To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS

Pyda Srisuresh srisuresh at yahoo.com
Tue May 15 17:41:10 UTC 2001


--- "Vivien M." <vivienm at dyndns.org> wrote:
> > -----Original Message-----
> > From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
> > Pyda Srisuresh
> > Sent: May 15, 2001 12:03 PM
> > To: Valdis.Kletnieks at vt.edu; Adam McKenna
> > Cc: nanog at nanog.org
> > Subject: Re: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS
> >
> >
> > Forcing hostnames and PTR's to match will also prevent people from NAT
> > land accessing your servers. There are hardly any NAT implementations
> > that do dynamic DNS updates.
> 
> Your NAT implementation must not be the same as the ones I've worked with,
> because with the [simple] ones I've seen, you have something like
> 192.168.0.0/24 all coming out and talking to the world as 1.2.3.4 (the more
> elaborate implementations give each private IP a unique outside IP, in which
> case you just set up your DNS for each IP. A little more work, perhaps,
> but...). Now, if 1.2.3.4 has proper matching forward/reverse DNS lookups, I
> don't see how people behind someone else's NAT pose a problem.
> 

Sure, not in the case of NAPT (assuming you have a PTR record set for
1.2.3.4). My point is merely that there may be many cases it is not so
straight forward to do the DNS updates for PTR records.

> Vivien
> --
> Vivien M.
> vivienm at dyndns.org
> Assistant System Administrator
> Dynamic DNS Network Services
> http://www.dyndns.org/
> 
cheers,
suresh

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/




More information about the NANOG mailing list