Incompetance abounds at the InterNIC
Adam D. McKenna
adam at flounder.net
Wed Jan 20 16:51:38 UTC 1999
From: Phil Howard <phil at whistler.intur.net>
:John Fraizer wrote:
:> 1) You should have domain servers for ANY domain you register that live
:> NON-RFC1918 space. Otherwise, Why register the domain at all? If it's
:> use behind the firewall, why not use internic.net or whitehouse.gov? You
:> say "Because they want to receive email at the domain!" Well, to receive
:> email, the rest of the world has to be able to find the mx records and to
:> do that, your domain servers have to live in NON-RFC space and we have
:> completely and totally blown your first point out of the water and made
:> in your own words, "moot."
:You have totally missed the concept that businesses can connect to other
:businesses which connect other businesses and so on, and conduct network
:protocols using the TCP/IP suite, just as if it were an Internet, but in
:fact is highly isolated and segmented. Any ONE company in it may only be
:able to reach those companies they connected directly to, but the other
:companies reach many more companies.
:Using RFC1918 space for this won't work because there has to be some kind
:of administration of the space to ensure enough uniqueness that no two
:companies that are visible to any one company have the same addressing.
:There can be only one such administration of any practicality even though
:this "closed Internet" is chopped into isolated segments.
:Further, many companies with these networks also allow direct access to
:the real open Internet. That means for sure that addresses in use on the
:open Internet cannot be duplicated anywhere else. So the allocation of
:space within the closed network has to be unique even compared to the
:So it makes sense that every company connecting this way must obtain their
:own unique address space.
His original argument was that you should have domain servers available for
domains registered through internic. You seem to be arguing an entirely
different point. If a domain is to be used exclusively behind a firewall,
with no outside connectivity, then you should use a reserved TLD (I know
there are a few, I don't know what they are though.)
All of your other points can be taken care of with Network Address
Translation, which is trivial to implement.
More information about the NANOG