[51977] in North American Network Operators' Group
DNS/Routing advice
daemon@ATHENA.MIT.EDU (Dan Lockwood)
Wed Sep 11 11:34:41 2002
Date: Wed, 11 Sep 2002 08:34:34 -0700
From: "Dan Lockwood" <dlockwood@shastalink.k12.ca.us>
To: <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------_=_NextPart_001_01C259A8.BAFB3727
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Everyone,
=20
I have a customer that is multihomed, to a public ISP and to another
large network that uses 10.0.0.0 address space. The private address
space also has services available via public address space and
consequently is running a split DNS service, public and private.
Because of firewalls and the placement of DNS servers this customer has
a nasty routing situation and in order to make DNS work for the private
numbers, has spoofed the domain of the private network. My question is
this: are there any documents or RFCs that outline what is an acceptable
practice for running DNS and what is not? Their kluge of a network
causes continuous problems for both the upstream ISP and the private
network to which they are connecting and we may find ourselves in a
situation where we have to say that 'xyz' is an acceptable way of
operating and 'abc' is not. Any advice is appreciated. Thanks!
=20
Dan Lockwood
------_=_NextPart_001_01C259A8.BAFB3727
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Message</TITLE>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<META content=3D"MSHTML 6.00.2719.2200" name=3DGENERATOR></HEAD>
<BODY>
<DIV><SPAN class=3D437292815-11092002><FONT face=3DVerdana=20
size=3D2>Everyone,</FONT></SPAN></DIV>
<DIV><SPAN class=3D437292815-11092002><FONT face=3DVerdana=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D437292815-11092002><FONT face=3DVerdana size=3D2>I =
have a customer=20
that is multihomed, to a public ISP and to another large network that =
uses=20
10.0.0.0 address space. The private address space also has =
services=20
available via public address space and consequently is running a split =
DNS=20
service, public and private. Because of firewalls and the =
placement of DNS=20
servers this customer has a nasty routing situation and in order to make =
DNS=20
work for the private numbers, has spoofed the domain of the private=20
network. My question is this: are there any documents or RFCs that =
outline=20
what is an acceptable practice for running DNS and what is not? =
Their=20
kluge of a network causes continuous problems for both the upstream ISP =
and the=20
private network to which they are connecting and we may find ourselves =
in a=20
situation where we have to say that 'xyz' is an acceptable way of =
operating and=20
'abc' is not. Any advice is appreciated. =
Thanks!</FONT></SPAN></DIV>
<DIV><FONT face=3DVerdana size=3D2></FONT> </DIV>
<DIV align=3Dleft><FONT face=3DVerdana size=3D2>Dan=20
Lockwood</FONT></DIV></BODY></HTML>
=00
------_=_NextPart_001_01C259A8.BAFB3727--
