Re: IPv6 rDNS - how will it be done?
Hi! In some internal DNS applications, I've missed the so useful pipe feature of the sendmail alias (user: | /script), I mean, being able to forward a DNS request to a script that returns the resolution response. Maybe something similar would be useful in this IPv6 rDNS scenario too. Does anyone of you know if there's any chance to direct a zone to a script instead of to a file? Regards, David. ----------------------- Message: 1 Date: 28 Apr 2010 01:46:57 -0000 From: John Levine <johnl@iecc.com> Subject: Re: [Nanog] Re: IPv6 rDNS - how will it be done? To: nanog@nanog.org Message-ID: <20100428014657.91479.qmail@joyce.lan> Content-Type: text/plain; charset=iso-8859-1
Hmm. A macro expansion for a /48 would mean 1,208,925,819,614,629,174,706,176 leaves. An interesting stress test for name servers... :-).
My inclination would be to use a wildcard that returns something like not-in-service.some-network.net, and let the clients add records for the addresses they use. For spoof resistance, how about doing a forward lookup on the purported name and only installing it if it gets a matching AAAA record? R's, John
On 28.04.2010, at 11:02, David Pérez wrote:
Hi!
Ahoi,
In some internal DNS applications, I've missed the so useful pipe feature of the sendmail alias (user: | /script), I mean, being able to forward a DNS request to a script that returns the resolution response. Maybe something similar would be useful in this IPv6 rDNS scenario too. Does anyone of you know if there's any chance to direct a zone to a script instead of to a file?
Yes, just look at what i just posted and at http://doc.powerdns.com/pipebackend-dynamic-resolution.html http://doc.powerdns.com/backends-detail.html#PIPEBACKEND . Stefan
participants (2)
-
David Pérez
-
Stefan Schmidt