Re: RFC1918 addresses to permit in for VPN?

[Danny McPherson <danny () ambernetworks com>]

> This is one of the benchmarks of cluelessness. The other is that the
> addresses don't have reverse DNS.  

Perhaps they do resolve interally to BT, it's just that 
your resolver can't get anything useful via the normal 
channels:

danny@sofos% dig @a.root-servers.net 16.172.in-addr.arpa ns

; <<>> DiG 8.2 <<>> @a.root-servers.net 16.172.in-addr.arpa ns 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      16.172.in-addr.arpa, type = NS, class = IN

;; ANSWER SECTION:
16.172.in-addr.arpa.    6D IN NS        BLACKHOLE.ISI.EDU.
16.172.in-addr.arpa.    6D IN NS        BLACKHOLE.EP.NET.

;; Total query time: 108 msec
;; FROM: sofos.tcb.net to SERVER: a.root-servers.net  198.41.0.4
;; WHEN: Fri Dec 29 11:42:12 2000
;; MSG SIZE  sent: 37  rcvd: 98

Though I agree that using reserved address space in this 
manner is [usually] a bad idea, I think we [NANOG] have been 
through this dicussion more than a few times in this past.

-danny