On Dec 5, 2010, at 2:13 PM, John Levine wrote: > I've been pondering IPv6 setups, and I don't understand how IPv6 rDNS > is supposed to work. It's clear enough how you look up any particular > address, but it's not at all clear to me what you put into an rDNS > zone and how you put it there. > Pretty much the same thing you put into an IPv4 zone... PTR records.
For example: owen.delong.com. IN AAAA 2620:0:930::200:2 2.0.0.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.9.0.0.0.0.0.0.2.6.2.ip6.arpa. IN PTR owen.delong.com. > In IPv4 land, it is standard to assign matching forward and reverse > DNS for every live IP, and a fair number of services treat requests > from hosts without rDNS with added scepticism. For consumer networks, > it's often something like 12-34-56-78.adsl.incompetent.net, with the > numbers being the IP address forward or backwards. > Ah, so you're not talking about assigning to live hosts, your talking about the unfortunate habit of assigning to every possible host. Yeah, that trick doesn't work in IPv6. > So if every customer gets a /64, what do you do? You can use a > wildcard to give the same rDNS to all 2^64 addresses, but you can't do > matching forward DNS, since a DNS response with 2^64 AAAA records > would be, ah, a little unwieldy. > First, customers should be getting more than a /64. A /64 should be a single subnet and customers should, ideally, be getting a /48 for each end site. In general, for the most part, the services that treat missing rDNS with additional skepticism also treat rDNS entries like 12-34-56-78.adsl.incompetent.net with that same or greater skepticism, so, I wouldn't worry too much about it. For hosts where it does matter, you've got to create an AAAA record somehow (just like you needed to create an A record somehow), so, you should be able to use that same process to generate the AAAA and PTR records. > When hosts self-configure their low 64 bits, do you install a suitable > PTR and AAAA into your DNS? If so, how? Do you use DHCPv6 and have it > install the DNS? Do you do something else? > If you care, you probably need to use DHCPv6 for this and it should be able to build both the AAAA and PTR records. Owen
