This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[dns-wg] Policy for Reverse DNS for End-User PA Addresses?

Previous message (by thread): [dns-wg] Fwd: [enum-wg] Tier-2 provisioning: NS vs CNAME/DNAME
Next message (by thread): [dns-wg] Policy for Reverse DNS for End-User PA Addresses?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jørgen Elgaard Larsen maillistparticipant at elgaard.net
Thu Jul 8 18:40:55 CEST 2004

Hi there,

I would like to share some thoughts on reverse DNS with you.

In my experience, reverse DNS often works well with larger organisations 
that have been assigned a /24 IPv4 range or greater. On the other hand, 
it almost never works with smaller organisations using smaller ranges, 
e.g. on ADSL lines.

As I see it, there is a general trend that more and more small and 
mid-size businesses uses ADSL lines for connectivity. Since IPv4 
addresses are scarce, these businesses are often assigned IPv4 ranges 
smaller than /24 - many only get a /30 range. Nevertheless, they still 
operates servers for various purposes.

The problem is that ISPs typically are very hesitant to administer 
reverse DNS for these addresses. Either these addresses have no reverse 
DNS at all, or they resolve to a semi-random host name (e.g. address 
aaa.bbb.ccc.ddd resolves to aaa.bbb.ccc.ddd.adsl.isp-name.com).

If the ISP (or whoever administers reverse DNS for the /24 range) do not 
wish to help out, there is really nothing the end user can do. Apart 
from being _really_ annoying to the end user, it also undermines reverse 
DNS as such: It is already difficult to convince everybody to set up 
reverse DNS, but even if an end user wants to do it, it may not be 
possible for him.


I am aware that it would take some work for RIPE NCC to force every ISP 
to properly administer reverse DNS, but there are several costless 
methods that would help a lot.

Please consider these suggestions:

a) Make it mandatory for ISPs to offer classless reverse delegation to
    end users with RIPE-assigned IP ranges (i.e. for PA IP ranges that
    has a inetnum object with an end user as admin-c).

    Even if this would not be actively enforced, it would be a great help
    to end users if they could point to an official RIPE policy on this.
    Even a web page saying that LIRs _should_ do so would be a help.

b) Make it mandatory for ISPs to offer either classless delegation or
    reverse DNS at IP-level for all its assigned addresses.

    Again, if there are no ressources to enforce it, it would still
    help to make it official RIPE NCC policy.

c) Extend the new reverse delegation system to include classless
    delegation of PA addresses.
    For this to work, it would probably be necessary to move master DNS
    for all split ranges to RIPE NCC, which of course would increase the
    load on RIPE NCC.
    Administration, on the other hand, could be fully automatised.


There are probably many other ways, too. Anyhow, I would really like a 
solution to this.


Sincerely,


Jørgen E. Larsen
CTO
Elgaard Data
jel(at)elgaard.net

Previous message (by thread): [dns-wg] Fwd: [enum-wg] Tier-2 provisioning: NS vs CNAME/DNAME
Next message (by thread): [dns-wg] Policy for Reverse DNS for End-User PA Addresses?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ dns-wg Archives ]