[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 Confusion

Subject: IPv6 Confusion
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Tue, 17 Feb 2009 19:42:15 -0500
In-reply-to: Your message of "Wed, 18 Feb 2009 10:55:30 +1100." <[email protected]>
References: <[email protected]>

On Wed, 18 Feb 2009 10:55:30 +1100, Mark Andrews said:
> 	I solve it by give the machine a name.  Adding a KEY record
> 	at that name to the DNS, the private part the machine knows.

I think the issue is that the machine in question may not know its own hostname
to start, much less that dnssec is in use, or that a private key is supposed to
be remembered on the machine.  So there's a bit of a bootstrapping problem
there.

Of course, you can skip over that issue by letting the DHCP server do
the DNS updates as a proxy for the just-DHCP'ed machine, but that has
other issues...

(or just pre-populate the DNS with DHCP-2001-9A98-D247-{5more}.ISP.com and be
done with it like many places do for IPv4)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20090217/9a8c97e7/attachment.bin>

Follow-Ups:
- IPv6 Confusion
  - From: Mark_Andrews at isc.org (Mark Andrews)

References:
- IPv6 Confusion
  - From: Mark_Andrews at isc.org (Mark Andrews)

Prev by Date: IPv6 Confusion
Next by Date: IPv6 Confusion
Previous by thread: IPv6 Confusion
Next by thread: IPv6 Confusion
Index(es):
- Date
- Thread