Re: [DNSOP] [homenet] ip6.arpa reverse delegation
Tero Kivinen <kivinen@iki.fi> Mon, 24 November 2014 14:56 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB39A1A6F92; Mon, 24 Nov 2014 06:56:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.131
X-Spam-Level:
X-Spam-Status: No, score=-1.131 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NEUTRAL=0.779, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3DOVOtpz6aEC; Mon, 24 Nov 2014 06:56:25 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.kivinen.iki.fi [IPv6:2001:1bc8:100d::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 840181A6FA0; Mon, 24 Nov 2014 06:56:25 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.8/8.14.8) with ESMTP id sAOEuLhF003984 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 24 Nov 2014 16:56:21 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.8/8.14.8/Submit) id sAOEuLnd011168; Mon, 24 Nov 2014 16:56:21 +0200 (EET)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <21619.18196.989260.823315@fireball.kivinen.iki.fi>
Date: Mon, 24 Nov 2014 16:56:20 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Markus Stenberg <markus.stenberg@iki.fi>
In-Reply-To: <3351A0A8-F7DE-40ED-8EA5-06393764D250@iki.fi>
References: <29673.1416777252@sandelman.ca> <3351A0A8-F7DE-40ED-8EA5-06393764D250@iki.fi>
X-Mailer: VM 8.2.0b under 24.3.1 (x86_64--netbsd)
X-Edit-Time: 25 min
X-Total-Time: 15 min
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/uC7uxImaOHRsiUPZmHEgErqItzk
X-Mailman-Approved-At: Mon, 24 Nov 2014 07:59:54 -0800
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, homenet@ietf.org, dnsop@ietf.org
Subject: Re: [DNSOP] [homenet] ip6.arpa reverse delegation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Nov 2014 14:56:28 -0000
Markus Stenberg writes: > Is this actually desired by the operators? At least here (.fi), ISPs > seem to consider the reverse pointing to x.customer.y.isp.fi a > feature, not a bug, of the current IPv4 deployment and specified > same for future IPv6 deployments as well. (At the moment my ISP does > not officially support IPv6, but do provide it via 6rd, and I get > NXDOMAIN for reverses, but v4 is populated for more or less all > ISPs.) The Ficora (Finnish Communications Regulatory Authority) recommendation for taking IPv6 in use for consumers in Finland actually recommends that all ISPs do offer IPv6 reverse, either by delegating it or automatically adding reverses for all IPv6 addresses. https://www.viestintavirasto.fi/ohjausjavalvonta/ohjeettulkinnatsuosituksetjaselvitykset/ohjeidentulkintojensuositustenjaselvitystenasiakirjat/suositusipv6nkayttoonotostakuluttajalaajakaistaliittymissa2002014s.html It lists 3 different example methods how this can be done, and notes that it is important that this is done automatically, i.e without consumer needing to ask for anything (of course if you want the reverses to be delegated to you, then you need to contact your ISP and ask for it). They examples they include are: [7] IPv6 Dynamic Reverse Mapping, http://users.on.net/~rmibus/pymds/IPv6-auto-rDNS.pdf [8] Python Modular DNS Server (pymds), http://code.google.com/p/pymds/ [9] Kazunori Fujiwara (JPRS), One implementation of IPv6 reverse DNS server, http://member.wide.ad.jp/~fujiwara/v6rev.html Btw, it also recommends that consumer always gets the same prefix and that the lifetime of the prefix is long i.e. recommended value for preferred lifetime is 7 days and recommended value for valid lifetime is 30 days. This of course do have connection to the reverses, especially if they are delegated to the consumer (which most likely would also actually require completely stable prefix). So if your ISP in finland does not offer IPv6 reverses yet, they do not follow the recommendation, thus you could send them email and ask them to start following "Ficora Recommendation 200/2014 S" :-) -- kivinen@iki.fi
- [DNSOP] ip6.arpa reverse delegation Michael Richardson
- Re: [DNSOP] [homenet] ip6.arpa reverse delegation Markus Stenberg
- Re: [DNSOP] [homenet] ip6.arpa reverse delegation Michael Richardson
- Re: [DNSOP] [homenet] ip6.arpa reverse delegation Ted Lemon
- Re: [DNSOP] [homenet] ip6.arpa reverse delegation Tero Kivinen
- Re: [DNSOP] [homenet] ip6.arpa reverse delegation Juliusz Chroboczek
- Re: [DNSOP] [homenet] ip6.arpa reverse delegation Nicholas Weaver
- Re: [DNSOP] [homenet] ip6.arpa reverse delegation Ted Lemon