[192472] in North American Network Operators' Group
Re: IPv6 automatic reverse DNS
daemon@ATHENA.MIT.EDU (Wesley George)
Fri Oct 28 22:08:44 2016
X-Original-To: nanog@nanog.org
From: Wesley George <wesgeorge@puck.nether.net>
In-Reply-To: <83b75e68-92dc-0fd4-3036-18d751f45715@gmail.com>
Date: Fri, 28 Oct 2016 22:08:24 -0400
To: Baldur Norddahl <baldur.norddahl@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
--Apple-Mail=_0A98C5F9-4360-4CF7-9134-D60CFE8C87B5
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
I'd recommend reviewing this document, and contributing as appropriate. =
I think it covers this pretty thoroughly today, but if there are missing =
considerations, now is the time to make sure that feedback is captured.
https://tools.ietf.org/html/draft-ietf-dnsop-isp-ip6rdns-02 =
<https://tools.ietf.org/html/draft-ietf-dnsop-isp-ip6rdns-02>
Wes George
> On Oct 28, 2016, at 7:02 PM, Baldur Norddahl =
<baldur.norddahl@gmail.com> wrote:
>=20
> Hello
>=20
> Many service providers have IPv4 reverse DNS for all their IP =
addresses. If nothing is more relevant, this will often just be the IPv4 =
address hashed somehow and tagged to the ISP domain name. For some =
arcane reason it is important to have the forward DNS match the reverse =
DNS or some mail servers might reject your mails.
>=20
> However with IPv6 it is not practical to build such a complete reverse =
DNS zone. You could do a star entry but that would fail the =
reverse/forward match test.
>=20
> It should be simple to build a DNS server that will automatically =
generate a hostname value for every reverse lookup received, and also be =
able to parse that hostname value to return the correct IPv6 address on =
forward lookups.
>=20
> Does any DNS server have that feature? Should we have it? Why not?
>=20
> I know of some arguments for:
>=20
> 1a) mail servers like it
>=20
> 1b) anti spam filters believe in the magic of checking forward/reverse =
match.
>=20
> 2) traceroute will be nicer
>=20
> 3) http://ipv6-test.com/ will give me 20/20 instead of 19/20 (yes that =
was what got me going on this post)
>=20
> 4) Output from "who" command on Unix will look nicer (maybe).
>=20
> Regards,
>=20
> Baldur
--Apple-Mail=_0A98C5F9-4360-4CF7-9134-D60CFE8C87B5
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJYFASYAAoJEBdIPc22E6UhElgP/0oljshBygQyNt3kkH1zjMbq
gxsSa03egHhwHBQpMfpjffNNzZC3KxHHOAqjJwdLyvgNFL73UWv2/zlc/1PQbOFJ
Wq8hJ6Vo3nyyhF/BjQZxm3sJKRPEYIjeBI93/s4bNvEZXVcDeueaZQZupJpWkJWW
o/xOg95s43vpAZB7cq+GGYCk7gmVy7TD2/VNIHijtI78P6qUnxywAZbHRCXa06k5
hLoewEkqa0RQKBnUawHabFmxHfl/IYGwQHo2iLM7LwDm59OOpdVJkvLMHWbHlhKZ
6kYQNqUgH+gJJvWS+Jea95lGWqZH2A5H6b/Arx1IXon44NrjqUt8128sLfSLxQuv
uLdSxjo9snIs8zX280Jzo/CP1Dz1fFe7f4STlXnMhed/13CZcay/Hu+h7+r8LXFu
ViqfEEJJFykjRm6b8sGcDhBrBTpNJpfF47p5oUKxdc48h5LG7G/n7ZeqUfggFkNQ
1JGU1Yx16MiHzNZIhTHZG9UiYDAvjYI5OBjUcndwHkdBd6/pBXcYB3QnYAOe6SPn
Sp87RmCEO9nMQ9dyDY+HIgA/KZEbv+Fv2epDuTCArzpmZs0p5OvSSOBqz7GBa51b
f8l14WpxNvSSbqwoSw32c7FBgLPOLrH+te6IUq8HvOIWqE2ZVEn8aTizAiIhTCWx
jHF82hFLmPAwdTVZoau5
=cjW6
-----END PGP SIGNATURE-----
--Apple-Mail=_0A98C5F9-4360-4CF7-9134-D60CFE8C87B5--
