IPv6 Pattern Based Forward/Reverse Mappings

Matthew Moyle-Croft mmc at mmc.com.au
Thu Sep 11 04:50:16 UTC 2008 

>>


> 	IPv6 is not IPv4.  Lots of things have changed since ISP's
> 	started pre-populating reverse zones.  There was no dynmic
> 	updates being done by default.  You can have different
> 	expections with IPv6 than you did with IPv4.


So, it's a lovely theory but the reality is this:
- Customers often have pathologically broken networks
- The internet is NOT a corporate or university environment.  We don't  
get to set policy, domain names etc.   I don't want to have to have my  
DNS servers need "acceptable word" filters or domain filters about  
what can and can't be set.
- Customers get broken computers, CPE, whatever that causes ugly  
effects (ie.  we frequently see SIP CPE that generate a register every  
second - a few of those (say a few thousand) gives you a thousand  
registers / sec).
- Some customers will, for whatever reason, not want to or be unable  
to do the updates - so I want to have a way of doing it for them  
simply and easily.

>
>
>> I don't actually want to scale our nameservers to have to cope with  
>> an
>> extra million or so updates per day - what happens if something  
>> breaks
>> and suddenly I get 200,000 update requests in a minute?
>
> 	The same way as you deal with 200,000 DHCP requests a minute. :-)

We don't run any DHCP for customers.    Most customers get IPs from  
pools on the LNSes because it scales better and reduces the routing  
load and complexity on the network.   I want to continue this for most  
customers.

We run RADIUS.  We can scale RADIUS any way we want because it's  
invisible to customers and it parallelizes where as DNS doesn't - all  
DNS updates have to make it to all servers that serve the domain in  
something akin to real time.  Name servers are a public service to do  
resolution - I can't very well hide them from customers or the  
internet.    Nor do I want to have to tie RADIUS servers to DNS  
servers to reset reverse mappings if a customer loses their connection  
if they don't have static ranges.  (Don't argue with me about that  
either!)

>
> 	A sdb module or two which looks at the query name and
> 	contructs a response would handle this.

Now we're getting some where.    That looks reasonably straightforward  
to do - especially as it's not actually a database.   From the looks I  
just need to implement lookup() anyway.     I tried looking for some  
simple example code - do you have any?

It'd be good to be able to standardise that as a $GENERATE6 statement  
though - more flexible for more people ...

MMC

More information about the bind-users mailing list