In message <alpine.BSF.2.00.1107041959400.29602@xxxxxxxxx>, "John R. Levine" wri tes: > > Reverse IPv6 caches well. You just can't pre-populate servers with PTR > > records for all 2^64 ptr records in a normal IPv6 subnet. You need to > > use tools that add records for nodes that actually exist. Those tools > > are a decade old now. > > Over in e-mail land, we've been pondering the behavior of spammers, who > will likely hop to a different IPv6 address for every spam. If you do rDNS > lookups, your cache will fill up with useless entries, maybe PTR, maybe > NXDOMAIN, it hardly matters. DNSBLs and DNSWLs, if done the same way as > they are in IPv4, have the same problem. These issues are well known in > the mail ops community, where it's now the standard advice not to try rDNS > lookups on incoming IPv6 mail. Or you just tune the cache retention times. For NXDOMAIN/NODATA that's 3 hours by default for named but could be tuned down to 10 minutes or lower without ill effects. RFC 2308 recommends 1-3 hours. I also don't see the point in worrying about this. Caches cope with spammers using a different From domains on each piece of email which is looked up in the DNS. The worst using a different IPv6 address per email can do is double the cache requirements for the same volume of email. LRU cleaning of the cache will cope with this. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@xxxxxxx _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf