[dns-operations] fewer PTRs plz (Re: reverse DNS for DHCPV6 and PD's)

Roosenraad, Chris chris.roosenraad at twcable.com
Tue Jun 14 13:19:51 UTC 2011


Jason,

I'd love to, but with the various v6 security features in Windows (among other OS) will mean that unless the customer intentionally disables them, their v6 address will change on a regular basis (still within the /<whatever> we give them, but it'll change).  So I'm not sure if that'll work as an option.

So far, the only 2 solutions I've seen are the ones that Paul has already laid out here, have something that dynamically generates forward and reverse answers on the fly based on some algorithm, or a wildcard.  And given that there are > 0 services that require a PTR to be unique, I really don't see much choice beyond algorithmic solution.

That said, if someone wants to champion a new RFC that says that in v6, PTR records are ONLY for servers, I'll gladly back them up.  But as of right now, I have to assume its business as usual with regards to PTR records.  :(

--
Chris R. Roosenraad
Director, Systems/Applications
Architecture, Development & Engineering
13820 Sunrise Valley Drive
Herndon, VA  20171
+1 (703) 345 3438
chris.roosenraad at twcable.com


From: "Livingood, Jason" <Jason_Livingood at cable.comcast.com<mailto:Jason_Livingood at cable.comcast.com>>
Date: Mon, 13 Jun 2011 18:54:44 -0400
To: Chris Roosenraad <chris.roosenraad at twcable.com<mailto:chris.roosenraad at twcable.com>>, "dns-operations at mail.dns-oarc.net<mailto:dns-operations at mail.dns-oarc.net>" <dns-operations at mail.dns-oarc.net<mailto:dns-operations at mail.dns-oarc.net>>
Subject: Re: [dns-operations] fewer PTRs plz (Re: reverse DNS for DHCPV6 and PD's)


Unfortunately, there are other services beyond just SMTP that use the
presence or lack there of for a PTR to enforce access rights.  Most are
older protocols (IRC, Anonymous FTP, etc), but they're out there, and I'm
pretty sure that they'll still be out there for v6.

And while I'd love to give out nothing for a v6 PTR record except for our
systems/biz customers, I'm not sure if these services will allow me to get
away with no PTR for residential customers...

So maybe the default is no PTR for residential users, and they go to an account control panel to create one if they need it (with easy-to-find FAQs explaining this)?

Jason

________________________________
This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.



More information about the dns-operations mailing list