Forrest, Michael E. wrote:
>> A globally-routable address might, or might not, be an EUI-64
>> address. Most client machines (desktops, PDAs, &c) will only have
>> an EUI-64 address. I'd seriously question if they need to be, or
>> even should be, registered...
>
> To add to this, try deploying a handful of ipv6 clients and without dns
> registration you'll end up in a lot of pain. If you pre-populate the dns
> with the EUI-64 addresses, then that covers the non-microsoft clients
> ;-)
>
> Sendmail/exim breaks for ipv6 clients where the clients forward/reverse
> dns don't resolve to the same thing (probably is true for other mail
> servers, although untested).
Reasonable in the case of inter-server SMTP; in fact I'd say it's a
Good Thing(tm) in this case. *Not* so reasonable in the case of an
initial submission service that should be positively authenticating
the user sending the EMail message. Of course, I'd also argue that
having no forward *and* no reverse DNS registration does mean that
"they resolve to the same thing". ;-)
> Tcpwrappers for ipv6 works in a similar way of checking the dns name
> resolves to the same both ways.
>
> Apache I believe is similarly picky about addresses
>
> Typically any application that has acl awareness *.<domain name> will
> break.
Yes. I'd argue (elsewhere on this thread) that using that sort of
ACL is now a Bad Thing(tm).
> <snip>
--
David Pick
|