[dns-operations] fewer PTRs plz (Re: reverse DNS for DHCPV6 and PD's)

Paul Vixie vixie at isc.org
Mon Jun 13 17:57:35 UTC 2011

> Date: Mon, 13 Jun 2011 19:38:52 +0200
> From: bert hubert <bert.hubert at netherlabs.nl>
> The problem is, we spent in excess of a decade educating everyone that
> not having a reverse was the mark of sloppy administration or even
> that it was suggestive of being a spammy network.

it was, when the network had fewer than five million users on it.

> That message has now percolated to board room level and I expect it to
> take at least another decade to go away again.
> So if you want your solution to be operationally attractive (to keep this
> post on-topic), it will have to have a way to deal with this.
> One way of doing this is to use an authoritative server with scripting
> ability.

to the extent that an operator has board room pressure to put in PTR's for
IPv6, a scriptable authority server is one way of handling it.  if DHCPv6
is in use then the same dynamic dns update method used for IPV4 would work.

a wildcard would work if the operator is willing to share one PTR value
across many customers (for example, putting these in at the /56 level to
identify a customer but not say anything specific about each /64 or /128).

the right battle is to explain that being "spammy" does not mean the same
thing in a billion-user network as it did in a million-user network, and
that it's time to reconsider PTR as a "business class only" service.

More information about the dns-operations mailing list