Incompetance abounds at the InterNIC

Adam D. McKenna adam at
Wed Jan 20 16:51:38 UTC 1999

From: Phil Howard <phil at>

:John Fraizer wrote:
:> 1) You should have domain servers for ANY domain you register that live
:> NON-RFC1918 space.  Otherwise, Why register the domain at all?  If it's
:> use behind the firewall, why not use or  You
:> say "Because they want to receive email at the domain!"  Well, to receive
:> email, the rest of the world has to be able to find the mx records and to
:> do that, your domain servers have to live in NON-RFC space and we have
:> completely and totally blown your first point out of the water and made
:> in your own words, "moot."
:You have totally missed the concept that businesses can connect to other
:businesses which connect other businesses and so on, and conduct network
:protocols using the TCP/IP suite, just as if it were an Internet, but in
:fact is highly isolated and segmented.  Any ONE company in it may only be
:able to reach those companies they connected directly to, but the other
:companies reach many more companies.
:Using RFC1918 space for this won't work because there has to be some kind
:of administration of the space to ensure enough uniqueness that no two
:companies that are visible to any one company have the same addressing.
:There can be only one such administration of any practicality even though
:this "closed Internet" is chopped into isolated segments.
:Further, many companies with these networks also allow direct access to
:the real open Internet.  That means for sure that addresses in use on the
:open Internet cannot be duplicated anywhere else.  So the allocation of
:space within the closed network has to be unique even compared to the
:open Internet.
:So it makes sense that every company connecting this way must obtain their
:own unique address space.

His original argument was that you should have domain servers available for
domains registered through internic.  You seem to be arguing an entirely
different point.  If a domain is to be used exclusively behind a firewall,
with no outside connectivity, then you should use a reserved TLD (I know
there are a few, I don't know what they are though.)

All of your other points can be taken care of with Network Address
Translation, which is trivial to implement.


More information about the NANOG mailing list