20130904
Currently it seems that google is blocking email from servers that do not have a IPv6 PTR record. On August 17th .a title=“Waar blijft RDNS? (Dutch)” href=“http://xs4all.ipv6.narkive.com/jOo7yGQe/waar-blijft-rdns".a post./a. was posted in the IPv6 newsgroup of the Dutch provider .a title=“IPv6 at XS4ALL” href=“https://www.xs4all.nl/klant/ipv6/".XS4ALL./a. complaining that their native IPv6 did not have IPv6 PTR records and that this resulted in mail rejection by google.
Why is it so difficult to support IPv6 PTR records for customers?
.!–more–.
There are multiple reasons why IPv6 PTR records are difficult to support. .ul. .li.Privacy extensions (RFC 4941)./li. .li.Stateless address autoconfiguration (SLAAC)./li. .li.Address space./li. .li.DNSSEC./li. ./ul> [h2]Privacy extensions[/h2] The reason for privacy extensions is to be ‘invisible’ by changing the IPv6 address that you use frequently. Of course when you create persistent PTR records for the same system every time, it beats the purpose of keeping your privacy. Example: [code]2001:db8:18:8000:21f1:f624:d2b8:3702 -> my-computer.example.com 2001:db8:18:8000:55c3:7efd:93d1:5057 -> my-computer.example.com[/code]
[h2]SLAAC[/h2] When SLAAC is used, the system configures the IPv6 address based on the MAC address of the network interface. This will be different when using wifi or a cable, although it will be the same system. And when a customer changes the NIC of the computer the address will also change. Example: [code]2001:db8:18:8000:2ed4:44ff:feb9:cde2 = MAC 2c:d4:44:b9:cd:e2[/code]
[h2]Address space/DNSSEC[/h2] Based on the options above you might want to create fixed PTR records based on the IPv6 AAAA record to get all possible PTR’s. Example: [code]2001:db8:18:8000:21f1:f624:d2b8:3702 -> 21f1.f624.d2b8.3702.ptr.example.com 2001:db8:18:8000:55c3:7efd:93d1:5057 -> 55c3.7efd.93d1.5057.ptr.example.com[/code]
Most ISP’s get a /32 from their RIR which means they have 79,228,162,514,264,337,593,543,950,336 (=79x10 ^27 ) adresses which would have to have a PTR record. This is a lot of records to create and serve in DNS and most addresses will not be used.
Also when DNSSEC is used a change in those records will take a long time to sign the zone.
So it is hard for an ISP to know how this can be done for every customer.
I think it would be a good idea to provide an interface for customers where they can choose how they want to be able to get PTR’s for IPv6 addresses.
But since the total IPv6 address space is 2^128 (=3.402823669×10³⁸) addresses it is very costly to create all these records especially when
ISP has /32 which is 79,228,162,514,264,337,593,543,950,336 (=79x10 ^27 )adresses which have to have a ptr.
And most address will not be used.