[dns-operations] Reverse DNSSEC--delegating to a child

McGhee, Karen (Evolver) Karen.Mcghee at USPTO.GOV
Mon Jul 23 21:44:53 UTC 2012

I am about to implement reverse dnssec.  I'm authoritative for zone 207.151.in-addr.arpa, and I delegate two /24s to a child server on etc.uspto.gov like so:

$TTL 7200
@       IN      SOA     dns1.uspto.gov. nmb.uspto.gov. (
                2012072100      ; serial number yyyy/mm/dd/## format
                10800           ; refresh after 3 hours
                3600            ; retry after 1 hour
                604800          ; expire after 1 week
                86400   )       ; minimum TTL of 1 day

        IN      NS      dns1.uspto.gov.
        IN      NS      dns2.uspto.gov.

252     86400   IN      NS      etc-dns1.etc.uspto.gov.
254     86400   IN      NS      etc-dns1.etc.uspto.gov.

On my child, must I create two separate zone files:  252.207.151.in-addr.arpa and 254.207.151.in-addr.arpa?  Or can I have the same zone 207.151.in-addr.arpa as on the parent?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20120723/ef0a3f13/attachment.html>

More information about the dns-operations mailing list