as i'm rolling v6 into my world, i'm not sure which way to go with reverse dns conventions. for forward i'm doing things like: foo.example.com a 1.1.1.1 foo.example.com aaaa 1000::1.1.1.1 foo.v4.example.com a 1.1.1.1 foo.v6.example.com aaaa 1000::1.1.1.1 so i can use a foo.v4/v6 hostname if i need to specify transit behavior. but for reverse i'm not sure if i want to map it like: 1.1.1.1.in-addr.arpa ptr foo.example.com. 1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.ip6.arpa ptr foo.example.com or: 1.1.1.1.in-addr.arpa ptr foo.v4.example.com. 1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.ip6.arpa ptr foo.v6.example.com being able to just use foo.example.com for authentication purposes (sendmail, nfs, etc) is nice. but also knowing when incoming is v4 or v6 by just looking at the dns lookup (for tools that do reverse lookup for you) is also nice. what are you doing? which way makes more sense to you?
On 2011-08-09 20:47 , Joe Pruett wrote:
as i'm rolling v6 into my world, i'm not sure which way to go with reverse dns conventions. for forward i'm doing things like:
foo.example.com a 1.1.1.1 foo.example.com aaaa 1000::1.1.1.1 foo.v4.example.com a 1.1.1.1 foo.v6.example.com aaaa 1000::1.1.1.1
You do mean: foo.example.com A 192.0.2.1 foo.example.com AAAA 2001:db8::1.1.1.1 foo.v4.example.com A 192.0.2.1 foo.v6.example.com AAAA 2001:db8::1.1.1.1 I hope, seeing that 1.1.1.1 is for the APNIC region and 1000::/8 is outside 2000::/3 and thus not defined yet, that you use the documentation prefixes when showing examples instead of abusing that address space, as that is exactly the reason why 1.1.1.1 will most likely never be allocated to anyone but researchers who are seeing all kind of fun backscatter...
so i can use a foo.v4/v6 hostname if i need to specify transit behavior.
People commonly use the 'ipv4' and 'ipv6' variant for this. Most network-specific tools though fortunately have -4/-6, but as indeed quite a few don't it is always handy to have the above. [..]
being able to just use foo.example.com for authentication purposes (sendmail, nfs, etc) is nice. but also knowing when incoming is v4 or v6 by just looking at the dns lookup (for tools that do reverse lookup for you) is also nice.
Tools that do reverse lookups should always also report the IP address as without the IP a reverse is futile unless said tool does at least a ip->reverse->forward check and then of course the hope is that that hostname does not disappear between that lookup happening and it going away again...
what are you doing? which way makes more sense to you?
Map it to the hostname. This as it should not matter if it is IPv4 or IPv6. For routers of course one might want to use a v4/v6 specific one as per the above reason of 'easier for the eyes in traceroute', but on the other side one could just as well use an IPv4+IPv6 per interface and thus name them based on the interface Greets, Jeroen
On Aug 9, 2011, at 11:47 AM, Joe Pruett wrote:
as i'm rolling v6 into my world, i'm not sure which way to go with reverse dns conventions. for forward i'm doing things like:
foo.example.com a 1.1.1.1 foo.example.com aaaa 1000::1.1.1.1 foo.v4.example.com a 1.1.1.1 foo.v6.example.com aaaa 1000::1.1.1.1
so i can use a foo.v4/v6 hostname if i need to specify transit behavior.
but for reverse i'm not sure if i want to map it like:
1.1.1.1.in-addr.arpa ptr foo.example.com. 1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.ip6.arpa ptr foo.example.com
or:
1.1.1.1.in-addr.arpa ptr foo.v4.example.com. 1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.ip6.arpa ptr foo.v6.example.com
being able to just use foo.example.com for authentication purposes (sendmail, nfs, etc) is nice. but also knowing when incoming is v4 or v6 by just looking at the dns lookup (for tools that do reverse lookup for you) is also nice.
what are you doing? which way makes more sense to you?
My PTRs are all to the same host name. In any context where the protocol actually matters, you should have other ways to detect it. I also don't recommend doing the foo.v4/foo.v6 thing in your forwards. There's really no advantage to do it. Most tools either have separate IPv4/IPv6 variants or have command-line switches for address-family control if you care. Owen
On 9 August 2011 16:36, Owen DeLong <owen@delong.com> wrote:
My PTRs are all to the same host name. In any context where the protocol actually matters, you should have other ways to detect it.
I also don't recommend doing the foo.v4/foo.v6 thing in your forwards. There's really no advantage to do it. Most tools either have separate IPv4/IPv6 variants or have command-line switches for address-family control if you care.
I agree that using the v4 or v6 tag in forward or reverse is pointless. One can tell it is v4 or v6 by the result of the lookup and the hostnames don't change just because they are accessible via IPv6. If a hostname is directly related to the fact that its IPv6 by all means put it in there though. -- Landon Stewart <LStewart@SUPERB.NET> SuperbHosting.Net by Superb Internet Corp. Toll Free (US/Canada): 888-354-6128 x 4199 Direct: 206-438-5879 Web hosting and more "Ahead of the Rest": http://www.superbhosting.net
I too agree the v4/v6 stuff is pointless and slightly annoying so I have been using same name with A/AAAA records. -----Original Message----- From: Landon Stewart [mailto:lstewart@superb.net] Sent: Tuesday, August 09, 2011 6:16 PM To: nanog@nanog.org Subject: Re: v4/v6 dns thoughts? On 9 August 2011 16:36, Owen DeLong <owen@delong.com> wrote:
My PTRs are all to the same host name. In any context where the protocol actually matters, you should have other ways to detect it.
I also don't recommend doing the foo.v4/foo.v6 thing in your forwards. There's really no advantage to do it. Most tools either have separate IPv4/IPv6 variants or have command-line switches for address-family control if you care.
I agree that using the v4 or v6 tag in forward or reverse is pointless. One can tell it is v4 or v6 by the result of the lookup and the hostnames don't change just because they are accessible via IPv6. If a hostname is directly related to the fact that its IPv6 by all means put it in there though. -- Landon Stewart <LStewart@SUPERB.NET> SuperbHosting.Net by Superb Internet Corp. Toll Free (US/Canada): 888-354-6128 x 4199 Direct: 206-438-5879 Web hosting and more "Ahead of the Rest": http://www.superbhosting.net
On Tue, Aug 9, 2011 at 7:36 PM, Owen DeLong <owen@delong.com> wrote:
I also don't recommend doing the foo.v4/foo.v6 thing in your forwards. There's really no advantage to do it. Most tools either have separate IPv4/IPv6 variants or have command-line switches for address-family control if you care.
For most tools that I ordinarily use, I would certainly agree with this. The only exception might be from a web browser; while there are ways that they can be reconfigured to only use certain IP versions in certain cases, it is probably more straightforward to use www.ipvN.domain.tld or a similar name. For reverse DNS, I completely agree that there is no reason to use a different name.
Subject: Re: v4/v6 dns thoughts? Date: Thu, Aug 11, 2011 at 12:01:15AM -0400 Quoting Andrew Parnell (andrew@parnell.ca):
On Tue, Aug 9, 2011 at 7:36 PM, Owen DeLong <owen@delong.com> wrote:
I also don't recommend doing the foo.v4/foo.v6 thing in your forwards. There's really no advantage to do it. Most tools either have separate IPv4/IPv6 variants or have command-line switches for address-family control if you care.
For most tools that I ordinarily use, I would certainly agree with this. The only exception might be from a web browser; while there are ways that they can be reconfigured to only use certain IP versions in certain cases, it is probably more straightforward to use www.ipvN.domain.tld or a similar name.
For reverse DNS, I completely agree that there is no reason to use a different name.
While I am no enemy to /56 allocations (cross-thread alert!) I for the most part tend to agree with Owen and would so here too. Possibly with the addition of separate names in a subdomain for trouble-shooting. Selecting protocol is something best done slightly lower in the stack. I did so with $INCLUDE directives[0] at a former employer. For routers, where it matters much more than for end-user stuff like web servers. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 DIDI ... is that a MARTIAN name, or, are we in ISRAEL? [0] Like so: $ORIGIN isp.tld. $INCLUDE "file-with-AAAA-records-without-FQDN" $INCLUDE "file-with-A-records-without-FQDN" $ORIGIN v4.isp.tld. $INCLUDE "file-with-A-records-without-FQDN" $ORIGIN v6.isp.tld. $INCLUDE "file-with-AAAA-records-without-FQDN"
On Aug 10, 2011, at 9:01 PM, Andrew Parnell wrote:
On Tue, Aug 9, 2011 at 7:36 PM, Owen DeLong <owen@delong.com> wrote:
I also don't recommend doing the foo.v4/foo.v6 thing in your forwards. There's really no advantage to do it. Most tools either have separate IPv4/IPv6 variants or have command-line switches for address-family control if you care.
For most tools that I ordinarily use, I would certainly agree with this. The only exception might be from a web browser; while there are ways that they can be reconfigured to only use certain IP versions in certain cases, it is probably more straightforward to use www.ipvN.domain.tld or a similar name.
In a web browser, I don't care unless I'm troubleshooting. If I'm troubleshooting, my web browser of choice is probably wget rather than one of the kitchen sink GUI based browsers. It turns out that wget supports the flag in question. Owen
participants (7)
-
Andrew Parnell
-
Blake T. Pfankuch
-
Jeroen Massar
-
Joe Pruett
-
Landon Stewart
-
Måns Nilsson
-
Owen DeLong