Kyle Brantley: April 2009 Archives
Reverse DNS is easy. You take the address, reverse the bit sets, and then append ".in-addr.arpa." to the domain. 10.0.0.1 maps to 1.0.0.10.in-addr.arpa.
Isn't that easy?
With IPv4, we can have up to three bytes per zone delimiter, or in regular speak, three numbers per dot.
With IPv6, every single hex digit is given a zone delimiter, instead of groups of three. This is really nice in terms of flexibility, but people whine enough about v6 address length enough as-is. This pretty effectively doubles it.
For example, 2001:470:d82b:ffff:217:31ff:fec4:919a becomes a.9.1.9.4.c.e.f.f.f.1.3.7.1.2.0. f.f.f.f.b.2.8.d.0.7.4.0.1.0.0.2.ip6.arpa. This is, to put it lightly, nasty. The slightly shortened suffix goes entirely unnoticed.
It's pretty easy to glance at a v4 address and type out the reverse DNS mapping. It is right next to impossible to do that with a full length v6 address. You mentally transpose a digit and suddenly you're trying to mess with an address billions upon billions of addresses away from the one you care about.
Quick note: dig rectifies this problem. "dig -x [ip-addr-goes-here]" will perform a reverse DNS lookup on the address (both v4 and v6), but more importantly, it prints out the address in the proper reverse DNS form.
Example:
No more pain!
Isn't that easy?
With IPv4, we can have up to three bytes per zone delimiter, or in regular speak, three numbers per dot.
With IPv6, every single hex digit is given a zone delimiter, instead of groups of three. This is really nice in terms of flexibility, but people whine enough about v6 address length enough as-is. This pretty effectively doubles it.
For example, 2001:470:d82b:ffff:217:31ff:fec4:919a becomes a.9.1.9.4.c.e.f.f.f.1.3.7.1.2.0. f.f.f.f.b.2.8.d.0.7.4.0.1.0.0.2.ip6.arpa. This is, to put it lightly, nasty. The slightly shortened suffix goes entirely unnoticed.
It's pretty easy to glance at a v4 address and type out the reverse DNS mapping. It is right next to impossible to do that with a full length v6 address. You mentally transpose a digit and suddenly you're trying to mess with an address billions upon billions of addresses away from the one you care about.
Quick note: dig rectifies this problem. "dig -x [ip-addr-goes-here]" will perform a reverse DNS lookup on the address (both v4 and v6), but more importantly, it prints out the address in the proper reverse DNS form.
Example:
dig -x 2001:470:d82b:ffff:217:31ff:fec4:919a
[...snip...]
;; QUESTION SECTION:
;a.9.1.9.4.c.e.f.f.f.1.3.7.1.2.0.f.f.f.f.b.2.8.d.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR
[...snip...]
No more pain!
