[Nanog] Re: IPv6 rDNS - how will it be done?

Stefan Schmidt zaphodb at zaphods.net
Wed Apr 28 03:53:45 CDT 2010


On 28.04.2010, at 09:31, Mark Scholten wrote:
>>
>> Hmm. A macro expansion for a /48 would mean
>> 1,208,925,819,614,629,174,706,176 leaves. An interesting stress test
>> for name servers... :-).
>
> With LUA scripting and PowerDNS you could create a reverse DNS/ 
> forward DNS
> based on the input and match it (IP or hostname). This could be really
> dynamic and with using some cache it should also be fast. Checking  
> what IPv6
> address is in use and providing them a rDNS is also an option of  
> course (but
> I think that will consume more power/bandwith/etc. on the long term).

Lua scripting is available for PowerDNS recursor only i fear,
you would want a authoritative DNS solution here and there already is  
one:
This script [1] by Wijnand Modderman is a pipe backend for PowerDNS  
Server
which will provide you with IPv6 forward and reverse entries  much  
like DJB's
walldns does for IPv4. Due to the way backends are exhausted for answers
subsequently in PowerDNS Server i can have my mysql backend provide
IN AAAA and PTR records for hosts that i want named specifically and  
then
let the pipe backend handle all the rest of my /48.

>> Slightly more seriously, there have been discussions in the past  
>> about
>> doing dynamic synthesis of v6 reverses, but that gets icky
>> (particularly if you invoke the dreaded "DNSSEC" curse) and I don't
>> know any production server that actually does this now.  Dynamic  
>> DNS is
>> probably the least offensive solution if you really want reverses for
>> your v6 nodes.
>
> As long as you don't use DNSSEC the option above is possible, but with
> DNSSEC many options will fail I think. Completely dynamic based on the
> request of a client isn't an option if you ask me (or do we  
> want .local
> addresses in the rDNS?).


DNSSEC support for PowerDNS Server is on it's way [2] and i think it  
should
integrate with most available backend types not for long, however  
whats still
missing is indeed the dynamic DNS support aka TSIG - i don't need it  
but i
happen to know there have been a few requests for DDNS support in
PowerDNS recently, so maybe that will happen too.

  Stefan

[1] http://zaphods.net/~zaphodb/pdns-ipv6-reverse-backend.py
[2] http://mailman.powerdns.com/pipermail/pdns-users/2010-April/006671.html




More information about the NANOG mailing list