[Opendnssec-user] Reverse zones?

Carlos Martinez-Cagnazzo carlos at lacnic.net
Thu Mar 8 12:42:54 UTC 2012


Hello,

All RIRs publish a daily stats file containing each allocated block you
don't even need to 'walk' a zone, you just grab the stats file, parse it
and query the DNS. 

Our zones are the near the apex of the reverse space and they contain
almost nothing except NSsets. In particular, they don't contain PTR records.

However, if you are an end user with hosts (PTRs) in your reverse zones
you might want to be extra careful with them.

regards

Carlos

--
Carlos Martinez-Cagnazzo
R+D Engineer
http://www.labs.lacnic.net


On 3/8/12 9:59 AM, Dick Visser wrote:
> On 7 March 2012 11:30, Casper Gielen <c.gielen at uvt.nl> wrote:
>
>> While I understand the argument that an IPv4-reverse zone is trivially
>> enumerated, that will change when IPv6 becomes more common. Naively
>> trying every IP is just not feasible anymore. In that case NSEC will
>> actually be helpfull in finding adresses that are assigned.
> In our shop everything is at least dual stack, and some parts IPv6 only.
> So I will then use NSEC3 for our reverse zones...
>
>



More information about the Opendnssec-user mailing list