[Nanog] Re: IPv6 rDNS - how will it be done?
Richard Barnes
richard.barnes at gmail.com
Wed Apr 28 01:27:16 UTC 2010
Presumably, if you've already got a script that's provisioning reverse
results, you could amend it to add name constraints. No idea if this
is possible with current DynDNS software, though.
--Richard
On Tue, Apr 27, 2010 at 9:10 PM, Jason 'XenoPhage' Frisvold
<xenophage at godshell.com> wrote:
> On Apr 27, 2010, at 9:00 PM, David Conrad wrote:
>> Hmm. A macro expansion for a /48 would mean 1,208,925,819,614,629,174,706,176 leaves. An interesting stress test for name servers... :-).
>
> Um.. sure. :) Your computer can't handle that?
>
> How about a programmatic expansion? Only create the necessary record when asked for it.
>
>> Slightly more seriously, there have been discussions in the past about doing dynamic synthesis of v6 reverses, but that gets icky (particularly if you invoke the dreaded "DNSSEC" curse) and I don't know any production server that actually does this now. Dynamic DNS is probably the least offensive solution if you really want reverses for your v6 nodes.
>
> DNSSEC does seem to throw the proverbial wrench in the works.. At least, from what I understand.. I'm still not sold on DNSSEC and that, partly, has to do with a lack of knowledge..
>
> If you allow a client to set their own reverse, don't you run into issues where the client can spoof their identity? ie, set their reverse to whitehouse.gov or bankofamerica.com ? Or is it possible to configure DDNS in such a way as to only allow subdomain names where the domain is tacked on automagically?
>
>> Regards,
>> -drc
>
> ---------------------------
> Jason 'XenoPhage' Frisvold
> xenophage at godshell.com
> ---------------------------
> "Any sufficiently advanced magic is indistinguishable from technology."
> - Niven's Inverse of Clarke's Third Law
>
>
>
>
>
More information about the NANOG
mailing list