Naïve question: If you used macro expansion, wouldn't you end up providing responses for a lot of addresses that aren't in use? Maybe that's not a problem? On Tue, Apr 27, 2010 at 8:47 PM, Jason 'XenoPhage' Frisvold <xenophage@godshell.com> wrote:
On Apr 27, 2010, at 8:42 PM, Mark Andrews wrote:
Windows will just populate the reverse zone as needed, if you let it, using dynamic update. If you have properly deployed BCP 39 and have anti-spoofing ingres filtering then you can just let any address from the /48 add/remove PTR records. Other OS's will follow suite.
Is DDNS really considered to be the end-all answer for this? It seems we're putting an awful lot of trust in the user when doing this.. I'd rather see some sort of macro expansion in bind/tinydns/etc that would allow a range of addresses to be added.
Alternatively you can delegate the reverse for the /48 to servers run by the customers.
This works for commercial customers, but I'm not sure I'd want to delegate this to a residential customer.
Mark
--------------------------- Jason 'XenoPhage' Frisvold xenophage@godshell.com --------------------------- "Any sufficiently advanced magic is indistinguishable from technology." - Niven's Inverse of Clarke's Third Law