Problem with named of a network error or problem with the configuration on the interconnecting peers?
Igor V. Ruzanov
igorr at canmos.ru
Fri Aug 15 06:30:53 UTC 2008
On Fri, 15 Aug 2008, Andrey G. Sergeev (AKA Andris) wrote:
> Well, though the publicity of DNS data seems to be a good reason to
> expose it, but not for everyone and in every case. I think that the DNS
> administrators should decide whether to disclose the [sometimes]
> sensitive zone data or not by "for whom how" basis. Let's imagine that
> your zone has some RRs for the Windows PCs, DCs, print servers, lab
> equipment etc. I don't consider that conscientious or evil strangers
> just like me and you need to know much about this private stuff.
>
One of the posible decisions to hide any private stuff is to assign it to
RFC1918 addresses. Just like you NEED to have all DNS reverses for your
address space delegated to you by RIPE source, in the same manner you
could NOT make any "secret" RRs about additional aspects of your network
topology in your public DNS. And there is no additional philosophy;)
+-------------------------------------------+
! CANMOS ISP Network !
+-------------------------------------------+
! Best regards !
! Igor V. Ruzanov, network operational staff!
! e-Mail: igorr at canmos.ru !
+-------------------------------------------+
More information about the bind-users
mailing list