On Dec 5, 2010, at 2:13 PM, John Levine wrote:
I've been pondering IPv6 setups, and I don't understand how IPv6 rDNS is supposed to work. It's clear enough how you look up any particular address, but it's not at all clear to me what you put into an rDNS zone and how you put it there.
Pretty much the same thing you put into an IPv4 zone... PTR records. For example: owen.delong.com. IN AAAA 2620:0:930::200:2 2.0.0.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.9.0.0.0.0.0.0.2.6.2.ip6.arpa. IN PTR owen.delong.com.
In IPv4 land, it is standard to assign matching forward and reverse DNS for every live IP, and a fair number of services treat requests from hosts without rDNS with added scepticism. For consumer networks, it's often something like 12-34-56-78.adsl.incompetent.net, with the numbers being the IP address forward or backwards.
Ah, so you're not talking about assigning to live hosts, your talking about the unfortunate habit of assigning to every possible host. Yeah, that trick doesn't work in IPv6.
So if every customer gets a /64, what do you do? You can use a wildcard to give the same rDNS to all 2^64 addresses, but you can't do matching forward DNS, since a DNS response with 2^64 AAAA records would be, ah, a little unwieldy.
First, customers should be getting more than a /64. A /64 should be a single subnet and customers should, ideally, be getting a /48 for each end site. In general, for the most part, the services that treat missing rDNS with additional skepticism also treat rDNS entries like 12-34-56-78.adsl.incompetent.net with that same or greater skepticism, so, I wouldn't worry too much about it. For hosts where it does matter, you've got to create an AAAA record somehow (just like you needed to create an A record somehow), so, you should be able to use that same process to generate the AAAA and PTR records.
When hosts self-configure their low 64 bits, do you install a suitable PTR and AAAA into your DNS? If so, how? Do you use DHCPv6 and have it install the DNS? Do you do something else?
If you care, you probably need to use DHCPv6 for this and it should be able to build both the AAAA and PTR records. Owen