How to handle rfc 1918 addresses locally

Barry Margolin barmar at genuity.net
Sat Mar 2 01:34:20 UTC 2002


In article <a5p2sk$5uc at pub3.rc.vix.com>,
Karyn Williams  <karyn at calarts.edu> wrote:
>
>We use a mix of public and private addresses on our lan. There is no DMZ or
>firewall, just NAT. Even though I think NAT should happen between our
>vlans, it does not always do so. Three times recently we have seen a major
>slowdown on one of our servers. Solaris 8. It does pop, ssh, http. What is
>happening as far as I can tell is that it is sporadically timing out doing
>reverse lookups on our private addresses. I STFW and read DNS and Bind V4,
>but have not found much on this subject. It does seem as though we should
>have reverse zone files for the private addresses we use. I tried setting
>this up today, but it seems to not help. 
>
>So, the first question is, is this the correct solution ?

Yes.

>Next, anything special I should know WRT setting up reverse files for
>private addresses ?

The only thing special about them is that they aren't delegated to your
servers.  So the machines doing the reverse lookup must use your servers as
resolvers or forwarders; they won't find the reverse DNS if they're
configured to do normal recursive lookups from the root servers.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.


More information about the bind-users mailing list