Re: comcast ipv6 PTR

[Mark Andrews <marka () isc org>]

In message <20131015024711.55297.qmail () joyce lan>, "John Levine" writes:
> > Is there any reason other than email where clients might demand RDNS?
>
> There's a few other protocols that want rDNS on the servers.  IRC maybe.
>
> Doing rDNS on random hosts in IPv6 would be very hard.  Servers are
> configured with static addresses which you can put in the DNS and
> rDNS, but normal user machines do SLAAC where the low 64 bits of the
> address are quasi-random.  To get any sort of DNS you'd need for the
> routers to watch when new hosts come on line and somehow tell the
> relevant DNS servers what hosts need names.
>
> This would be a lot of work, so nobody does it.

Actually you just need to *let* the hosts update their own ptr
records using UPDATE.

People keep saying the PTR records don't mean anything yet still
demand really strong authentication for updates of PTR records.
TCP is more than a strong enough authenticator to support update
from self.

You can even delegate the reverse zone when doing or just after a PD.

* Accept NS/DNAME updates for the reverse prefix from any address
  in the delegated address range over TCP.  This avoids having a
  temporatially lame delegation.  named already has code to do this
  for /48's as I coded it to to support 6to4.

* Extend DHCPv6 to support delegations (NS or DNAME) relayed via
  the DHCP server as part of the PD.  NS records would result in a
  temporarially lame delegation until the zone is configured in the
  nameserver.

Either of these moves the UPDATE traffic from the ISP's server to the
customers servers.

Mark

> R's,
> John
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org