Sander Steffann wrote:
Hi,
Hi,
Even if the CPE does so, which means there is no NAT, the key to update rDNS must, naturally, be contained only in DHCP reply to the CPE.
You are misunderstanding the technology. Many cable operators offer a cable modem in bridged mode so that the customer can attach his own home-router behind it.
The situation is no different from:
If you mind wire tapping, you have other things to worry about, which needs your access line encrypted (by a manually configured password), which makes DHCP packets invisible.
Though some ISPs do not operate their network very securely, you can't have better security than that offered by your local ISP. Also remember that this thread is on secure rDNS by the ISP, which means you can't expect the ISP operate rDNS very securely even though the ISP operate rest of networking not very securely. Masataka Ohta