IPv6 PTR records
-
With the large slice (/64) usually issued by the ISP to the CPE, how are reverse (PTR) records handled? There are clearly too many address to predefine and the the privacy address format being unpredictable (mostly), is there a standard mechanism for generating PTR records dynamically? If so who handles it? The ISP, the DNS resolver on the CPE gateway, or the IPv6 client hinting back to the CPE gateway?
SG-3100 24.11-RELEASE (arm) | Avahi (2.2_6) | ntopng (5.6.0_1) | openvpn-client-export (1.9.5) | pfBlockerNG-devel (3.2.1_20) | System_Patches (2.2.20_5)
-
I could be wrong, but I think that happens when you set up the DNS entries on a public server. Of course, you'd only do that for the consistent addresses, not the privacy ones. I just checked one of my host names and could resolve in both directions.
-
@lohphat The who is the ISP, but most don't seem to create PTR records for their ipv6 addresses.
The ISP is the one who owns the address block and is the only one that can create PTR records. This is also the case with the ipv4 addresses.
-
@IsaacFL said in IPv6 PTR records:
@lohphat The who is the ISP, but most don't seem to create PTR records for their ipv6 addresses.
The ISP is the one who owns the address block and is the only one that can create PTR records. This is also the case with the ipv4 addresses.
My ISP provides a host name for my WAN address. It works in both directions. However, for devices on my LAN, I am the one who has to create the DNS entries. I use a public DNS server with my own domain name. I am the one who adds names to it. It has nothing to do with my ISP. How is the ISP supposed to know what names you assign to devices on your own LAN?
-
@JKnott Well, at least the WAN has dummy addresses. Some services like to have a resolvable PTR even if it's a placeholder name like host-w-x-y-z.in-addr.arpa . IPv6 address space makes this a bit challenging. There is a standard: For example, the pointer domain name corresponding to the IPv6 address 2001:db8::567:89ab is b.a.9.8.7.6.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. but doing this for the /64 delegated to you is not going to work.
SG-3100 24.11-RELEASE (arm) | Avahi (2.2_6) | ntopng (5.6.0_1) | openvpn-client-export (1.9.5) | pfBlockerNG-devel (3.2.1_20) | System_Patches (2.2.20_5)
-
for me is Hurricane Electric
i can set my reverse ipv6 address from Hurricane Electric Free DNS Management
I have a limit of 50 though, i think i have to pay if i need more, maybe .. -
I'm not sure what you're getting at. Your comment agrees with what I said earlier. The only ISP involvement with your LAN addresses is they provided the prefix. They have no knowledge of any device attached to it.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
That is yet another advantage of getting tunnel from HE for your ipv6.. They allow you to set PTR.. While they might limit you to 50 domains hosted on their dns, PTR zones included... I do not believe they limit you to records inside that zone?
But they also allow you to delegate the reverse to your own ns if you wish..
Your isp prob not going to do that ;)
You can also put in a wildcard via the advanced tab once you create your PTR zone, so that anything in that prefix would reverse so some forward name.
-
@IsaacFL said in IPv6 PTR records:
The ISP is the one who owns the address block and is the only one that can create PTR records. This is also the case with the ipv4 addresses.
True, however, they could (doesn't mean they will or want to) delegate the resolution of your prefix in the namespace to different DNS servers, but it is much easier than delegating a subnet in IPv4.
If you are running your own DNS server, or hosted somewhere, you can ask the ISP to delegate your prefix to that DNS server and in there you create what you want.For instance for 2001:db8:1234:5678::/64 the ISP can return that for 8.7.6.5.4.3.2.1.8.b.d.0.1.0.0.2.ip6.arpa go see name server at 203.0.113.1, and in there you'd create PTR records for your own hosts. 2001:db8:1234:5678::1 becomes 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.7.6.5.4.3.2.1.8.b.d.0.1.0.0.2.ip6.arpa IN PTR somehost.domain.
-
@JKnott They could set dummy addresses (albeit not practical) not needing to know if they're assigned to a host or not. But it's academic at this point. It's technically possible but not practical.
It does require the ISP to delegate the reverse records but my ISP is not going to do that.
