Can I setup the PTR records of reverse DNS with different IPs?

Question

I am very new into the Linux world. I'm trying to configure 3 Authoritative-Only DNS servers. I got everything set up, except for the zone of in-addr.arpa. I have the following servers with the respective public IP (I'm using random numbers):

www - Webserver           - 123.45.678.90    
ns1 - Master DNS Server   - 123.45.678.91    
ns2 - Slave DNS Server #1 - 15.143.21.897    
ns3 - Slave DNS Server #2 - 130.112.29.143

How can I configure the Reverse DNS when the Slave's IP are not within the same network or range? I have been reading lots of articles about DNS with Bind9 but I still don't get it how can I make it work.

Both the Webserver and Master DNS Server are with the same Cloud Compute Provider, one Slave is with Google Cloud Compute and the last one is with Amazon Web Services EC2 instance.

I understand the first two PTR records, but how can the 678.45.123.in-addr.arpa zone be set up?

90     IN     PTR      123.45.678.90     www.mydomainexample.com
91     IN     PTR      123.45.678.90     ns1.mydomainexample.com
?      IN     PTR            ?           ns2.mydomainexample.com
?      IN     PTR            ?           ns3.mydomainexample.com

Answer 1

First, I'd like you to take a step back. Everyone is new at some point, but setting up authoritative DNS servers is not something that you should be attempting as an early system administration task. A great deal of your learning will come from making mistakes, and making mistakes with authoritative DNS puts your network in jeopardy.

With the above in mind, I'm going to first steer you toward this question:
Should we host our own nameservers?

Read the linked Q&A. Think on it. Read it again, and think on it some more. If you've decided against hosting your own nameservers, good on you. If someone at your workplace is insisting that you need to do this, tell them that they're wrong and that it's too soon for you to own the liability for entire domains ceasing to function. If you still want to continue at this point, so be it, but don't say I didn't warn you.

---

To answer your actual question, you're operating off of a misunderstanding: just because those nameservers are on a network does not mean that they are allowed to "control" reverse DNS for devices on that network. This question helps to explain that whoever allocated those IP addresses to you is the one who controls the reverse DNS. Your nameservers do not control reverse DNS for public IP addresses unless the owner of your network delegates control to your nameservers. The nameservers do not need to be on the same network as the reverse DNS records that they are managing.

If you wish to manage the reverse DNS yourself, you will need to talk with them and see if they are willing to delegate control of the reverse DNS records to you. If they aren't, then you will need to ask them how you can request changes be made to the reverse DNS records associated with IP addresses that you own.

(I'm assuming that you were asking how to manage reverse DNS for public IP addresses. If you're trying to manage private IPs, that gets slightly more complicated. Let me know in the comments if that is the case, but please try to take to heart the advice I'm offering at the start of this answer.)