we still get the same information.

>  Or any other IP you would randomly pick actually... show me one that
>  doesn't have this behaviour :)

	That's really more a factor of the nameserver which provides the 
answer -- did you ask their servers directly, or did you ask a local 
caching nameserver which could have answered some or all of that from 
cache?

>  60.1.0.10.in-addr.arpa. CNAME bla-reverse.example.org.
>  bla-reverse.example.org. PTR bla.example.org.
>  bla.example.org. A 10.0.1.60
>
>  What's wrong with that? No RFC against it ;)

	Are you sure about that?  IIRC, the definitions of CNAME records 
and what they can point to are pretty strict.

>  You are actually saying that one can't setup a DNS for a reverse host
>  then ;)

	No, just saying that if you're going to do it, you should do it 
the proper way -- using RFC 2317.

>  Cool, why does it work then? <grin>

	Just because something hasn't actually been made officially 
illegal doesn't mean that it's not a really bad idea.

-- 
Brad Knowles, <brad.knowles at skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)



More information about the NANOG mailing list