[dns-operations] IPv6 PTR best practice

Ray Bellis ray at isc.org
Wed May 9 21:36:58 UTC 2018


On 09/05/2018 21:56, Mark Andrews wrote:

> They are Internet SERVICE Providers and they are NOT providing
> FULL service.  Part of being on the Internet FULLY is the ability
> to NAME YOUR OWN MACHINE.  This can be done fully automatically
> without the ISP having to deploy more staff.  What say ARIN, APNIC
> and RIPE pull all the IN-ADDR.ARPA delegations for all the ISPs they
> currently do to and wait for the howls of protest.
> 
> Just because you are a home user doesn’t mean that you should not
> be able to publish the name of your machine.  That is ISPs acting
> as a CARTEL against the home user.

Respectfully Mark, as an ex-ISP guy myself, I must disagree.

For customers with static assignments it is pretty straight forward.

For home users with dynamically assigned IP addresses it's *not* as
simple as just permitting a TCP authenticated dynamic update.

You must also *automatically* erase / replace that PTR record whenever
the user gets disconnected, which at the very least means hooks into the
RADIUS and/or DHCP server on session logout, and may also require some
background reaping to cope with those cases where a user gets
disconnected without a corresponding RADIUS message (e.g. an LNS crash).

If you don't do that, the next customer that comes along on that IP
address who doesn't update their PTR will get left with the previous
users' record.

Ray




More information about the dns-operations mailing list