To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS
Vivien M.
vivienm at dyndns.org
Tue May 15 16:52:00 UTC 2001
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
> Pyda Srisuresh
> Sent: May 15, 2001 12:03 PM
> To: Valdis.Kletnieks at vt.edu; Adam McKenna
> Cc: nanog at nanog.org
> Subject: Re: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS
>
>
> Forcing hostnames and PTR's to match will also prevent people from NAT
> land accessing your servers. There are hardly any NAT implementations
> that do dynamic DNS updates.
Your NAT implementation must not be the same as the ones I've worked with,
because with the [simple] ones I've seen, you have something like
192.168.0.0/24 all coming out and talking to the world as 1.2.3.4 (the more
elaborate implementations give each private IP a unique outside IP, in which
case you just set up your DNS for each IP. A little more work, perhaps,
but...). Now, if 1.2.3.4 has proper matching forward/reverse DNS lookups, I
don't see how people behind someone else's NAT pose a problem.
Vivien
--
Vivien M.
vivienm at dyndns.org
Assistant System Administrator
Dynamic DNS Network Services
http://www.dyndns.org/
More information about the NANOG
mailing list