reverse tree DNS for IPv6...
Alain Durand <Alain.Durand@Sun.COM> Tue, 05 November 2002 23:07 UTC
From: Alain Durand <Alain.Durand@Sun.COM>
Subject: reverse tree DNS for IPv6...
Date: Tue, 05 Nov 2002 15:07:53 -0800
Lines: 69
Sender: owner-namedroppers@ops.ietf.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <owner-namedroppers@ops.ietf.org>
To: namedroppers@ops.ietf.org
X-Accept-Language: en-us, en
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.0.1) Gecko/20020920 Netscape/7.0
Precedence: bulk
X-Message-ID:
Message-ID: <20140418071643.2560.11607.ARCHIVE@ietfa.amsl.com>
As highlighted in the DNSop wg in draft-durand-ngtrans-dns-issues-00.txt & draft-durand-ngtrans-dns-issues-01.txt (this draft needs to be rename draft-ietf-dnsop-ipv6-dns-isssues-..) a current IPv4 practise of end-user ISPs is to pre-populate the reverse tree DNS with records like dsl-customer-374.pop-12.isp.net Due to the size of Ipv6 adddres space, this practise is no more possible. Several solutions have been proposed so far, but all of them have serious drawbacks: - do not populate the reverse tree at all - only populate for some hosts - use wildcard DNS records - dynamically generate DNS records This is a new proposal that should not get in the way of DNSsec but would require some changes in the stub resolver library routines, getnameinfo and getaddrinfo. I would like to get feedback from the DNSext wg before I present this to DNSop. - Alain. ps: as this was first discussed with a few people last week at ARIN, it was too late to publish an Internet Draft, so here is an outline of the proposal. Note: this is a similar idea as described in RFC1101 DNS operational requirements: For each /64 network, in the delegated /64 reverse zone: a record: 0.0.0.0.0.0.0.0 IN PTR networkname and in the direct zone networkname IN AAAA xxxxxxxxxxx:0.0.0.0.0.0.0.0 SHOULD be in place. Stub resolver library changes: getaddrinfo(): - if a PTR exist for the IPv6 address, returns it. - else - split the IPv6 address into a /64 $prefix and an Interface ID $interfaceID (note $interfaceID is a pure hex string) - append Interface ID all zeros to $prefix to form $networkAddr - lookup a PTR for $networkAddr into $networkName - if it exists, return the string $InterfaceID "+" $networkName - else return non existant getnameinfo(): - only for AAAA lookups: - lookup AAAA for $name - if exist, retuns it - if not exist AND $name matches the syntax $interfaceID "+" non empty valid DNS name then: - check $interfaceID is a 64 bit long hex string - look AAAA for the RHS to $netAddr - if non existant, return error - if lower 64 bits non empty, return error - append $interfaceID to $netAddr into $Addr - return $Addr - else return non existant -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/namedroppers/>
- reverse tree DNS for IPv6... Alain Durand