nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Nanog] Re: IPv6 rDNS - how will it be done?

From: Felipe Zanchet Grazziotin <felipe () starbyte net>
Date: Tue, 27 Apr 2010 23:27:47 -0300
On Tue, Apr 27, 2010 at 11:13 PM, David Conrad <drc () virtualized org> wrote:


On Apr 27, 2010, at 6:46 PM, John Levine wrote:


For spoof resistance, how about doing a forward lookup on the
purported name and only installing it if it gets a matching AAAA
record?


Sounds like a reasonable DDNS filtering approach.



On controlled environments it might work. Don't know how larger ISPs would
set AAAA records before for bazillion possible combinations of
computer.subnet.customer.isp.tld.

If going dynamic, are you willing to lower your DNS TTL to handle that?

Maybe doing wildchar evatulation for /64 subnets? "Everything under this
subnet is my-subnet.customer.isp.tld".



Regards,
-drc




Kindly,
Felipe
Previous By Date Next
Previous By Thread Next

Current thread: