nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: comcast ipv6 PTR

From: Bjørn Mork <bjorn () mork no>
Date: Tue, 15 Oct 2013 16:57:04 +0200
Mark Andrews <marka () isc org> writes:


Actually you just need to *let* the hosts update their own ptr
records using UPDATE.

People keep saying the PTR records don't mean anything yet still
demand really strong authentication for updates of PTR records.
TCP is more than a strong enough authenticator to support update
from self.

You can even delegate the reverse zone when doing or just after a PD.

* Accept NS/DNAME updates for the reverse prefix from any address
  in the delegated address range over TCP.  This avoids having a
  temporatially lame delegation.  named already has code to do this
  for /48's as I coded it to to support 6to4.


This sounded like an excellent idea at first, but then I started
thinking:  As a home user, would I really want to give anyone with
access to my network the right to change my reverse delegation?

I don't think so.  I am not even sure I would want them all to be able
to update the PTR record for the addresses they use.



Bjørn
Previous By Date Next
Previous By Thread Next

Current thread: