> On Nov 24, 2014, at 9:04 AM, Ted Lemon <[email protected]> wrote: > > On Nov 24, 2014, at 10:56 AM, Juliusz Chroboczek > <[email protected]> wrote: >> I'm a little ashamed to admit that I don't understand the purpose of >> reverse DNS. > > Reverse DNS is useful for logging, so that you can associate a name with a > host. You don't necessarily want to (and may not be able to) send a request > to the host, but the reverse tree is pretty easy to populate if everybody > does the right thing. With DNSSEC, the reverse tree also becomes a place > where you can hang keys that associate with the IP address. And, again > given that the host itself might not be entirely reachable, being able to > look up its name in the reverse tree can tell you something about it.
A nice mechanism I've seen for IPv6 that is remarkably useful along these lines
(first seen by me in looking at Comcast's DNS infrastructure):
In the lower 64 bits of the IPv6 address, encode as human-readable the IPv4
address. So, for example, if a machine's V4 address is 10.1.2.4, the IPv6
address is 2101:{...}:10:1:2:4
--
Nicholas Weaver it is a tale, told by an idiot,
[email protected] full of sound and fury,
510-666-2903 .signifying nothing
PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
