I'm replying to the main thread, as Rob still insists with posting using his broken MUA which breaks threading, making it impossible to follow his ramblings. Thanks Rob.
On 6/16/20 1:23 PM, Rob Janssen via 44Net wrote:
I notice that more and more 44net traffic originates from addresses that are not registered in DNS. To identify an amateur radio transmission, it is required in most countries that the callsign is included in transmissions. Up to now I have considered traffic from a net44 address to be identified by the reverse name that can be looked up in DNS, and that has the basic structure of "hostname.callsign.ampr.org" (with of course some variations, but always the callsign of the responsible station is part of the name).
Having reverse DNS with a callsign in it doesn't meet identification requirements in the ITU or FCC rules, assuming the packet is traversing an RF link on amateur frequencies. Under FCC rules (and I'm aware you may be under a different legal authority), the control operator is the required ID, not the originator of the packet.
I think everyone should be encouraged (or even required) to register all used addresses in DNS. There may have been some hurdles to do that in the past (e.g. the never completed DNS part of the portal, the unavoidable restrictions of the ampraddr robot to accept only updates from coordinators).
What is the problem you're seeking to solve if it's not legal identification of transmissions?
Everyone who has e.g. a number of hosts in the 44.190 or other not nationally registered parts of the network can send a list of their IP addresses and corresponding hostnames (with names like the above, i.e. a callsign embedded in them) to me, then I can submit them to the robot and they get registered in the ampr.org main DNS service. Otherwise please register your hosts through your local coordinator, even when you have been allocated an entire subnet.
DNS NS records handle this now. When you allocate a /24, your name servers are setup to handle x.190.44.in-addr.arpa. This works and works well requiring no manual or non-standard software. DNSSEC could be added to secure it if needed.
Given that we now have this situation, I think there should be a general policy of allowing AXFR and preferably also IXFR zone-transfers of these zones between net44 addresses. We should not have "dark and secret" zones that are inaccessible to others, I think, especially for the reverse (PTR) zones.
What does this solve? If you have evidence of non-ham use of 44net space, email the ARDC board. AFIK there is no procedure to report this.
Allowing you to have a copy of my zone file isn't going to fix it. I can just use CNAME records and jump to another domain. Should I be forced to give AXFR access to any CNAME domains too? I can't do this for a number of services and services in my hamcolo, as everyone has control over their own reverse dns. (side bar, if anyone needs a VM for something ping me offlist.)
As it is now, you can download the zonefiles from an FTP server (or of course you can do lookups at the master server ampr.org at 44.0.0.1) and compile a list of updates (using diff between the downloaded- and the desired info) and then you can create an e-mail message to the ampraddr robot that will do the updates.
Again, this is non-standard and doesn't add any functionality over and above reverse DNS. If you want to see who is responsible for an IP in 44net, you can use the portal or rwhois.
These proposals are asking DNS to do something it's not designed for. There is also the need for a procedure regarding what to do when a person suspects non-ham use of 44net by a licensee. Defining what would constituent this use is going to be hard, and then what would be acceptable proof of it. There would need to be clear and public proceeding to enforce this as well.
73s