Reverse DNS for IPv6 client networks
jeroen at unfix.org
Tue Sep 14 07:38:35 CDT 2010
On 2010-09-14 14:27, Elmar K. Bins wrote:
> Hi guys,
> I am looking for operational experience here.
> We have just turned up IPv6 in our "guest wireless", by way of using RA
> for address distribution and DHCPv6 for the DNS server address (stupid, yup).
Unfortunately not a lot of gear understands RFC5006 yet. One can opt
though to just use DHCPv4 for DNS/IPv4 and RA for the IPv6 address, that
is how most setups work; you don't get DNS over IPv6, but who truly
cares about that? IPv4 works fine too.
> Apart from the dhcp6 part seemingly not working on Juniper ISGs (or maybe it's
> my windows *and* that Ubuntu), I now see IPv6 addresses instead of names.
> I as a networking droid have not much quarrel with that, but I am interested
> in how or whether at all others handle this.
> Are you creating DNS entries somehow (reverse and, ultimately, forward),
> are you using BIND "generate" statements, are you using wildcards...or
> are you just ignoring this for the "dynamic boxes"?
It all depends on the environment and why one would want to enabled
reverse DNS. Do 'guests' really need reverse DNS, and if so, how would
you control what those gets get in there?
Instead of handpicking names or letting people insert data into your DNS
servers, some people are deploying PowerDNS with custom backends for
this that either convert the IPv6 address into a 128bit hex number,
optionally stripping the first 64 bits and replacing that with 'autogen'
or 'wlan-' or similar. Something else that I have seen is that the
backend randomly picks a name from a dictionary and then assigns that
'statically' to that address.
I personally only put hosts in reverse DNS that re-appear more than once.
More information about the NANOG