IETF Logo Mail Archive

Re: [DNSOP] WGLC: "Considerations for the use of DNS Reverse Mapping"

Joe Abley <jabley@ca.afilias.info> Thu, 03 April 2008 05:09 UTC

Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: dnsop-archive@optimus.ietf.org
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AC3CE3A6B75; Wed, 2 Apr 2008 22:09:07 -0700 (PDT)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D75603A6B89 for <dnsop@core3.amsl.com>; Wed, 2 Apr 2008 22:09:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D1-Ol7kVp+2H for <dnsop@core3.amsl.com>; Wed, 2 Apr 2008 22:09:04 -0700 (PDT)
Received: from monster.hopcount.ca (monster.hopcount.ca [199.212.90.4]) by core3.amsl.com (Postfix) with ESMTP id 2AA043A6B75 for <dnsop@ietf.org>; Wed, 2 Apr 2008 22:09:03 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=monster; d=ca.afilias.info; h=Received:Cc:Message-Id:From:To:In-Reply-To:Content-Type:Content-Transfer-Encoding:Mime-Version:Subject:Date:References:X-Mailer; b=jehMvxAMTGcmfW1tBMBScErvbJ7lm2mAC7deYuPhz0JnSYxWEdmo2zlBpUiEOMVr5l/ltwV//7rXP8zeUs1XS2VIct4G5tkrZRXgKrqEbBvRJ1HvthcjU3oVTw+r8QSP;
Received: from [208.180.124.231] (helo=[172.20.100.55]) by monster.hopcount.ca with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69 (FreeBSD)) (envelope-from <jabley@ca.afilias.info>) id 1JhHjg-0003SO-Ct; Thu, 03 Apr 2008 05:11:44 +0000
Message-Id: <0689B718-8D65-439B-BDB0-162CDC38F8E6@ca.afilias.info>
From: Joe Abley <jabley@ca.afilias.info>
To: Andrew Sullivan <ajs@commandprompt.com>
In-Reply-To: <20080401213559.GA38207@commandprompt.com>
Mime-Version: 1.0 (Apple Message framework v919.2)
Date: Thu, 03 Apr 2008 00:08:54 -0500
References: <200803312055.m2VKtQvt039221@drugs.dv.isc.org> <a06240801c417f486db4d@[192.168.1.100]> <20080401213559.GA38207@commandprompt.com>
X-Mailer: Apple Mail (2.919.2)
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] WGLC: "Considerations for the use of DNS Reverse Mapping"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org

On 1 Apr 2008, at 16:36 , Andrew Sullivan wrote:

> On Tue, Apr 01, 2008 at 10:36:28AM -0400, Edward Lewis wrote:
>
>> Multiple PTR records can be stored in a single PTR RRset.  If a
>> device at an IP address (v4 or v6) has multiple identities with
>> domain names, it would be good to have a PTR for each.  However, this
>> is not always practical.  In some operational situations, an address
>> may have thousands of domain names holding an address record (A or
>> AAAA) with the address as the value.

How about re-writing the last sentence as "In some operational  
situations, a single address might be used as RDATA for a large number  
of A or AAAA resource records."

>> The number of address records in an PTR set before tripping the upper
>> limit on what can fit on even a TCP carried DNS message is
>> approximately 4000 for A RR only and about 2000 for AAAA RR only.

"The maximum size of a DNS message is 65536 bytes [RFC1035]. The  
number of resource records in a single PTR RRset is correspondingly  
limited."

(The limit is surely a function of the average encoded size of RDATA  
for the PTR records in the RRset, and has nothing to do with whether  
the PTR record lives under in-addr.arpa or ip6.arpa?)

>> If an address has just a few corresponding forward map records, it is
>> worth entering them all. If an address has many, a better strategy is
>> to enter a few as is needed, adding more only when there is an
>> operational request.

I don't see value in adding the text above.


Joe

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email