In message <20130110053429.55493.qm...@joyce.lan>, "John Levine" writes: > >No point. address -> name -> address doesn't work with wildcards. > > > >> (Still an IPv6 implementation virgin, just curious :) ) > > If you want to do generic IPv6 rDNS for all your hosts, you're > stuck with a variety of less than great possibilities. > > One is a stunt rDNS server that synthesizes the records on demand. > (Bonus points for doing DNSSEC, too. Double bonus points for doing > NSEC3.)
NSEC3 is a waste of time in ip6.arpa or any similarly structured zone so -1000000 for doing NEC3 and effectively doing a DoS attack against yourself and the client resolvers. > Another is instrumenting the routers so that when they notice > a new host on their network, they somehow send an update to the DNS > servers to install rDNS for that host. > > If I had to guess, I would say that we'll eventually agree than on > IPv6 networks, mail servers and other hosts who have reputations that > matter will have fixed addresses assigned statically or via DHCP and > rDNS, random client hosts won't. Teeth will gnash at how this makes > some hosts second class and it violates the end to end principle, but > tough noogies. > > R's, > John -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
