rfc1918 ns records coming from internet are queried?
Mark Andrews
Mark_Andrews at isc.org
Wed Nov 26 23:43:46 UTC 2008
In message <492DAF97.2020507 at ca.sophos.com>, David Sparks writes:
> sthaug at nethelp.no wrote:
> >>> A border router knows what is "inside" and "outside" your network, while
> >>> a DNS server does not. Important difference.
> >> You're missing the point. This is not about inside and outside networks,
> it
> >> is about rfc1918 responses from internet queries.
> >
> > I'm afraid I have seen too many organizations using a mix of public and
> > RFC1918 IP addresses on the "inside". Thus I don't believe that you can
> > differentiate based on RFC1918 addresses or not on a general basis.
>
> This is incorrect, you can always differentiate based on rfc1918 addresses.
> When a 3rd party gives you a rfc1918 address it is invalid.
Except it may not be. Networks are way too complicated to
make such general assumptions.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list