Re: [dnsext] Domain "Flag" to indicate (non-)availability of automatic DNS updates for reverse DNS

On 6-May-2009, at 22:26, Jeroen Massar wrote:

> I guess quite a few ISPs who are providing public IP addresses to  
> their
> customers must be seeing these and then loads of them on their NS's:
>
> May  5 14:15:14 noc named[26139]: client xxxx:xxxx:xxxx::x#3421046:
> update '3.2.1.8.b.d.1.0.0.2.ip6.arpa/IN' denied
>
> or the IPv4 equivalent. Now I know that most of these will come from
> Windows as they have this setting activated per default and one  
> could if
> running inside an Active Directory turn those off easily, but in the
> case where one doesn't have control over the hosts in question it  
> would
> be nice if there was a flag for indicating that the zone is able or  
> not
> to update, and possibly where to send updates. Is there such a  
> mechanism
> already?

There's a mechanism available which is in use by some people, but  
which when presented to dnsop led to much frowning and the document  
withered on the vine.

   http://tools.ietf.org/id/draft-jabley-dnsop-missing-mname-00.txt

The principle objection from memory was that this approach might cause  
yet more junk traffic to be received by the root servers. There was  
some sympathy for the fact that there is no good mechanism available  
to signal "DDNS not available" but in general there was no consensus  
that this was a real problem that needed solving.

Joe

--
to unsubscribe send a message to namedroppers-request <at> ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>