private address 192.168.x.x or 10.x.x.x on a public dns
Chris Thompson
cet1 at hermes.cam.ac.uk
Mon Apr 28 20:34:54 UTC 2008
On Apr 28 2008, roger wrote:
>Hello,
>
>I am trying to find some information that I already believe to be
>true.
>
>I belive: You shouldn't configure a DNS, that answers queries to the
>internet, with a host that will point to a private address.
>
>Our engineering department wants me to do the following:
>
>host IN A 192.168.99.154
>
>on a nameserver that answers queries to the internet.
>
>I feel this is wrong,
It is bad manners, at least, to publish misleading data. (Misleading
because the address will mean something else to the average recipient.)
A bit like pointing an NS or MX record at a host that is never accesible
from the Internet at large, or maybe a bit more sinful than that.
> I think this is not allowed,
Yup, the Permanent Floating Internet Posse will hunt you down!
Well, maybe not.
> but I can not find
>the RFC, book, internet article that will support my claim. My google-
>foo has failed me. Can anyone lend a helping hand, or if someone can
>lead me to documentation that says it is ok to do so would also be
>helpful.
It's not really that difficult to restrict locally-scoped DNS
data to the appropriate locality. Use views, or separate zones
with appropriate access controls.
--
Chris Thompson
Email: cet1 at cam.ac.uk
More information about the bind-users
mailing list