rfc1918 ns records coming from internet are queried?
sthaug at nethelp.no
sthaug at nethelp.no
Wed Nov 26 19:16:01 UTC 2008
> A good border router will do a few things for network hygiene. It will filter
> incoming packets that have a source address from the internal network, and it
> will filter outgoing packets that don't have a source IP in the internal network.
>
> A DNS server should do a similar thing: it will not send rfc1918 queries to
> the internet, and it will discard rfc1918 responses from the internet.
A border router knows what is "inside" and "outside" your network, while
a DNS server does not. Important difference.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the bind-users
mailing list