In general I have no confidence in the quality of CE router software, and in the ability of the consumers to update their routers with new firmware, if and when available. Vulnerabilities in the CE router DNS server software could endanger the quality of the internet infrastructure as a whole.
Relevant point. It is harder to exploit vulnerabilities in the router if it has services open to the Internet. If it only has services open towards the LAN, they become much harder to exploit remotely.
I agree that mobile devices like telephones are a special problem. However I also know that IPv6 has special functionality for mobile devices. I don't know if that functionality can help us with this problem, that should be investigated.
Those protocols aim at keeping the IP of the device static as the device is moving between networks. The way it works is by the device having a static home address and a dynamic address assigned by the network it is currently on.
As the device gets a new dynamic address it connects back to it home network to let the home network know its current location.
I do not think this feature is widely deployed. I think you have a much better chance of getting something working well, if you update the name in DNS to point to the new address.
Registering the devices with an alias DNS server like Dyndns has some advantages like you described.
Usually you have an IP address in the records at the dyndns provider, not a CNAME. You can have your own domain name and make a record there, which is a CNAME for a dyndns provider. That is mainly of interest if your address changes frequently, and your primary DNS provider does not offer automatic updates.
However the disadvantage is that reverse name lookup doesn't work, so you can't find a DNS name when you enter an IPv6 address.
What options you have for setting up reverse DNS depends on your internet provider. Some providers, such as HE, let you point the NS records for reverse lookup wherever you want. Other providers have no such option and will only let you set up reverse DNS through their own interface.
If you can have both forward and reverse records on the same authoritative DNS servers, updating them simultaneously with a single API call may be easy. But you shouldn't insist on them being on the same servers, as that will restrict your options. Depending on which provider you use, it may be easier to simply consider them separately and have each of them updated through whatever means are available.
You are right that ISPs don't think about getting access from the internet to consumer devices. However that attitude will have to change. Consumers will want to access home automation devices from the internet. You're at your office, and before you go home you want to switch on the central heating. Or you want to access surveillance camera's at your house. Or you want to program your TV to record a program. Or, or, or........ After all that is one of the advantages of and ideas behind IPv6.
None of that will get ISPs to change anything about how they handle DNS. Anybody who wants to sell you devices with such features will see that ISPs are not providing the necessary DNS service, and they will provide that feature with the equipment.
I predict one of two models being used
- The device will have a build in dyndns client and will come preconfigured with a domain name. Either a dyndns service hosted by the vendor of the equipment, or a separate dyndns provider, which they are partnering with.
- You won't access the device directly, instead you'll access the vendor's homepage, and the device will communicate with the same webserver to receive commands.
I hope they'll go with the first of the two options, and that they'll let you reconfigure the device to use a different dyndns provider, if you should need/want to.
I do think we should get our own sub-domain within the ISP domain
I don't see much advantage of that compared to having your own domain. With your own domain you can move between ISPs without having to get all your devices renamed.
I can't imagine I'm the first one in the whole world who is thinking about this
I'm sure people have been thinking about it. I just don't think anybody have seen much of a need. Using some variant of mDNS to identify devices within the LAN is being considered, I think that is at the very least considered in some draft standard.