Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Why is RFC1918 space in public DNS evil?

  • From: Roland Dobbins
  • Date: Mon Sep 18 15:23:09 2006
  • Authentication-results:;; dkim=pass (sig from verified; );
  • Dkim-signature: a=rsa-sha1; q=dns; l=657; t=1158607022; x=1159471022;c=relaxed/relaxed; s=sjdkim8002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;;; z=From:Roland=20Dobbins=20<>|Subject:Re=3A=20Why=20is=20RFC1918=20space=20in=20public=20DNS=20evil?;; b=oGagHcYxrZrB20J3lc5QdrmFlvZilcO8PWUZSG8vFDsanD1PBKj2Vwj7oFp6QthAysCnzr7EDlKugzBIdAdR4MpDpfsOa5Y0ILZv1eBtiY9otmqz53LZS9npnjaRdY1+;

On Sep 18, 2006, at 12:12 PM, Elijah Savage wrote:

I've been directed to put all of the internal hosts and such into the public
DNS zone for a client.
Another option is split-horizon DNS for the internal stuff, if it never needs to be publicly visible.

Roland Dobbins <> // 408.527.6376 voice

Any information security mechanism, process, or procedure which can
be consistently defeated by the successful application of a single
class of attacks must be considered fatally flawed.

-- The Lucy Van Pelt Principle of Secure Systems Design

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.