IPv6 and DNS for the residential service provider

Jeroen Massar jeroen at unfix.org
Tue Sep 25 09:56:22 CEST 2012


On 2012-09-25 09:51 , Florian Lohoff wrote:
> On Mon, Sep 24, 2012 at 02:32:05PM -0400, Ron Vachiyer wrote:
>> Hello, (hopefully on-topic for this list!)
>>
>> I am looking for some tips as to how to deal with DNS and rDNS in a residential service provider scenario.  This document, http://tools.ietf.org/html/draft-howard-isp-ip6rdns-02, doesn't seem to have been updated in ages and I haven't found any more recent pertinent information.
>>
>> Basically, this doc offers the following options to provide forward
>> and reverse DNS; our customers are residential and will not be asking
>> for, or in a position to, operate reverse delegations themselves.
>>
>> 1) not answer at all (NXDOMAIN).  This breaks applications that check
>> forward>reverse 
>>
>> 2) wildcard reverse DNS.  This also breaks forward>reverse since as
>> far as I know you can't have a wildcard forward lookup?

One can set up a scriptable DNS server, PowerDNS seems to be a favorite
there, and script the forward/reverse generation.

>> 3) Dynamic DNS updates.  At first this sounds interesting, except that
>> from what I can tell most current OSs don't by default register in
>> DNS, and if they do, don't use the domain obtained by DHCP unless that
>> is enabled as well.  And, IP-based DNS updates are inherently
>> insecure.
> 
> This is inherently insecure and open to DOS Attacks. And how do you
> link RADIUS Accounting with DNS to delete all records a previous
> user left behind?

You could like, do it simple in todays always-on Internet usage: static
assignments.

Also makes abuse tracking soooo much easier as the IP is always the
person it links to.

But ISPs do not like to do that as then there is little reason to sell
the overpriced static-IP-for-"businesses" version... next to some people
fear mongering over the tracking aspect of their usage which will happen
to them anyway.

Greets,
 Jeroen




More information about the ipv6-ops mailing list