nanog mailing list archives
Re: The power of default configurations
From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Thu, 07 Apr 2005 18:04:44 +0000 (GMT)
On Thu, 7 Apr 2005, Paul Vixie wrote:
no to 1) prolong the pain, 2) beat a horsey.. BUT, why are 1918 ips 'special' to any application? why are non-1918 ips 'special' in a different way?i know this is hard to believe, but i was asked to review 1918 before it went to press, since i'd been vociferous in my comments about 1597. in the text (RFC 1918) we see the following:
<snip>
yikes! i think i contributed some of that text. and i see now that it really does have to say something about dns forwarders. so i'll withdraw my suggestion that this thread be moved to bind-users@ -- it needs to go to dnsop () lists uoregon edu since it's not a BIND-specific issue at all.
So, this highlights some good operational practices in networking and DNS-applications, but doesn't answer how 1918 is 'different' or 'special' than any other ip address. I think what I was driving at is that putting these proposed road blocks in bind is akin to the 'cisco auto secure' features. Someone is attempting to 'secure' the problem (both the network and the application problems) here in the same manner. The practices outlined in the RFC paul quoted, if followed, should do this... So, the problem isn't that technology is required to fix this, its that people aren't doing the required things to make the pain stop (at the enterprise or individual site level). Making the distinction between 1918 and 'other' seems, atleast at the equipment or application level, like a recipe for disaster. As paul mentioed wrt Microsoft earlier: There are many an enterprise out there with 1918 in siteX/Y/Z and 'globally unique ip space' in sites A/B/C.
Current thread:
- Re: The power of default configurations Andrew Dul (Apr 07)
- Re: The power of default configurations Paul Vixie (Apr 07)
- Re: The power of default configurations Christopher L. Morrow (Apr 07)
- Re: The power of default configurations Paul Vixie (Apr 07)
- Re: The power of default configurations Petri Helenius (Apr 07)
- Re: The power of default configurations Paul Vixie (Apr 07)
- Re: The power of default configurations Petri Helenius (Apr 07)
- Re: The power of default configurations Christopher L. Morrow (Apr 07)
- Re: The power of default configurations Christopher L. Morrow (Apr 07)
- Re: The power of default configurations Randy Bush (Apr 07)
- Re: The power of default configurations Michael . Dillon (Apr 08)
- Re: The power of default configurations Simon Waters (Apr 08)
- Re: The power of default configurations Duane Wessels (Apr 08)
- Port 0 traffic Sean Donelan (Apr 08)
- Re: Port 0 traffic Christopher L. Morrow (Apr 08)
- Re: The power of default configurations Paul Vixie (Apr 07)
- Re: The power of default configurations Sean Donelan (Apr 10)
- Message not available
- Re: The power of default configurations Jay R. Ashworth (Apr 10)
- Re: The power of default configurations Christopher L. Morrow (Apr 10)