- Legend
- Added
- Deleted
Introduction
This document describes the procedures for the delegation of authority of zones in the 193.in-addr.arpa domain. As of March 16th 1993 the RIPE NCC has been delegated the authority for the 193.in-addr.arpa domain from the root. Due to the fact that in the 193.x.y address space blocks of 256 class C network numbers are further delegated to local registries , the possibility exists to also delegate the zone for these blocks in the 193.in-addr.arpa domain. zones in European subdomains of
IN-ADDR.ARPA.
Introduction
The domain tree below IN-ADDR.ARPA is used to facilitate "reverse"
mapping from IP addresses to domain names [RFC883, RFC1033]. This document describes some guidelines and procedures for this type of delegation and the delegation of reverse zones for individual class C networks in 193.x.y.
A bit more explained
With the assignment of class C network numbers following the CIDR (RFC 1338) model, in which RFC1466,
large chunks of the address space are delegated to one region, and within that region regional Internet
Registries. The regional registries delegate blocks of class C network numbers are delegated to service providers and non-provider registries, some net-
work numbers to local Internet Registries. In this way a hierarchy in the address space is created, which is similar to the hierarchy in the domain name space. Due to this hierarchy the reverse Domain Name System mapping DNS map-
ping can also be delegated in a similar model as used for the normal Domain Name System. For instance, the RIPE NCC has been assigned delegated the complete class C address space starting with 193. It is therefore possible to delegate the 193.in-addr.arpa 193.IN-ADDR.ARPA domain completely to the RIPE NCC, instead of each and every reverse mapping in the 193.in-addr.arpa 193.IN-ADDR.ARPA
domain to be registered with the INTERNIC. InterNIC. This implies that all 193.in-addr.arpa resistrations 193.IN-ADDR.ARPA delegations in turn will be done by the RIPE NCC. Even better, since service providers receive complete class C network blocks local registries usually receive blocks of 256 class C
networks from the RIPE NCC, the RIPE NCC can delegate the reverse registrations for such complete blocks to these local registries. This implies that customers of these service providers no longer have to register their reverse domain
mapping with the root, InterNIC or the NCC, but the service provider providers have authority over that part of the reverse mapping. This decreases the workload on the INTERNIC InterNIC and the RIPE NCC, and at the same time increase improves the service a provider can offer its customers by improve improving response times for reverse mapping changes . However there are some things that need to be examined a bit more closely changes.
In order to provide a reliable service some procedures have been agreed
and must be followed in order to avoid confusion and inconsistencies. These issues procedures are covered in the
next section.
Procedures for the delegation of direct subdomains of 193.in-addr.arpa
1. A secondary nameserver at ns.ripe.net is mandatory for all blocks of class C network numbers delegated in the 193.in-addr.arpa domain.
2. Because of the increasing importance of correct reverse address mapping, for all delegated blocks a good set of secondaries must be defined. There should be at least 2 nameservers for all blocks delegated, excluding the RIPE NCC secondary.
3. The delegation of a class C block in the 193.in-addr.arpa domain can be requested by sending in a domain object for the RIPE database to <hostmaster@ripe.net> with all necessary contact and nameserver information. The then forward all
current reverse zones inside this block to the registry, and after addition of these by the registry, the NCC will check the working of the reverse server. Once everything is setup properly, the NCC will delegate the block, and submit the database object for inclusion in the database. An example domain object can be found at the end of this document.
4. All reverse servers for blocks must be reachable from the whole of the Internet. In short, all servers must meet similar connectivity requirements as top-level domain servers.
5. Running 6. If
after repeated complaints the delegated name space is still not
administered properly the RIPE NCC has to revoke the delegation.
Before adding individual nets, the administrator of a reverse domain must check wether whether all servers to be added for these nets are indeed
setup properly.7.
addresses, and will have to continue to provide the appropriate delegation records for reverse mapping of these addresses, even though it they are no longer belonging to a customer.
8. The registration of the reverse zones for individual class C networks will usually be done by the registry administering the class C block this network has been assigned from. The registry will make the necessary changes to the zone, and update zone files.
The registry will also make sure that the network objects in the RIPE database for these networks, to reflect networks are updated with the correct "rev-srv" fields. attributes.
In case the RIPE NCC receives a request for the reverse zone of an individual class C network out
of a block that has been delegated, the request will be forwarded to the zone contact for this reverse block.
9. The NCC advises the following timers and counters for direct subdomains of 193.in-addr.arpa: 8 hours refresh (28800 seconds), 2 hours retry (7200 seconds), 7 days expire (604800 seconds) and 1 day Time To Live (86400 seconds). The retry counter should be
lowered where connectivity is unstable.
Above procedures are defined to ensure the necessary high availability for the 193 availabil- ity
for the reverse domains, and to minimize minimise confusion. The NCC will ensure fast repsonse response times for addition requests, and will in principle update the 193.in-addr.arpa 193.IN-ADDR.ARPA domain at least once per working day.
Example domain object to request a block delegation
domain: 202.193.in-addr.arpa
descr: Pan European Organisations class C block
admin-c: Daniel Karrenberg
tech-c: Marten Terpstra
zone-c: Marten Terpstra
nserver: ns.eu.net
nserver: sunic.sunet.se
nserver: ns.ripe.net
changed: marten@ripe.net 930319
source: RIPE
Procedures for the delegation of individual network zones by the RIPE NCC.
The registration of the reverse zones for individual class C networks will usually be done by the registry administering the class C block this network has been assigned from. In case the zone corresponding to the class C block has not been delegated, the RIPE NCC will automatically add the reverse nameserver as specified in the "rev-srv" attribute of the RIPE database object for this network, using the following procedures:
1. Because of the increasing importance of correct reverse address mapping, for all delegated networks a good set of secondaries must be defined. There should be at least two nameservers for all networks delegated.
2. The "rev-srv" field should ONLY contain one fully qualified domain name of a nameserver which is authoritative for the reverse zone for this network.
3. If a network has or is going to have any external connectivity, it is strongly recommended that it has at least one reverse nameserver that can be reached from all of the Internet.
4. The checking and addition of the reverse zones for single networks is completely automated at the RIPE NCC. Although we do our best to check the setup of the nameservers, these does not receive the same level of scrutiny as nameservers for blocks of class C network numbers. It is the responsibility of the network contacts to ensure proper operation.
5. Any problems regarding the reverse zones in 193.in-addr.arpa should be directed to <hostmaster@ripe.net>.
The NCC also suggests that similar procedures are set up for the delegation of reverse zones for individual class C networks from the registries to individual organisations.