Re: Virbl: The First IPv6 enabled dnsbl?

[William Pitcock <nenolod () systeminplace net>]

On Sun, 2010-01-17 at 19:16 +0000, Andy Davidson wrote:
> On 16 Jan 2010, at 05:30, Tammy A. Wisdom wrote:
>
> > Mark Schouten <marks () bit nl> wrote:
> > > http://virbl.bit.nl/index.php#ipv6
> > > Comments on the listing method are appreciated.
> > wow bind?  thats gonna get slower and slower and slower.  I hope you have a TON of ram for that box. for example
> > if we loaded the current contents of the ahbl from rbldnsd to bind it would take up a TON of ram.   bind would take 
> > forever to load and and would be screaming for its dear life.
>
> These problems tend to have a way of solving themselves...
>
> This dnsbl is trying to get experience handling v6 data in an anti-spam environment.  We do not know how to do that 
> today - and this is a problem which only reduces with experience.  The problems of how to scale it, to me seem like a 
> smaller challenge. There are enough clever people who understand how to scale specific dns issues. :-)
>
> Good luck to the team at Virbl !

Yes we do.  We do it the same way we do it for IPv4... IP radix trees.

The main thing required is to modify rbldnsd to make heads or tails of
ipv6 dnsbl queries and build it into a prefix for looking up in the
radix tree.  The actual radix code of rbldnsd is AFAIK based on the
BSD-licensed stuff Merit put out in the day.  Pretty much everything
uses that code...

William