nanog mailing list archives

Re: Why is RFC1918 space in public DNS evil?

From: Gadi Evron <ge () linuxbox org>
Date: Mon, 18 Sep 2006 03:18:07 -0500 (CDT)


On Mon, 18 Sep 2006, Petri Helenius wrote:


Matthew Palmer wrote:

I've been directed to put all of the internal hosts and such into the public
DNS zone for a client.  My typical policy is to have a subdomain of the zone
served internally, and leave only the publically-reachable hosts in the
public zone.  But this client, having a large number of hosts on RFC1918
space and a VPN for external people to get to it, is pushing against this

In many scenarios the VPN'd hosts will ask for the names from the public 
DNS anyway, so I feel your client is right and it would be better for 
you to go with their wishes.


Putting all other issues aside, I believe you are right. Still, if VPN is
the problem than it is solvable. These machines can be configured with a
DNS server that knows where to go.


Pete

Current thread:

Why is RFC1918 space in public DNS evil? Matthew Palmer (Sep 18)
- Re: Why is RFC1918 space in public DNS evil? Petri Helenius (Sep 18)
  - Re: Why is RFC1918 space in public DNS evil? Gadi Evron (Sep 18)
    - Re: Why is RFC1918 space in public DNS evil? Jim Mercer (Sep 18)
    - Re: Why is RFC1918 space in public DNS evil? Daniel Senie (Sep 18)
    - Re: Why is RFC1918 space in public DNS evil? Jim Mercer (Sep 18)
- Re: Why is RFC1918 space in public DNS evil? Gadi Evron (Sep 18)
- Re: Why is RFC1918 space in public DNS evil? Simon Waters (Sep 18)
  - Re: Why is RFC1918 space in public DNS evil? Michael Nicks (Sep 18)
- Re: Why is RFC1918 space in public DNS evil? Joe Maimon (Sep 18)
  - Re: Why is RFC1918 space in public DNS evil? Fred Baker (Sep 18)
    - Re: Why is RFC1918 space in public DNS evil? Gadi Evron (Sep 18)
- Re: Why is RFC1918 space in public DNS evil? Peter J. Cherny (Sep 18)

(Thread continues...)