In message
<alpine(_dot_)BSF(_dot_)2(_dot_)00(_dot_)1107041959400(_dot_)29602(_at_)joyce(_dot_)lan>,
"John R. Levine" wri
tes:
Reverse IPv6 caches well. You just can't pre-populate servers with PTR
records for all 2^64 ptr records in a normal IPv6 subnet. You need to
use tools that add records for nodes that actually exist. Those tools
are a decade old now.
Over in e-mail land, we've been pondering the behavior of spammers, who
will likely hop to a different IPv6 address for every spam. If you do rDNS
lookups, your cache will fill up with useless entries, maybe PTR, maybe
NXDOMAIN, it hardly matters. DNSBLs and DNSWLs, if done the same way as
they are in IPv4, have the same problem. These issues are well known in
the mail ops community, where it's now the standard advice not to try rDNS
lookups on incoming IPv6 mail.
Or you just tune the cache retention times. For NXDOMAIN/NODATA
that's 3 hours by default for named but could be tuned down to 10
minutes or lower without ill effects. RFC 2308 recommends 1-3 hours.
I also don't see the point in worrying about this. Caches cope
with spammers using a different From domains on each piece of email
which is looked up in the DNS. The worst using a different IPv6
address per email can do is double the cache requirements for the
same volume of email.
LRU cleaning of the cache will cope with this.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka(_at_)isc(_dot_)org
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf