[dns-operations] You live in a dump, Quoyle!
Mark Delany
b9w at charlie.emu.st
Mon Feb 14 08:14:46 UTC 2022
On 13Feb22, Fred Morris allegedly wrote:
> Hi Mark, can you expand on this?
>
> On Sun, 13 Feb 2022, Mark Delany wrote:
> > [...]
> > configless ipv6 reverse answers
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>
> It occurs to me I haven't posted about it here, but here's a sputnik which
> uses Dnstap telemetry to populate an RPZ with PTR records (i.e. works with
> BIND); works with IPv6.
>
> https://github.com/m3047/rear_view_rpz
I do not completely understand what's going on here, but it *looks* like you're populating
the local cache with reverse entries for remote addresses and that those reverse entries
are synthesized from A/AAAA queries discovered via dnstap.
At least that would explain why:
dig @127.0.0.1 -x 23.185.0.3
works in the example when 23.185.0.3 has nothing to do with your network.
Interesting but quite a different problem from the one I'm trying to solve which is to
make it trivially easy to auto-serve reverse answers and automagically satisfy reverse,
forward, reverse comparisons for your own networks.
This is particularly relevant to ipv6 now that many home-gamers are getting into ipv6 and
have the ability to nominate a reverse server - leastwise with the better ISPs. So mostly
the project is an ipv6 booster effort :-)
Rather than clog the list further, if you care, you can read the gories at
https://github.com/markdingo/autoreverse
Mark.
More information about the dns-operations
mailing list