<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.28.3">
</HEAD>
<BODY>
On Tue, 2012-03-06 at 08:23 +1100, Mark Andrews wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
In message <<A HREF="mailto:DUB109-W57AA00705E65417A6C57E4AC500@phx.gbl">DUB109-W57AA00705E65417A6C57E4AC500@phx.gbl</A>>, hugo hugoo writes:
>
> Dear all,
>
> Can anyone help me with its experience on reverse dns for IPV6?
> Presently, when we reverse an IPV4 subnet for clients, we configure all=
> the reverse for the whole subnet.
> It is a lot of PTR's but perfectly manageable.
>
> With IPV6, the number of IP's that we will receive is amazing....
> So...it seems impossible for every single IPV6 inthe range to configure a P=
> TR.
>
> So...what to do?
> What is the common practice?
> What is possible with BIND?
>
> Thanks in advance for your answer.
Let the machines register their own PTR record using TCP as the authenticator.
update-poliy {
grant . tcp-self * PTR;
};
</PRE>
</BLOCKQUOTE>
<BR>
Thats dangerous 14m1337.u.suck.hax0r.org - yeah, it would be highly abused and why most ISP's don't do/allow it <IMG SRC="cid:1330991007.3861.8.camel@tardis" ALIGN="middle" ALT=":)" BORDER="0"><BR>
But for a small company that has trustworthy staff, maybe, but then mail servers will start rejecting some of them trying to send directly because theres likely no matching A record.<BR>
<BR>
<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<PRE>
Mark
</PRE>
</BLOCKQUOTE>
<BR>
</BODY>
</HTML>