[Nanog] Re: IPv6 rDNS - how will it be done?

• Previous message (by thread): [Nanog] Re: IPv6 rDNS - how will it be done?
• Next message (by thread): [Nanog] Re: IPv6 rDNS - how will it be done?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Apr 27, 2010, at 9:00 PM, David Conrad wrote:
> Hmm. A macro expansion for a /48 would mean 1,208,925,819,614,629,174,706,176 leaves. An interesting stress test for name servers... :-).

Um.. sure.  :)  Your computer can't handle that?

How about a programmatic expansion?  Only create the necessary record when asked for it.

> Slightly more seriously, there have been discussions in the past about doing dynamic synthesis of v6 reverses, but that gets icky (particularly if you invoke the dreaded "DNSSEC" curse) and I don't know any production server that actually does this now.  Dynamic DNS is probably the least offensive solution if you really want reverses for your v6 nodes.

DNSSEC does seem to throw the proverbial wrench in the works..  At least, from what I understand..  I'm still not sold on DNSSEC and that, partly, has to do with a lack of knowledge..

If you allow a client to set their own reverse, don't you run into issues where the client can spoof their identity?  ie, set their reverse to whitehouse.gov or bankofamerica.com ?  Or is it possible to configure DDNS in such a way as to only allow subdomain names where the domain is tacked on automagically?

> Regards,
> -drc

---------------------------
Jason 'XenoPhage' Frisvold
xenophage at godshell.com
---------------------------
"Any sufficiently advanced magic is indistinguishable from technology."
- Niven's Inverse of Clarke's Third Law

• Previous message (by thread): [Nanog] Re: IPv6 rDNS - how will it be done?
• Next message (by thread): [Nanog] Re: IPv6 rDNS - how will it be done?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]