Reverse Lookup zones...

Toggle sidebar Toggle sidebar
T

Tim

Distinguished
Mar 31, 2004
1,833
0
19,780
Archived from groups: microsoft.public.win2000.dns (More info?)

If I have a single site that uses a class C ip scheme
(192.168.1.x), I always create an AD intergrated Reverse
lookup zone of 192.168.1.x subnet.

What if I have more sites that uses different class C ip
schemes (192.168.2.x). Should I create another AD
intergrated Reverse Lookup zone of 192.168.2.x subnet?
 
O

obiwan

Distinguished
Feb 16, 2001
90
0
18,630
Archived from groups: microsoft.public.win2000.dns (More info?)

> If I have a single site that uses a class C ip scheme
> (192.168.1.x), I always create an AD intergrated Reverse
> lookup zone of 192.168.1.x subnet.
>
> What if I have more sites that uses different class C ip
> schemes (192.168.2.x). Should I create another AD
> intergrated Reverse Lookup zone of 192.168.2.x subnet?

Short answer ... YES :)
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

T> If I have a single site that uses a class C ip scheme
T> (192.168.1.x), I always create an AD intergrated Reverse
T> lookup zone of 192.168.1.x subnet.

You should do more than that.

When employing non-public IP address ranges, one should ensure, by configuring
one's "split horizon" DNS service appropriately, that DNS queries for the
_entire_ non-public IP address range don't leak out over one's borders, even
if one doesn't happen to be using that entire address range at the moment.

So you should be handling _everything_ at and below "168.192.in-addr.arpa."
yourself, within your organization, even if you are only using a couple of
/24s within 192.168.*.* right now.

(Compare with what you are already doing with 127.*.*.*. Even though you are
very probably only using a _single_ /32 within that entire non-public IP
address range, namely 127.0.0.1, you are dealing with the _whole_ of the
namespace subtree rooted at "127.in-addr.arpa." privately.)
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Hi Tim,

If you need the reverse name resolution in the namespace then create the
reverse lookup zone.

How To Create a New Zone on a DNS Server in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;308201&sd=tech

br,
Denis

"Tim" <anonymous@discussions.microsoft.com> wrote in message
news:29f9801c465c6$852cc410$a401280a@phx.gbl...
> If I have a single site that uses a class C ip scheme
> (192.168.1.x), I always create an AD intergrated Reverse
> lookup zone of 192.168.1.x subnet.
>
> What if I have more sites that uses different class C ip
> schemes (192.168.2.x). Should I create another AD
> intergrated Reverse Lookup zone of 192.168.2.x subnet?
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom