My ISP's private address space has dns entries available on the public net , is this right ?

Kevin Darcy kcd at chrysler.com
Tue Aug 10 14:36:42 UTC 2010


Well, RFC 1918 *itself* says you shouldn't do this:

    If an enterprise uses the private address space, or a mix of private
    and public address spaces, then DNS clients outside of the
    enterprise should not see addresses in the private address space
    used by the enterprise, since these addresses would be ambiguous.

(In Section 5, Operational Considerations).

But, you should understand that RFC 1918 itself is only a "BCP" (Best 
Current Practice), not a Standards-Track document, so you can't really 
call the RFC Police on them.

On the other hand, common sense would dictate that if you use RFC 1918 
at all, you shouldn't pick and choose which parts of it you follow and 
which parts you don't. The arguments go both ways on this point, see 
e.g. http://www.merit.edu/mail.archives/nanog/2006-09/msg00359.html

                                                                         
                                                                         
                         - Kevin

On 8/9/2010 8:09 PM, donovan jeffrey j wrote:
> Greetings
>
> my isp has some private address space which has dns resolution and can be queried from the outside world.
>
> I asked them about this because we use this private address space and it is showing up in our DNS lookups. here was there response;
>
>    
>>     I've discussed this with our systems administrators and have been told that this is performing as expected.  ISP DNS servers do contain information about private adresses that are in use on our network.  If you are utilizing our DNS servers, you will see resolution of private IPs to ISP hostnames when appropriate.  That will not occur using external DNS servers.  You will see resolution of PTD hostnames to private IPs from external servers, but not IP resolution to hostnames.  As long as reverse DNS (IP to hostname) is not propogating, things are functioning normally.
>>      
> so even from google public dns i see lookups that refer back to a private address space on my ISP's net.
>
> is that right ?
> -j
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>    

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100810/cbd87ce0/attachment.html>


More information about the bind-users mailing list