RE: Question about dynamic IPv6-PTR-Generation

> > >A very popular option is to only create or delegate IPv6 PTR entries > >for hosts with static address assignments, and to return NXDOMAIN for > >address space used for dynamic address assignments. > > I talk to a lot of large providers at M3AAWG and that's the consensus > about what to do.

rndc on local host: need named running?

My plan is to have two remote, authoritative name servers (master and slave) for my owned domains. I would like to use rndc to control them from my local host. A couple of questions: 1. Does named need to be running on the local host? 2. Can I use rndc from my local host which doesn't have a

Allowable reverse mapping zone file names

I do not control 3-octet networks but need reverse mapping for my mail server. Two questions: 1. Where is the doc that completely describes the allowable reverse mapping zone file names? 2. When running my own authoritative name servers, do I need reverse mapping for anything other than my

Re: Question about dynamic IPv6-PTR-Generation

> > We're still in the early phases of IPv6. If sufficient ISPs drop PTR > > for dynamic IPv6 addresses, email providers and others who base some > > sort of "reputation" on IPv4 PTRs today will simply have to adapt. > > > Steinar, > > I think this is bigger than anti-spam logic. Simply put:

Re: Question about dynamic IPv6-PTR-Generation

> > >A very popular option is to only create or delegate IPv6 PTR entries > > >for hosts with static address assignments, and to return NXDOMAIN for > > >address space used for dynamic address assignments. > > > > I talk to a lot of large providers at M3AAWG and that's the consensus > > about what

RE: Question about dynamic IPv6-PTR-Generation

> > Simply pretending a shark doesn't exist offers very little in shark > > protection. While I understand this school of thought I don't believe > > it will solve the problem or remove the need. > > We're still in the early phases of IPv6. If sufficient ISPs drop PTR > for dynamic IPv6

RE: Question about dynamic IPv6-PTR-Generation

> I'll let the market decide. For now, such a requirement isn't even > a blip on the horizon as far as I can see. Understood. I guess we all have our own perspective and priorities. There are, however, several popular commercial DNS vendors I know first hand which are offering their own

RE: Question about dynamic IPv6-PTR-Generation

Just curious, is there a fundamental reason you have to oppose this beyond simply the scale? It's a cargo cult style extension of a not particularly useful IPv4 convention to IPv6. A much more useful convention that happens to be easier to implement is that hosts with static addresses have

Re: Allowable reverse mapping zone file names

On Saturday, August 27, 2016, /dev/rob0 wrote: > On Sat, Aug 27, 2016 at 10:47:36AM -0500, Tom Browder wrote: > > I do not control 3-octet networks but need reverse mapping for my > > mail server. > > Discuss that with your ISP or netblock owner. ... Thanks for the good advice,

Re: rndc on local host: need named running?

On Saturday, August 27, 2016, Warren Kumari wrote: > On Saturday, August 27, 2016, Tom Browder > wrote: > >> My plan is to have two remote, authoritative name servers (master and >> slave) for my

RE: Question about dynamic IPv6-PTR-Generation

> > Just curious, is there a fundamental reason you have to oppose this > > beyond simply the scale? > > It's a cargo cult style extension of a not particularly useful IPv4 > convention to IPv6. A much more useful convention that happens to > be easier to implement is that hosts with static

Re: rndc on local host: need named running?

On Saturday, August 27, 2016, Tom Browder wrote: > My plan is to have two remote, authoritative name servers (master and > slave) for my owned domains. I would like to use rndc to control them from > my local host. > > A couple of questions: > > 1. Does named need to be

Re: Forwarding via different external networks

On Sat, Aug 27, 2016 at 02:32:42PM -0400, Paul Kosinski wrote: > Currently, I forward all outbound DNS via the DSL to the ISP's > DNS servers. (I have more confidence in the DSL provider not > interfering with DNS than in Comcast.) FWIW, it has been many years since I have dealt with Comcast as

Re: Question about dynamic IPv6-PTR-Generation

>beginning of DNS. It allows address space to be "tagged" and >organized in a manner that just makes sense. We'll have to agree to violently disagree at this point. R's, John ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to

Re: Question about dynamic IPv6-PTR-Generation

PS: >I understand rwhois exists but it is much more complicated to manage >than DNS and for the most part is only used at the RIR level for >reverse IP namespace. This would probably be a good time to read up on RDAP. R's, John ___ Please visit

Re: Question about dynamic IPv6-PTR-Generation

>It is true at first glance the regex-esque syntax in our I-D may seem a >bit complex but I don't believe anywhere near the complexity of NAPTR None of the complexity of NAPTR is in the DNS or the DNS servers; it's all in the applications that use NAPTR. For DNS servers, NAPTR is just a record

Forwarding via different external networks

I have a rather unusual network with a gateway machine that connects to two ISPs: a slower DSL with a static IP and a faster cable (Comcast) with a DHCP IP. The gateway machine runs two instances of BIND (plus the usual firewalling): an authoritative one for a couple of domains (and only those

Re: Question about dynamic IPv6-PTR-Generation

John R. Levine wrote: > > Just curious, is there a fundamental reason you have to oppose this > > beyond simply the scale? > > It's a cargo cult style extension of a not particularly useful IPv4 > convention to IPv6. A much more useful convention that happens to be easier > to implement is that

Re: Question about dynamic IPv6-PTR-Generation

>Though, if you want to participate in the cargo cult of generic PTRs, >you don't need the complexity of draft-woodworth-bulk-rr's regex-driven >templates in your nameserver. Knot DNS's "minimal viable product" >implementation is ~300 SLOC and uses a hardcoded template. Having looked at the

Re: Question about dynamic IPv6-PTR-Generation

Woodworth, John R wrote: > I respectfully disagree. I, although naturally biased, feel > strongly our I-D is something which should have existed since the > beginning of DNS. It allows address space to be "tagged" and > organized in a manner that just makes sense. > > Imagine if you will a

Re: Allowable reverse mapping zone file names

On Sat, Aug 27, 2016 at 10:47:36AM -0500, Tom Browder wrote: > I do not control 3-octet networks but need reverse mapping for my > mail server. Discuss that with your ISP or netblock owner. > Two questions: > > 1. Where is the doc that completely describes the allowable reverse > mapping zone

RE: Question about dynamic IPv6-PTR-Generation

> John R. Levine wrote: > > > Just curious, is there a fundamental reason you have to oppose this > > > beyond simply the scale? > > > > It's a cargo cult style extension of a not particularly useful IPv4 > > convention to IPv6. A much more useful convention that happens to be > > easier to

Re: Question about dynamic IPv6-PTR-Generation

John Levine wrote: > >It is true at first glance the regex-esque syntax in our I-D may seem a > >bit complex but I don't believe anywhere near the complexity of NAPTR > > None of the complexity of NAPTR is in the DNS or the DNS servers; it's > all in the applications that use NAPTR. For DNS

RE: Question about dynamic IPv6-PTR-Generation

> John Levine wrote: > > >It is true at first glance the regex-esque syntax in our I-D may seem > > >a bit complex but I don't believe anywhere near the complexity of > > >NAPTR > > > > None of the complexity of NAPTR is in the DNS or the DNS servers; it's > > all in the applications that use

RE: Question about dynamic IPv6-PTR-Generation

Apologies for the double post, I was not finished with edits in my previous post: > John Levine wrote: > > >It is true at first glance the regex-esque syntax in our I-D may seem > > >a bit complex but I don't believe anywhere near the complexity of > > >NAPTR > > > > None of the complexity of

Re: rndc on local host: need named running?

On Saturday, August 27, 2016, Lyle wrote: > On 08/27/16 10:54, Tom Browder wrote: > > https://calomel.org/dynamic_dns_ddns.htmlMy plan is to have two > > 2. Can I use rndc from my local host which doesn't have a fixed ip address? > > ... > Let me Google that for you and

Re: rndc on local host: need named running?

Use any in the allow stanza. On 08/27/16 19:54, Tom Browder wrote: On Saturday, August 27, 2016, Lyle > wrote: On 08/27/16 10:54, Tom Browder wrote: https://calomel.org/dynamic_dns_ddns.htmlMy plan is to have two 2. Can I use

Re: Allowable reverse mapping zone file names

File names? The file name is up to you. How you reference it in your DNS server is something else. That depends on your name server software. As far as question 2, depends on if the reverse zones were delegated to you or not. It depends on your ISP. Many do not delegate reverse lookup

Re: rndc on local host: need named running?

On 08/27/16 10:54, Tom Browder wrote: My plan is to have two remote, authoritative name servers (master and slave) for my owned domains. I would like to use rndc to control them from my local host. A couple of questions: 1. Does named need to be running on the local host? No. 2. Can I

Re: Allowable reverse mapping zone file names

On Saturday, August 27, 2016, Lyle wrote: ... > As far as question 2, depends on if the reverse zones were delegated to > you or not. It depends on your ISP. Many do not delegate reverse lookup > zones to the end user. In that case, you have to ask them to insert the >