reverse dns for IPV6 ranges
Noel Butler
noel.butler at ausics.net
Mon Mar 5 23:44:17 UTC 2012
On Tue, 2012-03-06 at 08:23 +1100, Mark Andrews wrote:
> In message <DUB109-W57AA00705E65417A6C57E4AC500 at phx.gbl>, hugo hugoo writes:
> >
> > Dear all,
> >
> > Can anyone help me with its experience on reverse dns for IPV6?
> > Presently, when we reverse an IPV4 subnet for clients, we configure all=
> > the reverse for the whole subnet.
> > It is a lot of PTR's but perfectly manageable.
> >
> > With IPV6, the number of IP's that we will receive is amazing....
> > So...it seems impossible for every single IPV6 inthe range to configure a P=
> > TR.
> >
> > So...what to do?
> > What is the common practice?
> > What is possible with BIND?
> >
> > Thanks in advance for your answer.
>
> Let the machines register their own PTR record using TCP as the authenticator.
>
> update-poliy {
> grant . tcp-self * PTR;
> };
>
Thats dangerous 14m1337.u.suck.hax0r.org - yeah, it would be
highly abused and why most ISP's don't do/allow it :)
But for a small company that has trustworthy staff, maybe, but then mail
servers will start rejecting some of them trying to send directly
because theres likely no matching A record.
> Mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120306/2a68a764/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: face-smile.png
Type: image/png
Size: 873 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120306/2a68a764/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120306/2a68a764/attachment.bin>
More information about the bind-users
mailing list