Slightly OT: BIND problem

[Paul Civati]

Scott Mitchell <scott.mitchell at mail.com> wrote:

> good. However, for reasons known only to them, my predecessors
> decided that all the Windows boxes on the network would live in
> their own subdomain (call it ms.company.com) with their own DNS
> server on a 2000 server box.

Is it possible this zone is a Win2k active directory?  (This is
implemented using DNS in 2k).

> Reverse lookups also work, *except* when attempting to look up
> addresses in the 'Windows' ranges on one of the OpenBSD servers.

Quick fix might be to add the zone as a 2ary onto the OpenBSD boxes
so that it pulls a copy across from the 2k box.

> The zone file for the 10.1 network has lines like:
>         0               IN      NS      ns2.company.com.
>
> trying to delegate only part of the 10.1 network?  A Google search
> turned up lots of references to reverse delegation being a PITA to
> get right.

I've never done much reverse delegation, so I'm not sure if the
above will work, I suggest laying your hands on a copy of the
O'Reilly DNS & BIND book.

In fact, delegating will make the OpenBSD box the authority for
this zone, so that might not be what you want to do at all.

> Most of the suggested solutions seemed to involve huge numbers
> of CNAME records pointing to the delegated server.  I should
> note that this isn't

Yes.. this is how I've done reverse DNS delegation before, BIND v8
onwards has some magic that lets you auto-generate these huge
numbers of CNAME records with one $GENERATE line.

-Paul-