[dns-operations] fewer PTRs plz (Re: reverse DNS for DHCPV6 and PD's)
vixie at isc.org
Mon Jun 13 17:57:35 UTC 2011
> Date: Mon, 13 Jun 2011 19:38:52 +0200
> From: bert hubert <bert.hubert at netherlabs.nl>
> The problem is, we spent in excess of a decade educating everyone that
> not having a reverse was the mark of sloppy administration or even
> that it was suggestive of being a spammy network.
it was, when the network had fewer than five million users on it.
> That message has now percolated to board room level and I expect it to
> take at least another decade to go away again.
> So if you want your solution to be operationally attractive (to keep this
> post on-topic), it will have to have a way to deal with this.
> One way of doing this is to use an authoritative server with scripting
to the extent that an operator has board room pressure to put in PTR's for
IPv6, a scriptable authority server is one way of handling it. if DHCPv6
is in use then the same dynamic dns update method used for IPV4 would work.
a wildcard would work if the operator is willing to share one PTR value
across many customers (for example, putting these in at the /56 level to
identify a customer but not say anything specific about each /64 or /128).
the right battle is to explain that being "spammy" does not mean the same
thing in a billion-user network as it did in a million-user network, and
that it's time to reconsider PTR as a "business class only" service.
More information about the dns-operations