Cloudflare apparently creates invalid PTR records for IPv6 addresses

Cloudflare apparently creates invalid PTR records for IPv6 addresses (tested via Dashboard and API).

Context: I have a domain, example.com, with an IPv6 address. I want to create a PTR record in Cloudflare for email sending purposes. I’ll be redacting the IPv6 address, just like the domain name, for privacy reasons.

Perceived issue: It seems that whenever I try to create a PTR record for an IPv6 address, the domain get’s appended to the end of the name record fasely. Given that this is a PTR record, the name field should end in .ip6.arpa., not in the actual domain example.com

However when I try to insert the IPv6 address (reversed of course) and append .ip6.arpa the domain get appended so it is saved like this: .ip6.arpa.example.com. This prevents me from using PTR records for IPv6 at all, because all PTR records will always be invalid.

I have tested this from the dashboard, as well as from the API, to verify. In both cases the issue persists. I’ve also downloaded the actual DNS records via the “Export DNS records” feature in the Cloudflare dashboard and it confirms the issue. The PTR record has .ip6.arpa.example.com for the name instead of expected .ip6.arpa.

Expected:
Name: (...).ip6.arpa
Value: example.com

Actual records:
Name: (...).ip6.arpa.example.com
Value: example.com

You can only do that if the entire IP network has been allocated to you by the RIR. PTR records can only be created by the party who has been delegated the corresponding netblock in the parent zone. This will not be you. Your ISP will normally be the party in charge of the ip6.arpa. zones for their networks.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.