On Wed, Oct 25, 2006 at 08:23:55AM -0400, Joe Abley wrote: > > On 25-Oct-2006, at 02:53, Shane Kerr wrote: > > >Does anybody on this list have a /48 or /64 delegation? Does > >anybody also have a > >working reverse DNS setup from their provider? (For me, it's "yes" > >and "no".) > > For me it's "yes" and "yes", but I doubt I am normal in that respect.
We're probably in the same boat as Joe, on the 'yes'/'yes' front. > >I've used IPv6 in a few different environments, and have never seen > >a working > >reverse when stateless auto-configuration is used. Isn't it weird > >to recommend > >people implement a practice that is rare (or non-existent)? > > I think it's rare because the tools don't make it easy to do the > right thing. Perhaps some organisation with experience with the DNS > should write some patches to rtsold :-) We don't use AD, or dynamic DNS, for IPv6, rather we rely on manual DNS additions (which through scripts generate reverse DNS). But that's clumsy, even for just a few hundred hosts. We're waiting on DHCPv6 client and server software to deploy a similar solution to what we have for IPv4 now. The ISC development is thus very interesting for us, as is DHCPv6 client support in Vista. But that's still future gazing. There's also the mud of 3041 addresses, which add complexity if you hope to use reverse DNS as a weak auth mechanism. -- Tim . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
