IPv6 and DNS for the residential service provider

Ole Trøan otroan at employees.org
Tue Sep 25 11:44:35 CEST 2012


> I am looking for some tips as to how to deal with DNS and rDNS in a residential service provider scenario.  This document,http://tools.ietf.org/html/draft-howard-isp-ip6rdns-02, doesn't seem to have been updated in ages and I haven't found any more recent pertinent information.
> 
> Basically, this doc offers the following options to provide forward and reverse DNS; our customers are residential and will not be asking for, or in a position to, operate reverse delegations themselves.
> 
> 1) not answer at all (NXDOMAIN).  This breaks applications that check forward>reverse 
> 
> 2) wildcard reverse DNS.  This also breaks forward>reverse since as far as I know you can't have a wildcard forward lookup?
> 
> 3) Dynamic DNS updates.  At first this sounds interesting, except that from what I can tell most current OSs don't by default register in DNS, and if they do, don't use the domain obtained by DHCP unless that is enabled as well.  And, IP-based DNS updates are inherently insecure.
> 
> 4) delegate DNS to the customer gateway (never heard of a platform that actually supports this??)

there has been talk about this in the IETF homenet group, and Ted Lemon has a draft for the DHC wg:
http://tools.ietf.org/html/draft-lemon-dhc-dns-pd-01

describing how it is possible to delegate the authority of the delegated prefix (rfc3633) to the requesting router (CPE).

there is a recurring question being asked though... and that is "do we really need reverse DNS for IPv6?"

> 5) "on the fly" record creation.  I find no doc for this other than a vague PowerDNS reference, does BIND support something like this?
> 
> Any tips appreciated, RTFM links, whever.

cheers,
Ole

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4351 bytes
Desc: not available
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20120925/03d71e43/attachment-0001.bin 


More information about the ipv6-ops mailing list