Slow Contacting my host behind NAT
Kevin Darcy
kcd at daimlerchrysler.com
Wed Sep 20 21:39:50 UTC 2000
Joseph S D Yao wrote:
> On Tue, Sep 19, 2000 at 08:19:01PM -0400, Kevin Darcy wrote:
> > Yes, the cause of the slowdown is probably the mail and FTP servers tryin=
> > g
> > unsuccessfully to do reverse lookups of the clients. They should be
> > configured to know about the 168.192.in-addr.arpa zone. Set up
> > 168.192.in-addr.arpa as master on one of your internal servers and if
> ...
>
> Or just zone 0.168.192.in-addr.arpa, if as they say they are only using
> the 192.168.0.* network.
168.192.in-addr.arpa should be in place to prevent "leakage" to Internet
nameservers -- even if only the 192.168.0.* range is currently in use, can you
guarantee that no-one will ever fat-finger one of those addresses? You're
correct that it is not technically a requirement. But it's a good practice
nonetheless. Another benefit is that it accommodates future growth better,
making it easier to delegate other 192.168.*.* ranges to other internal
organizations, for instance.
Of course, 0.168.192.in-addr.arpa can always be defined in addition to its
parent zone. But that seems like overkill if you only have a few hosts
initially. You can always break out the subzone later.
- Kevin
More information about the bind-users
mailing list