How do you do rDNS for IPv6 ?
Jima
nanog at jima.tk
Mon Dec 6 02:41:24 UTC 2010
On 12/5/2010 4:13 PM, John Levine wrote:
> In IPv4 land, it is standard to assign matching forward and reverse
> DNS for every live IP, and a fair number of services treat requests
> from hosts without rDNS with added scepticism. For consumer networks,
> it's often something like 12-34-56-78.adsl.incompetent.net, with the
> numbers being the IP address forward or backwards.
>
> So if every customer gets a /64, what do you do? You can use a
> wildcard to give the same rDNS to all 2^64 addresses, but you can't do
> matching forward DNS, since a DNS response with 2^64 AAAA records
> would be, ah, a little unwieldy.
I thought the same thing, actually, which is why I made my own
solution. I ended up writing a DNS server in perl (using
Net::DNS::Nameserver) that replies to reverse queries with a
reproducible PTR -- generated by encoding the IP in base32. (Or the
second half of the IP, in the case of a few "known" networks.) Forward
queries for the matching name decode the base32.
The host-specific part of the DNS is kind of long (26 characters, or
13 for known networks), but it's marginally shorter than the full IP
(which would be 32/16 characters, without separators). I'm pretty happy
with the results, but I'd love to hear if anyone's come up with more
elegant solutions.
Jima
More information about the NANOG
mailing list