[143429] in North American Network Operators' Group
Re: v4/v6 dns thoughts?
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Aug 9 19:41:18 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <4E4180C9.4060607@q7.com>
Date: Tue, 9 Aug 2011 16:36:30 -0700
To: Joe Pruett <joey@q7.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Aug 9, 2011, at 11:47 AM, Joe Pruett wrote:
> as i'm rolling v6 into my world, i'm not sure which way to go with
> reverse dns conventions. for forward i'm doing things like:
>=20
> foo.example.com a 1.1.1.1
> foo.example.com aaaa 1000::1.1.1.1
> foo.v4.example.com a 1.1.1.1
> foo.v6.example.com aaaa 1000::1.1.1.1
>=20
> so i can use a foo.v4/v6 hostname if i need to specify transit =
behavior.
>=20
> but for reverse i'm not sure if i want to map it like:
>=20
> 1.1.1.1.in-addr.arpa ptr foo.example.com.
> =
1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.ip6.arpa =
=20
> ptr foo.example.com
>=20
> or:
>=20
> 1.1.1.1.in-addr.arpa ptr foo.v4.example.com.
> =
1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.ip6.arpa =
=20
> ptr foo.v6.example.com
>=20
> being able to just use foo.example.com for authentication purposes
> (sendmail, nfs, etc) is nice. but also knowing when incoming is v4 or
> v6 by just looking at the dns lookup (for tools that do reverse lookup
> for you) is also nice.
>=20
> what are you doing? which way makes more sense to you?
>=20
My PTRs are all to the same host name. In any context where the protocol
actually matters, you should have other ways to detect it.
I also don't recommend doing the foo.v4/foo.v6 thing in your forwards. =
There's
really no advantage to do it. Most tools either have separate IPv4/IPv6 =
variants
or have command-line switches for address-family control if you care.
Owen
