Anybody have experience running rbldnsd (serving surbl zones) on IPv6 addresses? Clearly the data -in- the zones are IPv4 values but the servers can communicate using IPv6 addresses.
I'm in the process of a general config refresh & IPv6 deployment and noticed that the surbl dns servers lists that my copies are in (a.surb.org & b.surbl.org) only contain IPv4 addrs (A records), no AAAA records.
So is this just inertial or is there a reason for not listing IPv6 addrs for rbldnsd servers? I did a local test with rbldnsd-0.996b on SLES11-SP1 and it seems to run/answer on IPv6 just fine.
Dave
On Saturday, February 11, 2012, 3:17:25 PM, Dave Funk wrote:
Anybody have experience running rbldnsd (serving surbl zones) on IPv6 addresses? Clearly the data -in- the zones are IPv4 values but the servers can communicate using IPv6 addresses.
I'm in the process of a general config refresh & IPv6 deployment and noticed that the surbl dns servers lists that my copies are in (a.surb.org & b.surbl.org) only contain IPv4 addrs (A records), no AAAA records.
So is this just inertial or is there a reason for not listing IPv6 addrs for rbldnsd servers? I did a local test with rbldnsd-0.996b on SLES11-SP1 and it seems to run/answer on IPv6 just fine.
Dave
Hi Dave, SURBL has nameservers running on IPv6 addresses. If you'd like to provide DNS service over v6, I think we an add your servers to the delegations for that.
SURBL does not currently blacklist IPv6 addresses, but it may in future.
Cheers,
Jeff C.
On Sat, 11 Feb 2012, Jeff Chan wrote:
On Saturday, February 11, 2012, 3:17:25 PM, Dave Funk wrote:
Anybody have experience running rbldnsd (serving surbl zones) on IPv6 addresses?
[snip..]
Hi Dave, SURBL has nameservers running on IPv6 addresses. If you'd like to provide DNS service over v6, I think we an add your servers to the delegations for that.
SURBL does not currently blacklist IPv6 addresses, but it may in future.
Cheers,
Jeff C.
Jeff, Thanks. I'm in the testing/deploying stage now. Probably going live next week, will take you up on your offer then.
Just wanted to know if anybody else had tried this and what landmines were out there.
Dave
On 12.02.2012 07:43, Dave Funk wrote:
On Sat, 11 Feb 2012, Jeff Chan wrote:
On Saturday, February 11, 2012, 3:17:25 PM, Dave Funk wrote:
Anybody have experience running rbldnsd (serving surbl zones) on IPv6 addresses?
[snip..]
Hi Dave, SURBL has nameservers running on IPv6 addresses. If you'd like to provide DNS service over v6, I think we an add your servers to the delegations for that. SURBL does not currently blacklist IPv6 addresses, but it may in future. Cheers, Jeff C.
Jeff, Thanks. I'm in the testing/deploying stage now. Probably going live next week, will take you up on your offer then.
Just wanted to know if anybody else had tried this and what landmines were out there.
Dave
Hai!
Please do.
I will also post a message on the zones list about it.
Thanks, Raymond Dijkxhoorn, Prolocation
Op 12 feb. 2012 om 18:16 heeft Paul Freeman paul@noc4.net het volgende geschreven:
On 12.02.2012 07:43, Dave Funk wrote:
On Sat, 11 Feb 2012, Jeff Chan wrote:
On Saturday, February 11, 2012, 3:17:25 PM, Dave Funk wrote:
Anybody have experience running rbldnsd (serving surbl zones) on IPv6 addresses?
[snip..]
Hi Dave, SURBL has nameservers running on IPv6 addresses. If you'd like to provide DNS service over v6, I think we an add your servers to the delegations for that. SURBL does not currently blacklist IPv6 addresses, but it may in future. Cheers, Jeff C.
Jeff, Thanks. I'm in the testing/deploying stage now. Probably going live next week, will take you up on your offer then.
Just wanted to know if anybody else had tried this and what landmines were out there.
Dave
--
Hi Jeff, I feel somewhat guilty that this has been on my todo list for sometime (number of years, back in 2004/5 when we did our initial testing and deployment for v6 with BT Exact/6xs and friends here in the uk) as a subject to bring up with You/SURBL, please drop me a line so we can add a v6 assignment to our current mirror too.
Jeff,Dave, Undoubtedly v6 addresses will need to enter the lists as time goes on, there will most probably come a time in the future when spammers notice that v6 filtering is thin-on-the-ground and attempt to take advantage of that.
Dave, in terms of "landmines", just generally applicable things for v6 - as things currently stand there is a mix of native v6 and tunnelled v6, the various tunnelling techniques bring their own set of MTU related issues to the table, so if you filter careful attention needs to paid to ICMPv6 (particularly icmpv6-packet-to-big) for example. on the general v6 note there are a number of rfc's on operational considerations and issues relating to dns, smtp and a number of other protocols over v6 etc now. :)
Kindest regards Paul Freeman,
NOC4 Technologies Limited
+44(0)20 3422 4441 (Direct) +44(0)20 3422 4455 (Fax)
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss