v4/v6 dns thoughts?
Owen DeLong
owen at delong.com
Tue Aug 9 23:36:30 UTC 2011
On Aug 9, 2011, at 11:47 AM, Joe Pruett wrote:
> as i'm rolling v6 into my world, i'm not sure which way to go with
> reverse dns conventions. for forward i'm doing things like:
>
> foo.example.com a 1.1.1.1
> foo.example.com aaaa 1000::1.1.1.1
> foo.v4.example.com a 1.1.1.1
> foo.v6.example.com aaaa 1000::1.1.1.1
>
> so i can use a foo.v4/v6 hostname if i need to specify transit behavior.
>
> but for reverse i'm not sure if i want to map it like:
>
> 1.1.1.1.in-addr.arpa ptr foo.example.com.
> 1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.ip6.arpa
> ptr foo.example.com
>
> or:
>
> 1.1.1.1.in-addr.arpa ptr foo.v4.example.com.
> 1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.ip6.arpa
> ptr foo.v6.example.com
>
> being able to just use foo.example.com for authentication purposes
> (sendmail, nfs, etc) is nice. but also knowing when incoming is v4 or
> v6 by just looking at the dns lookup (for tools that do reverse lookup
> for you) is also nice.
>
> what are you doing? which way makes more sense to you?
>
My PTRs are all to the same host name. In any context where the protocol
actually matters, you should have other ways to detect it.
I also don't recommend doing the foo.v4/foo.v6 thing in your forwards. There's
really no advantage to do it. Most tools either have separate IPv4/IPv6 variants
or have command-line switches for address-family control if you care.
Owen
More information about the NANOG
mailing list