[dns-operations] IPv6 PTR records

Douglas C. Stephens stephens at ameslab.gov
Fri Dec 17 16:07:12 UTC 2010


While I don't wish to start a word war on the subject, I should like to note that
there are other applications besides MTAs which provide capabilities which depend
upon the existence of PTR records, and even PTR/A matching, under IPv4, and that will
expect to be able to do so under IPv6.  A case in point is SSHd.  Many of the other
sites running SSHd to which my customers connect are using versions of SSHd which
stall and time-out if PTR records for my client-side IPs are not available.  Further,
a sizeable fraction of those other sites still use hostname-based ACL mechanisms (in
spite of the long-standing stupidity of doing so).  When these connections fail or are
extremely slow to connect, I get very growly customers.  Therefore, we intend to
roll-out matching IPv6 AAAA/PTR records.


At 09:16 AM 12/17/2010, Wayne MacLaurin wrote:
>That's an excellent question !
>
>I seem to recall a heated debate at the RIPE meeting in Rome back in November.     It would seem that most people wish PTR was never invented and it causes more grief than its worth.    A few folks seemed to be resigned to having to do PTR for MTAs and other services that have built-in requirements but most would like to see the entire concept go away
.
>
>Anybody else, who's rolling out IPv6 on a large scale, have any comments ?
>
>Wayne MacLaurin
>Executive Director, DNS-OARC
><mailto:wayne at dns-oarc.net>wayne at dns-oarc.net
>
>
>On 2010-12-17, at 10:02 AM, R.P. Aditya wrote:
>
>>I like to question my habits -- the current one: while getting ready to
>>roll out IPv6, whether to bother with PTR records at all, and if so,
>>whether to just automatically generate them (except maybe for MTAs) and
>>not bother to match the forwards (so far, I'm not convinced either way
>>and given the pace of the rollout, time can tell).
>>
>>R.P. (Adi) Aditya
>>Network Architect
>>ITSComm Network Engineering
>>University of Michigan
>>+1 (734) 330-2499
>><mailto:rpaditya at umich.edu>rpaditya at umich.edu
>
>_______________________________________________
>dns-operations mailing list
>dns-operations at lists.dns-oarc.net
>https://lists.dns-oarc.net/mailman/listinfo/dns-operations

--
Douglas C. Stephens             | Network/DNS/Unix/Windows Admin
System Support Specialist       | Email Postmaster
Information Systems             | Phone: (515) 294-6102
Ames Laboratory, US DOE         | Email: stephens at ameslab.gov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20101217/cfad38fe/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 170 bytes
Desc: not available
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20101217/cfad38fe/attachment.sig>


More information about the dns-operations mailing list