Hi there,
On 10/10/18 3:43 AM, Chris wrote:
Originally I was using the pipe backend with a modified copy of
"PowerDNS-Dynamic-Reverse-Backend"
(https://github.com/endreszabo/PowerDNS-Dynamic-Reverse-Backend) but
ended up writing my own in Perl as the backend was a bit fragile and
didn't do
Hi,
On 9/10/2018 11:37 PM, endre.szabo@nanog-list-kitfvhs.redir.email wrote:
I wonder how they generate these rDNS PTR records? I was always curious,
hope someone knows.
I do it for our various IPv6 (and IPv4) allocations by using PowerDNS
with a remote backend. If there is no existing PTR re
Hey there,
On 10/10/18 10:09 AM, Marco Davids via NANOG wrote:
Op 10-10-18 om 00:42 schreef Brandon Applegate:
I’m guessing synthesized. There are a couple of dns servers out
there that can do this. An interesting one I just found:
https://all-knowing-dns.zekjur.net
Or, if you prefer DNS
Op 10-10-18 om 00:42 schreef Brandon Applegate:
I’m guessing synthesized. There are a couple of dns servers out there that can
do this. An interesting one I just found:
https://all-knowing-dns.zekjur.net
Or, if you prefer DNSSEC capable alternatives, try:
https://github.com/cmouse/pdns-v6
> On Oct 9, 2018, at 11:37 AM, endre.szabo@nanog-list-kitfvhs.redir.email wrote:
>
> Hey there,
>
> On 10/9/18 4:51 PM, Brandon Applegate wrote:
>> Wanted to give a shoutout / thank you to Spectrum for this. Just noticed
>> today my home PD now has dynamic/synthesized rDNS for IPv6.
>
> I wo
Hey there,
On 10/9/18 4:51 PM, Brandon Applegate wrote:
Wanted to give a shoutout / thank you to Spectrum for this. Just noticed today
my home PD now has dynamic/synthesized rDNS for IPv6.
I wonder how they generate these rDNS PTR records? I was always curious,
hope someone knows.
--
End
Wanted to give a shoutout / thank you to Spectrum for this. Just noticed today
my home PD now has dynamic/synthesized rDNS for IPv6.
Some of my dumb little scripts outputs are a bit happier today ! :)
--
Brandon Applegate - CCIE 10273
PGP Key fingerprint:
0641 D285 A36F 533A 73E5 2541 4920 533
>>> On 11/3/2010 at 1:10 PM, Lamar Owen wrote:
> On Tuesday, November 02, 2010 02:21:14 pm Sven Olaf Kamphuis wrote:
>> getting rid of bind has various other advantages, such as no longer
>> needing tcp to transfer "zone files" (Retarded concept to say the least)
>> so there are no more "tcp is
On Tuesday, November 02, 2010 02:21:14 pm Sven Olaf Kamphuis wrote:
> getting rid of bind has various other advantages, such as no longer
> needing tcp to transfer "zone files" (Retarded concept to say the least)
> so there are no more "tcp issues" related to anycasting your authorative
> dns se
On Tue, 02 Nov 2010 18:21:14 -, Sven Olaf Kamphuis said:
> getting rid of bind has various other advantages, such as no longer
> needing tcp to transfer "zone files" (Retarded concept to say the least)
> so there are no more "tcp issues" related to anycasting your authorative
> dns servers,
I'll note that most of the behavior you describe here is deeply
rooted in the RFC's. The concepts of zone transfers for instance
are not unique to BIND, but rather in the definition of how
interoperable DNS is supposed to work.
That said, there is clearly room for improvement, and in fact ther
In a message written on Tue, Nov 02, 2010 at 06:21:14PM +, Sven Olaf
Kamphuis wrote:
> the way bind handles things.. isn't really suitable for bigger ipv4 and it
> definately isn't suitable for ANY ipv6 network, and the whole thing with
> files being transferred.. well.. ahem... "primitive".
Saying that, I quite like the idea of dynamically providing a response
to both and PTR queries but question how safe it would be to cache
these without a robust resource-managing implementation...
quite safe.. its not dns caching... in fact, we'd put the ttl on 1 second
or something, but r
Sven Olaf Kamphuis wrote:
> would be interested in anybody other
> than IRC operators who feel they still require forward and reverse DNS
> to match,
>
> SMTP, email-2 (don't ask ;), and preferably (though not required)
> anything that has to do with /bin/login on *nix systems (as it shows the
> r
would be interested in anybody other
than IRC operators who feel they still require forward and reverse DNS
to match,
SMTP, email-2 (don't ask ;), and preferably (though not required) anything
that has to do with /bin/login on *nix systems (as it shows the reverse
dns host name in who and w and
I'm not sure there's consensus about whether forward and reverse ought
to match (how strong a "should" is that?).
that's pretty much of a "should" for IRC, and various anti-spam crap on
SMTP, furthermore, the entries should be (to a certain extend) unique
(hosted-by.provider.com resolving to ev
Lee Howard wrote:
> Since there's a thread here, I'll mention rDNS for residential users.
>
> I'm not sure there's consensus about whether forward and reverse ought
> to match (how strong a "should" is that?). I know you can't populate
> every potential record in a reverse zone, as in IPv4. You
an Aart =
> wrote:
> >>> I battled for a few hours getting IPv6 rDNS to work. The following =
> tool
> >>> proved to be quite helpful:
> >>> http://www.fpsn.net/?pg=3Dtools&tool=3Dipv6-inaddr
> >>> Just in case anyone else would run i
On Nov 1, 2010, at 4:40 PM, Mark Andrews wrote:
>
> In message ,
> Mich
> el de Nostredame writes:
>> On Fri, Oct 29, 2010 at 6:06 PM, Jeroen van Aart wrote:
>>> I battled for a few hours getting IPv6 rDNS to work. The following tool
>>> proved to be quite
On Nov 1, 2010, at 11:20 AM, Michel de Nostredame wrote:
> On Fri, Oct 29, 2010 at 6:06 PM, Jeroen van Aart wrote:
>> I battled for a few hours getting IPv6 rDNS to work. The following tool
>> proved to be quite helpful:
>> http://www.fpsn.net/?pg=tools&tool=ipv6-inad
In message , Mich
el de Nostredame writes:
> On Fri, Oct 29, 2010 at 6:06 PM, Jeroen van Aart wrote:
> > I battled for a few hours getting IPv6 rDNS to work. The following tool
> > proved to be quite helpful:
> > http://www.fpsn.net/?pg=tools&tool=ipv6-inaddr
> >
Gary E. Miller wrote:
See also sipcalc.
Thanks, I wasn't aware of the various commandline tools available yet.
Except the dig option to convert IPv6 rDNS. But the tool I mentioned
also creates a whole zone file for you based on what you entered, which
I then used to correct the zone f
On Fri, Oct 29, 2010 at 6:06 PM, Jeroen van Aart wrote:
> I battled for a few hours getting IPv6 rDNS to work. The following tool
> proved to be quite helpful:
> http://www.fpsn.net/?pg=tools&tool=ipv6-inaddr
> Just in case anyone else would run into similar probl
e
> -Original Message-
> From: Jeroen van Aart [mailto:jer...@mompl.net]
> Sent: Friday, October 29, 2010 9:07 PM
> To: NANOG list
> Subject: IPv6 rDNS
>
> I battled for a few hours getting IPv6 rDNS to work. The following tool
> proved to be quite helpful:
> http://ww
700
> From: Jeroen van Aart
> To: NANOG list
> Subject: IPv6 rDNS
>
> I battled for a few hours getting IPv6 rDNS to work. The following tool
> proved to be quite helpful:
> http://www.fpsn.net/?pg=tools&tool=ipv6-inaddr
>
> Just in case anyone else would run in
>
> But Randy, everyone has a web browser installed. Not everyone has
perl,
> python,
> cc, or such installed.
>
> :-)
apt-get install ipv6calc
ipv6calc -q --out revnibbles.arpa 2001::1
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.2.ip6.arpa
.
:-)
> But Randy, everyone has a web browser installed. Not everyone has
> perl, python, cc, or such installed.
and i thought this was an operators' list. silly me.
randy, who did see the smiley
On Sat, Oct 30, 2010, Randy Bush wrote:
> > http://www.fpsn.net/?pg=tools&tool=ipv6-inaddr
>
> windows mentality, wrap it all in a complex gui that also washes your
> car.
>
> use simple hack that just takes an ipv6 address and makes the bleeping
> reversed dotted to death lhs of the ptr record.
> http://www.fpsn.net/?pg=tools&tool=ipv6-inaddr
windows mentality, wrap it all in a complex gui that also washes your
car.
use simple hack that just takes an ipv6 address and makes the bleeping
reversed dotted to death lhs of the ptr record.
rmac.psg.com:/Users/randy> host 2001:418:1::61
Host
In message <4ccb6f98.6090...@mompl.net>, Jeroen van Aart writes:
> I battled for a few hours getting IPv6 rDNS to work. The following tool
> proved to be quite helpful:
> http://www.fpsn.net/?pg=tools&tool=ipv6-inaddr
>
> Just in case anyone else would run into simi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Jeroen!
On Fri, 29 Oct 2010, Jeroen van Aart wrote:
> I battled for a few hours getting IPv6 rDNS to work.
See also sipcalc.
# sipcalc -r 2001:470:b:4a:230:48ff:fe35:d1bc
- -[ipv6 : 2001:470:b:4a:230:48ff:fe35:d1bc] - 0
[IPV6 DNS]
Reverse
Yes, you need to be able to spell Hex backward ;)
- Original Message -
From: "Jeroen van Aart"
To: "NANOG list"
Sent: Saturday, 30 October, 2010 2:06:32 PM
Subject: IPv6 rDNS
I battled for a few hours getting IPv6 rDNS to work. The following tool
proved to be
I battled for a few hours getting IPv6 rDNS to work. The following tool
proved to be quite helpful:
http://www.fpsn.net/?pg=tools&tool=ipv6-inaddr
Just in case anyone else would run into similar problems. It's not as
straightforward as IPv4 rDNS.
Greetings,
Jeroen
--
http://gol
On 4/28/2010 02:29, Tony Finch wrote:
> Bloom filters work that way.
I charge the time to order, index, hash the key space so that can work.
I don't know what a fair distribution of that cost would be.
> Tony (on his iPod).
Larry on his.oh, who cares?
--
Somebody should have said:
A demo
David Conrad wrote:
While better than 1 septillion zone entries, you still have the problem of how
to let the clients add the records. DDNS is one approach. Manual intervention
(e.g., as part of a customer provisioning system) is another as long as you
don't use privacy extensions.
Realtim
thing similar would be useful in this IPv6 rDNS scenario too. Does
anyone of you know if there's any chance to direct a zone to a script
instead of to a file?
Yes, just look at what i just posted and at
http://doc.powerdns.com/pipebackend-dynamic-resolution.html
http://doc.powerdns.com/backends-d
Hi!
In some internal DNS applications, I've missed the so useful pipe feature of
the sendmail alias (user: | /script), I mean, being able to forward a DNS
request to a script that returns the resolution response. Maybe
something similar would be useful in this IPv6 rDNS scenario too. Does
a
On 28.04.2010, at 09:31, Mark Scholten wrote:
Hmm. A macro expansion for a /48 would mean
1,208,925,819,614,629,174,706,176 leaves. An interesting stress test
for name servers... :-).
With LUA scripting and PowerDNS you could create a reverse DNS/
forward DNS
based on the input and match it
> -Original Message-
> From: David Conrad [mailto:d...@virtualized.org]
> Sent: Wednesday, April 28, 2010 3:01 AM
> To: Jason 'XenoPhage' Frisvold
> Cc: nanog@nanog.org
> Subject: Re: [Nanog] Re: IPv6 rDNS - how will it be done?
>
> On Apr 27,
Bloom filters work that way.
Tony (on his iPod).
--
f.anthony.n.finchhttp://dotat.at/
On 28 Apr 2010, at 02:19, Larry Sheldon wrote:
(A human brain can respond "I don't know that" without an inventory of
everything it does know.)
(That may be to only truly unique thing about humans. An
On Tue, Apr 27, 2010 at 7:58 PM, Jason 'XenoPhage' Frisvold
wrote:
> On Apr 27, 2010, at 8:50 PM, Richard Barnes wrote:
>...However, I was under the impression that having both forward and reverse
>for >dynamic IPs was a best practice..
Perhaps we should back up a bit and delete 'how' from the s
On Tue, Apr 27, 2010 at 11:13 PM, David Conrad wrote:
> On Apr 27, 2010, at 6:46 PM, John Levine wrote:
>
> > For spoof resistance, how about doing a forward lookup on the
> > purported name and only installing it if it gets a matching
> > record?
>
> Sounds like a reasonable DDNS filtering
On Apr 27, 2010, at 6:46 PM, John Levine wrote:
>> Hmm. A macro expansion for a /48 would mean
>> 1,208,925,819,614,629,174,706,176 leaves. An interesting stress test
>> for name servers... :-).
> My inclination would be to use a wildcard that returns something like
> not-in-service.some-network.n
>Hmm. A macro expansion for a /48 would mean
>1,208,925,819,614,629,174,706,176 leaves. An interesting stress test
>for name servers... :-).
My inclination would be to use a wildcard that returns something like
not-in-service.some-network.net, and let the clients add records for
the addresses they
On 2010.04.27 21:00, David Conrad wrote:
> On Apr 27, 2010, at 5:47 PM, Jason 'XenoPhage' Frisvold wrote:
>> On Apr 27, 2010, at 8:42 PM, Mark Andrews wrote:
>>> Windows will just populate the reverse zone as needed, if you let
>>> it, using dynamic update. If you have properly deployed BCP 39
>>>
On 4/27/2010 20:28, Larry Sheldon wrote:
> On 4/27/2010 20:25, Richard Barnes wrote:
>>
>>
>>
>> Interesting theory, but seems kind of wrong. Wouldn't the time to
>> look up or fail be tied to the complexity of how the key space is
>> populated? In any case, it seems like the time to succeed or
In message <268ebce2-9d47-488e-8223-29b5a6323...@godshell.com>, "Jason
'XenoPhage' Frisvold" wri
tes:
> On Apr 27, 2010, at 8:42 PM, Mark Andrews wrote:
> > Windows will just populate the reverse zone as needed, if you let
> > it, using dynamic update. If you have properly deployed BCP 39
> > an
On 4/27/2010 20:25, Richard Barnes wrote:
>
>
>
> Interesting theory, but seems kind of wrong. Wouldn't the time to
> look up or fail be tied to the complexity of how the key space is
> populated? In any case, it seems like the time to succeed or fail
> will usually be about the same, since yo
Presumably, if you've already got a script that's provisioning reverse
results, you could amend it to add name constraints. No idea if this
is possible with current DynDNS software, though.
--Richard
On Tue, Apr 27, 2010 at 9:10 PM, Jason 'XenoPhage' Frisvold
wrote:
> On Apr 27, 2010, at 9:00
On Apr 27, 2010, at 6:10 PM, Jason 'XenoPhage' Frisvold wrote:
> How about a programmatic expansion? Only create the necessary record when
> asked for it.
The downsides I know of (off the top of my head) with dynamic synthesis are (a)
challenges if you want DNSSEC and (b) increased susceptibili
Interesting theory, but seems kind of wrong. Wouldn't the time to
look up or fail be tied to the complexity of how the key space is
populated? In any case, it seems like the time to succeed or fail
will usually be about the same, since you'll try to access the value
for a key and either find s
On 4/27/2010 19:50, Richard Barnes wrote:
> Naïve question: If you used macro expansion, wouldn't you end up
> providing responses for a lot of addresses that aren't in use? Maybe
> that's not a problem?
If you get a request, you will have to respond in any case.
I have a theory about data-base
On Apr 27, 2010, at 9:00 PM, David Conrad wrote:
> Hmm. A macro expansion for a /48 would mean 1,208,925,819,614,629,174,706,176
> leaves. An interesting stress test for name servers... :-).
Um.. sure. :) Your computer can't handle that?
How about a programmatic expansion? Only create the nec
On Apr 27, 2010, at 5:47 PM, Jason 'XenoPhage' Frisvold wrote:
> On Apr 27, 2010, at 8:42 PM, Mark Andrews wrote:
>> Windows will just populate the reverse zone as needed, if you let
>> it, using dynamic update. If you have properly deployed BCP 39
>> and have anti-spoofing ingres filtering then y
On Apr 27, 2010, at 8:50 PM, Richard Barnes wrote:
> Naïve question: If you used macro expansion, wouldn't you end up
> providing responses for a lot of addresses that aren't in use? Maybe
> that's not a problem?
Presumably the op would only use macros where needed, ie dynamically assigned
addre
Naïve question: If you used macro expansion, wouldn't you end up
providing responses for a lot of addresses that aren't in use? Maybe
that's not a problem?
On Tue, Apr 27, 2010 at 8:47 PM, Jason 'XenoPhage' Frisvold
wrote:
> On Apr 27, 2010, at 8:42 PM, Mark Andrews wrote:
>> Windows will just
On Apr 27, 2010, at 8:42 PM, Mark Andrews wrote:
> Windows will just populate the reverse zone as needed, if you let
> it, using dynamic update. If you have properly deployed BCP 39
> and have anti-spoofing ingres filtering then you can just let any
> address from the /48 add/remove PTR records.
In message ,
Felipe Zanchet Grazziotin writes:
> Hi list,
>
> this is my first post, so be nice. :)
>
> Wondering about IPv6 deployments to end-users, imagine we deploy a full /48
> address to each client.
> How is the reverse DNS for each possible IPv6 address going to be?
>
> Nowadays I'm us
Hi list,
this is my first post, so be nice. :)
Wondering about IPv6 deployments to end-users, imagine we deploy a full /48
address to each client.
How is the reverse DNS for each possible IPv6 address going to be?
Nowadays I'm used to do IPv4 reverse using old Class C, which has (up to)
256 entr
59 matches
Mail list logo
