User wanting to use a .local domain to host DNS
Novosielski, Ryan
novosirj at umdnj.edu
Thu Nov 15 16:39:31 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/15/2012 11:36 AM, btb wrote:
> On 2012.11.15 10.14, Novosielski, Ryan wrote:
>>> Failing to operate a private TLD correctly is causing internal
>>> data leaking to the Internet, which could be a security risk
>>> but in all cases is a burden on the root server system.
>>
>> Not that I think that I'm doing this (and as I'd said, the only
>> place I use this is at home on a NAT'd network where there is no
>> public DNS at all), but what are some common ways to let this
>> happen if you happen to know?
>
> a nat'd network is a prime example of exactly the sort of place
> this kind of thing happens. what it usually boils down to is non
> public namespace being used [be it invented tlds or
> rfc1918/5735/etc address space] with no nameserver on the local
> network with those zones configured as authoritative.
Great, thanks, sounds like I'm covered then (I have BIND running
authoritative for my zone on the firewall/NAT machine only accepting
queries from my local 1918 addresses) and DHCP providing its address
as the nameserver.
- --
- ---- _ _ _ _ ___ _ _ _
|Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer
|$&| |__| | | |__/ | \| _| |novosirj at umdnj.edu - 973/972.0922 (2-0922)
\__/ Univ. of Med. and Dent.|IST/EI-Academic Svcs. - ADMC 450, Newark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlClGsIACgkQmb+gadEcsb7NKwCfUELoFIjKy1TAHFysZ0megp82
MuwAn2V+fOa3enJ6UxRTJmMEmqj3wNeg
=ygQY
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list