Why is RFC1918 space in public DNS evil?

Elijah Savage esavage at digitalrage.org
Mon Sep 18 19:54:31 UTC 2006


----- Original Message -----
From: Roland Dobbins <rdobbins at cisco.com>
To: nanog at merit.edu
Sent: Monday, September 18, 2006 3:17:01 PM GMT-0500
Subject: Re: Why is RFC1918 space in public DNS evil?



On Sep 18, 2006, at 12:12 PM, Elijah Savage wrote:

> I've been directed to put all of the internal hosts and such into  
> the public
> DNS zone for a client.

>Another option is split-horizon DNS for the internal stuff, if it  
>never needs to be publicly visible.

Yes, that's what views will give you. You have an internal view only your vpn and lan users can see. Then you have a public view for all others that do not mix. All can be run on the same servers vice having 2 external and 2 internal name servers and also without having to run multiple instances of bind.





More information about the NANOG mailing list