Re: [Asrg] DNSxL notation for IPv6?

On Sep 18, 2007, at 6:20 AM, John Levine wrote:

>>> What would make sense, and what not? What has already been tried?
>
> In my DNSxL draft, soon to be an RFC we hope, I say that it's
> nibble reversed hex, the same as v6 rDNS.
>
>>> Besides the bandwidth argument (is this a valid argument?)
>>
>> I don't think so. Reversed-nibble takes 64 bytes of DNS packet
>> contents (alternating length bytes and nibble-in-ASCII-hex bytes);
>> I don't consider this large enough to be an issue, especially
>> since it will normally occur only once per packet, even if
>> multiple records are returned, thanks to name compression.
>
> Quite right. Any normal v6 query or response should fit in a 512
> byte packet, and that's all that matters.

Nevertheless, IPv6 remains a problem for email. IPv6 is problematic when attempting to construct ever larger and more dangerous SPF records, for example.

Section 1.3 indicates why reverse DNS lookup for IPv6 is being met with little enthusiasm.
http://tools.ietf.org/html/draft-ietf-dnsop-reverse-mapping- considerations-05

Although the 64 bytes needed for reversed IPv6 address names impacts reverse lookups, and schemes like rfc4025, returning an A record is not a problem. The zone size for programs like rbldnsd will necessitate additional servers. The sheer number of IPv6 addresses impairs establishing reputations, even at /64 CIDRs. IPv6 reputations are unlikely to prove an effective deterrent and will likely cause the number of routes to explode even more rapidly. Placing all your fingers, toes, and other body parts in the IPv6 spam source damn is likely to be a wasted and ill-considered effort. This effort will enjoy greater cache miss rates, increased packet sizes, a massive and expensive database, and more routes. There are better approaches that do not depend upon the IP address as an identifier.

-Doug