Embed Size (px)
DESCRIPTION
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Reverse Delegations Stored in APNIC WHOIS database as domain objects. Automatic form checks domain and nameserver configuration for sanity ‘Sanity’ is at least two nameservers, and information consistent across nameservers and form (ie, SOA same, NS list same, authority set) Assumes knowledge of Reverse DNS
Citation preview
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
APNIC Open Address Policy APNIC Open Address Policy MeetingMeeting
APNIC Reverse DNSAPNIC Reverse DNSOctober 26th, BrisbaneOctober 26th, Brisbane
Bruce CampbellBruce [email protected][email protected]
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
Purpose of APNIC Reverse DNSPurpose of APNIC Reverse DNS
Delegation of IP space from APNIC to Delegation of IP space from APNIC to ISPs etc. (in-addr.arpa / ip6.int )ISPs etc. (in-addr.arpa / ip6.int )
Not automatically set up as part of an IP Not automatically set up as part of an IP allocation from APNIC.allocation from APNIC.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
Reverse DelegationsReverse Delegations
Stored in APNIC WHOIS database as Stored in APNIC WHOIS database as domain objects.domain objects.
Automatic form checks domain and Automatic form checks domain and nameserver configuration for sanitynameserver configuration for sanity‘‘Sanity’ is at least two nameservers, and Sanity’ is at least two nameservers, and information consistent across nameservers and information consistent across nameservers and form (ie, SOA same, NS list same, authority set)form (ie, SOA same, NS list same, authority set)
Assumes knowledge of Reverse DNSAssumes knowledge of Reverse DNS
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
What is a Domain Object?What is a Domain Object?
Domain: 63.62.61.in-addr.arpaDomain: 63.62.61.in-addr.arpaDescr: Server and Office SubnetDescr: Server and Office SubnetCountry: AUCountry: AUAdmin-c: (APNIC) NIC-HDLAdmin-c: (APNIC) NIC-HDLTech-c: (APNIC) NIC-HDLTech-c: (APNIC) NIC-HDLZone-c: (APNIC) NIC-HDLZone-c: (APNIC) NIC-HDLnserver: ns1.my.forward.domainnserver: ns1.my.forward.domainnserver: ns.some.faraway.sitenserver: ns.some.faraway.site
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
What is a Domain Object (2) ?What is a Domain Object (2) ?
Remarks: free textRemarks: free textnotify: Database emails this addressnotify: Database emails this addressmnt-by: MAINT-My-Maintainer-Objectmnt-by: MAINT-My-Maintainer-Objectmnt-lower: MAINT-My-Maintainer-Objectmnt-lower: MAINT-My-Maintainer-Objectchanged: email@address YYYYMMDDchanged: email@address YYYYMMDDsource: APNICsource: APNIC
Standard APNIC database object.Standard APNIC database object.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
LimitationsLimitations
Classful delegations (limited to the ‘.’ Classful delegations (limited to the ‘.’ boundaries). (/19 allocation must delegate boundaries). (/19 allocation must delegate 32 /24s)32 /24s)
Not telepathic, must request (re)delegation.Not telepathic, must request (re)delegation.Must have nameservers set up before Must have nameservers set up before
requesting delegation.requesting delegation.Changes made public (officially) only once Changes made public (officially) only once
per business day (10am, UTC+1000) on per business day (10am, UTC+1000) on ns.apnic.net .ns.apnic.net .
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
Via EmailVia Email
Standard APNIC database object, can be Standard APNIC database object, can be updated via email.updated via email.
Nameserver/domain set up verified before Nameserver/domain set up verified before being submitted to the database.being submitted to the database.
Protection by maintainer object (current Protection by maintainer object (current auths of NONE, Email address, password auths of NONE, Email address, password or PGP).or PGP).
No zone file rebuilds occur on weekends.No zone file rebuilds occur on weekends.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
On the Web and InteractiveOn the Web and Interactive
Http://www.apnic.net/db/domain.htmlHttp://www.apnic.net/db/domain.html
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
Online Errors (also via Email)Online Errors (also via Email)
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
Request Sent to APNICRequest Sent to APNIC
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
Successful UpdateSuccessful Update
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E
Questions?Questions?
[email protected]@apnic.net
