North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Identifying IP address types

  • From: Sean Donelan
  • Date: Sun Feb 15 19:08:28 2004 
On Sun, 15 Feb 2004 [email protected] wrote:
> On Sun, 15 Feb 2004 17:46:05 EST, Sean Donelan said:
> > What if I told you about a method to identify the type of connection for
> > every IP address in our DNS?  You don't need to rely on third-party DUL
> > lists.
>
> Hmm.. color me dubious, but keep talking.  Best bet here would probably be
> some interesting abuse of PTR records?

You wouldn't be too far off.

It depends on whether you consider the ISP a cooperative partner or a
hostile participant.

Not only are 3rd party block lists often out-of-date and difficult to
update, the public has a hard time understanding the difference between
an ISP voluntarily listing their IP addresses in a DUL list and being
labelled a "spam haven" because their IP addresses are in a block list.

If you assume the ISP wants to help (which you also have to assume
for a port 25 blocks to work), how can an ISP provide first-party
information about the status of an IP address on demand to anyone?

My idea is to follow the RFC1101 example.

PTR records already have other uses and requirements. So I suggest using
another record type which doesn't have a current meaning in the reverse
DNS.  Instead use something like a HINFO record.

1.0.168.192.in-addr.arpa	in	ptr	some1.example.net
				in	hinfo	Dynamic	Dialup
2.0.168.192.in-addr.arpa	in	ptr	some2.example.net
				in	hinfo	Static	xDSL

The ISP (or really the network administrator for the network block) is
in the best position to know how the IP addresses are managed.  The
netadmin can keep the HINFO records up to date, or correct the record if
they are incorrect.  You don't need to guess which DUL maintainer contains
records for various networks or worry about a DOS attacks on a few DNS
servers affecting mail service globally.  You always query the network
administrator's DNS servers when you receive a connection from an IP
address for information about that IP address.