North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Why is RFC1918 space in public DNS evil?
- From: Gadi Evron
- Date: Mon Sep 18 04:26:37 2006
On Mon, 18 Sep 2006, Petri Helenius wrote:
> Matthew Palmer wrote:
> > I've been directed to put all of the internal hosts and such into the public
> > DNS zone for a client. My typical policy is to have a subdomain of the zone
> > served internally, and leave only the publically-reachable hosts in the
> > public zone. But this client, having a large number of hosts on RFC1918
> > space and a VPN for external people to get to it, is pushing against this
> In many scenarios the VPN'd hosts will ask for the names from the public
> DNS anyway, so I feel your client is right and it would be better for
> you to go with their wishes.
Putting all other issues aside, I believe you are right. Still, if VPN is
the problem than it is solvable. These machines can be configured with a
DNS server that knows where to go.