I have only now realized just how generous Hurricane Electric's Tunnel Broker service is. I was looking at the reverse DNS options when I noticed the IP ranges it delegates is different from the IPs on the end points of the tunnel. Needless to say, I was confused. (Yeah, yeah, I know: I was more confused than usual, right?)
The tunnel end point IPs are already in a /64 (apparently this is a RFC requirement) so I assumed that I was supposed to use the other IPs from that range. It works and there's nothing technically wrong with using them, except you cannot delegate reverse DNS because HE is already doing that to provide names for the end points. If you want to delegate rDNS, you have to use the actual /64 that was assigned to you. Well duh!
But wait! There's more! If you have multiple network segments (as I do), you can request a /48 which lets you have 65536 /64 subnets! So, with this free service, you can get up to 65538 /64's (less two IPs for the tunnel end points). I'll leave calculating the actual number of IPs as an exercise for reader. My head hurts just thinking about it.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment