private address 192.168.x.x or 10.x.x.x on a public dns
Mark Andrews
Mark_Andrews at isc.org
Tue Apr 29 00:03:44 UTC 2008
> Hello,
>
> I am trying to find some information that I already believe to be
> true.
>
> I belive: You shouldn't configure a DNS, that answers queries to the
> internet, with a host that will point to a private address.
>
>
> Our engineering department wants me to do the following:
>
> host IN A 192.168.99.154
>
> on a nameserver that answers queries to the internet.
>
>
> I feel this is wrong, I think this is not allowed, but I can not find
> the RFC, book, internet article that will support my claim. My google-
> foo has failed me. Can anyone lend a helping hand, or if someone can
> lead me to documentation that says it is ok to do so would also be
> helpful.
Read RFC 1918.
This is the RFC which allocates these addresses for private use.
Mark
If an enterprise uses the private address space, or a mix of private
and public address spaces, then DNS clients outside of the enterprise
should not see addresses in the private address space used by the
enterprise, since these addresses would be ambiguous. One way to
ensure this is to run two authority servers for each DNS zone
containing both publically and privately addressed hosts. One server
would be visible from the public address space and would contain only
the subset of the enterprise's addresses which were reachable using
public addresses. The other server would be reachable only from the
private network and would contain the full set of data, including the
private addresses and whatever public addresses are reachable the
private network. In order to ensure consistency, both servers should
be configured from the same data of which the publically visible zone
> Best Regards,
> Roger Murray
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list