DNS & IP address management

• Previous message (by thread): DNS & IP address management
• Next message (by thread): DNS & IP address management
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 22, 2021 at 11:15 AM Andy Smith <andy at strugglers.net> wrote:

> Hi Joel,
>
> On Wed, Sep 22, 2021 at 10:12:26AM -0400, Joel Sommers wrote:
> > Besides the common "reserved" keyword in the FQDN, we also see
> > names like "not-in-use.example.tld", again with quite a few
> > addresses all mapped to that one name.
>
> I assume you are seeing this by resolving the reverse DNS of each IP
> address in the range.
>
> > The naming appears to suggest that this is an on-the-cheap IP
> > address management practice, but we are wondering if there are
> > other operational reasons that might be behind what we observe.
>
> The purpose is generally informational, for those without access to
> the internal address management system (or quick hint to those who
> do have access).
>
> If one sees traffic from such an IP address and then sees it
> being marked as reserved or not in use, then one knows that
> something is up, either with the presence of the traffic or the lack
> of an update to the reverse mapping. If there had been simply no
> reverse mapping then this information would not have been conveyed.
>
> It doesn't imply a lack of an address management system or an
> attempt to use DNS to manage "on the cheap" - though it doesn't
> exclude those possibilities either.
>

Yup. Some IPAM tools will generate / populate zone files with this sort of
thing for you.

This sort of thing used to be more common when people would use things
like  "101.92.140.39.dynamic.isp.com" or "cable-78-109-33-05.provider.net"
to signal that the address was in use by dynamic customer (and so shouldn't
be sending mail directly),  "reserved-10.10.10.100.example.com" (or
'unused' or whatever) to signal that it isn't in use (and so shouldn't be
sending mail at all), and "mx-17.exmaple.net" to signal that it is a "real"
mailserver.
I suspect that the "on the cheap" is more places that don't have working
reverse DNS at all....

W


> Thanks,
> Andy
>


-- 
The computing scientist’s main challenge is not to get confused by the
complexities of his own making.
  -- E. W. Dijkstra
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210922/29beb018/attachment.html>

• Previous message (by thread): DNS & IP address management
• Next message (by thread): DNS & IP address management
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]