From owner-freebsd-isp@FreeBSD.ORG Wed Apr 29 11:01:33 2009 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C48621065674 for ; Wed, 29 Apr 2009 11:01:33 +0000 (UTC) (envelope-from vince@unsane.co.uk) Received: from unsane.co.uk (unsane-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:110::2]) by mx1.freebsd.org (Postfix) with ESMTP id 0AFE28FC31 for ; Wed, 29 Apr 2009 11:01:32 +0000 (UTC) (envelope-from vince@unsane.co.uk) Received: from vhoffman.lon.namesco.net (150.117-84-212.staticip.namesco.net [212.84.117.150]) (authenticated bits=0) by unsane.co.uk (8.14.3/8.14.0) with ESMTP id n3TB2bA8060740 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Wed, 29 Apr 2009 12:02:39 +0100 (BST) (envelope-from vince@unsane.co.uk) Message-ID: <49F83388.80305@unsane.co.uk> Date: Wed, 29 Apr 2009 12:01:28 +0100 From: Vincent Hoffman User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-GB; rv:1.9.1b3pre) Gecko/20081204 Thunderbird/3.0b1 MIME-Version: 1.0 To: Michael DeMan References: <49E3D793.2090008@staff.openaccess.org> <20090429062827.GB60404@tintin.sicfa.net> <49F82AC6.2070305@staff.openaccess.org> In-Reply-To: <49F82AC6.2070305@staff.openaccess.org> X-Enigmail-Version: 0.96a Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org, Geoffroy RIVAT Subject: Re: providing web based DNS management to customers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Apr 2009 11:01:34 -0000 On 29/4/09 11:24, Michael DeMan wrote: > Hi, seems close but I'm not sure if it hits the target. > > What I need is the ability for customers to be able to login and > update entries within a zone. More specifically, the ability to allow > customers to update their -in-addr.arpa reverses based on us > allocating them things like /29.s > > I may be crusty here too, but to the best of my knowledge, it is > impossible break below /24 at the 'zone' level in reverse DNS. Or at > least the tools we use do not allow that. > Its possible but a bit of a hack, RFC2317 shows how to do it, basicly CNAME the initial reverse record, then in the domain its pointed to by the cname setup a PTR record. It potentially could solve your problem but would take some setup time. (you have to setup the initial cname, then the customer can have control of the (sub)domain its pointed to and can change the ptr at will.) We used it a fair bit at a previous job to delegate CIDR networks < /24 to customer nameservers. Vince > Hence the problem. > > Given a typical /24, which is easy to manage, I need a tool that > allows customers to to have maybe a single IP that they can update to > 'mail.theircompany.com', or in other cases, folks that have a /29 or > bigger that want 'mail.theircompany.com', 'vpn.parentcompany.com', > 'somethingelse.someotherdomain.com', etc. > > I guess what I am for is a kludge, to make DNS map to CIDR, but also a > way that it could be done in a user friendly way. > > > > Geoffroy RIVAT wrote: >> Hi Michael, >> >> Michael DeMan (OA) wrote: >> >>> Hi All, >>> >>> What are folks doing for providing web based DNS management to >>> customers? >>> >>> I've looked at a lot of open source products over time, but never >>> found one that was enough to say "Thats it, lets integrate it!". >>> >>> It always seems that the tricky part is reverse DNS. PowerDNS and >>> other tools (at least a few years ago) offered reasonable support >>> for forward DNS management on a per-user basis, but not reverse, or >>> at least not reverse in the sense that we only want customers to be >>> able to modify the reverse DNS of say a single IP, or a subnet, etc. >>> >> >> for this I'm using powerdns + poweradmin (but you can use another >> system) >> >> for only 1 IP i do 1.0.168.192.in-addr.arpa IN CNAME >> reverse.custdomain.tld >> >> and reverse.custdomain.tld IN PTR coolreverse.domain.tld. >> >> for a subnet : >> >> 1.0.168.192.in-addr.arpa IN CNAME 1.reverse.custdomain.tld >> 2.0.168.192.in-addr.arpa IN CNAME 2.reverse.custdomain.tld >> 3.0.168.192.in-addr.arpa IN CNAME 3.reverse.custdomain.tld >> >> it's explained in an rfc but I can't remember the numbre. >> >> Regards, >> >> Geo >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >> >> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"