Non-Routable IPs from Ext View
rich at hamptonhouse.org
Tue Apr 4 19:08:14 UTC 2006
I've encountered something that I don't completely understand with one
of my domain configurations. The whole problem started with some
domains being unable to send mail to my domain. Note that I said some.
One of these domains was DARPA. When I contacted their sysadmin, I
learned that their name servers were reporting a non-routable IP address
for my mail server (which is NAT'd behind a firewall and has a
non-routable address). My bind machine (also NAT'd - v9.3.1) is using
views and and here are two example nslookups, one from inside and the
other from the outside:
richh at DESFS890:~ $ nslookup mail.denergysolutions.com
[rich at elijah ~]$ nslookup mail.denergysolutions.com ns1.denergysolutions.com
OK, so far so good, right? Back to DARPA. They ended up fixing the
problem on their end but refused to tell me what was going on. All they
would say is that it was not a cache flush. More recently, I'm having
issues with 3com's domain (among two others). They assure me that they
have flushed their caches and that there is nothing wrong with their
DNS. Here is what happens when using their DNS when conducting a lookup:
[rich at elijah ~]$ nslookup mail.denergysolutions.com ns.mmm.com
My fear is that I may have had something initially misconfigured when I
first setup the domain and that internal host addresses got leaked onto
the net and cached. If so, is there anything I can do to help force
these addresses to update? Is it possible that I could still have
something misconfigured such that some domains are getting the internal
view rather that the external view?
I just don't get it.
Any ideas you have are greatly appreciated.
More information about the bind-users