Slow Contacting my host behind NAT
Karina Gómez Salgado
kgs at acabtu.com.mx
Thu Sep 21 16:31:29 UTC 2000
I added the 168.192.in-addr.arpa zone in my named.conf.
Really i only use the 192.168.0.X addresses in my internal network, but my dial up
users use another 192.168.20.X , so i prefered the idea of add the full 168.192
zone.
I'm testing in my private network and it seems that the performance is better.
I don't know about my other users but i will be testing all this week.
I will notice you if this work at all.
Thanks
Karina
Kevin Darcy wrote:
> Joseph S D Yao wrote:
>
> > On Tue, Sep 19, 2000 at 08:19:01PM -0400, Kevin Darcy wrote:
> > > Yes, the cause of the slowdown is probably the mail and FTP servers tryin=
> > > g
> > > unsuccessfully to do reverse lookups of the clients. They should be
> > > configured to know about the 168.192.in-addr.arpa zone. Set up
> > > 168.192.in-addr.arpa as master on one of your internal servers and if
> > ...
> >
> > Or just zone 0.168.192.in-addr.arpa, if as they say they are only using
> > the 192.168.0.* network.
>
> 168.192.in-addr.arpa should be in place to prevent "leakage" to Internet
> nameservers -- even if only the 192.168.0.* range is currently in use, can you
> guarantee that no-one will ever fat-finger one of those addresses? You're
> correct that it is not technically a requirement. But it's a good practice
> nonetheless. Another benefit is that it accommodates future growth better,
> making it easier to delegate other 192.168.*.* ranges to other internal
> organizations, for instance.
>
> Of course, 0.168.192.in-addr.arpa can always be defined in addition to its
> parent zone. But that seems like overkill if you only have a few hosts
> initially. You can always break out the subzone later.
>
> - Kevin
More information about the bind-users
mailing list