nanog mailing list archives

Re: The power of default configurations

From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 07 Apr 2005 03:03:33 +0200


* Sean Donelan:

On Mon, 4 Apr 2005, Paul Vixie wrote:

adding more.  oh and as long as you're considering whether to restrict
things to your LAN/campus/ISP, i'm ready to see rfc1918 filters deployed...


Why does BIND forward lookups for RFC1918 addresses by default?


I think Paul complained about DNS queries with source addresses from
RFC 1918 space.  It's hard to stop this without using connected UDP
sockets.

Why isn't the default not to forward RFC1918 addresses (and martian
addresses).


Is the fraction of PTR lookups for RFC 1918 space really that high?

If a sysadmin is using BIND in a local network which uses RFC1918
address, those sysdmins can change their configuration?


They already have to, otherwise the queries won't hit their
authoritative servers.

Current thread:

Re: so, how would you justify giving users security? [was: Re: botted hosts], (continued)
- - - Re: so, how would you justify giving users security? [was: Re: botted hosts] Stephen J. Wilcox (Apr 04)
    - Re: so, how would you justify giving users security? Florian Weimer (Apr 04)
    - Re: so, how would you justify giving users security? Stephen J. Wilcox (Apr 05)
    - Re: so, how would you justify giving users security? Florian Weimer (Apr 04)
    - Re: botted hosts Florian Weimer (Apr 04)
    - Re: botted hosts Christopher L. Morrow (Apr 04)
    - Re: botted hosts Dean Anderson (Apr 04)
    - Re: botted hosts Valdis . Kletnieks (Apr 04)
    - The power of default configurations Sean Donelan (Apr 06)
    - Re: The power of default configurations JP Velders (Apr 06)
    - Re: The power of default configurations Florian Weimer (Apr 06)
    - Re: The power of default configurations Sean Donelan (Apr 06)
    - Re: The power of default configurations Duane Wessels (Apr 07)
    - Re: The power of default configurations Paul Vixie (Apr 07)
    - Re: The power of default configurations Eric A. Hall (Apr 06)
    - Re: The power of default configurations Jon Lewis (Apr 07)
    - Re: The power of default configurations Eric A. Hall (Apr 07)
    - Re: The power of default configurations Jon Lewis (Apr 07)
    - Re: The power of default configurations Eric A. Hall (Apr 07)
    - Re: The power of default configurations Jon Lewis (Apr 07)
    - Re: The power of default configurations Eric A. Hall (Apr 07)

(Thread continues...)