[52003] in North American Network Operators' Group
Re: DNS/Routing advice
daemon@ATHENA.MIT.EDU (Christopher McCrory)
Wed Sep 11 16:15:44 2002
Date: Wed, 11 Sep 2002 13:13:53 -0700
From: Christopher McCrory <chrismcc@pricegrabber.com>
Reply-To: nanog@merit.edu
To: nanog@merit.edu
Cc: Dan Lockwood <dlockwood@shastalink.k12.ca.us>
Errors-To: owner-nanog-outgoing@merit.edu
Hello...
Dan Lockwood wrote:
> Everyone,
>
> I have a customer that is multihomed, to a public ISP and to another
> large network that uses 10.0.0.0 address space. The private address
The other large network is, IMHO, broken for doing this. The address
space is no longer 'private'.
> space also has services available via public address space and
> consequently is running a split DNS service, public and private.
> Because of firewalls and the placement of DNS servers this customer has
> a nasty routing situation and in order to make DNS work for the private
> numbers, has spoofed the domain of the private network. My question is
Have you thought about DNS 'forwarding' ?
something like this in your DNS server:
zone "broken.company" {
type forward;
forwarders {
10.0.0.1;
10.0.0.2;
// first using private address space publicly
// then not even putting DNS on seperate networks
// lamers
};
};
instead of running their zone locally?
> this: are there any documents or RFCs that outline what is an acceptable
> practice for running DNS and what is not? Their kluge of a network
IMHO, this is a broken network issue not really a DNS issue.
> causes continuous problems for both the upstream ISP and the private
> network to which they are connecting and we may find ourselves in a
> situation where we have to say that 'xyz' is an acceptable way of
> operating and 'abc' is not. Any advice is appreciated. Thanks!
>
> Dan Lockwood
And please don't post in HTML.
--
Christopher McCrory
"The guy that keeps the servers running"
chrismcc@pricegrabber.com
http://www.pricegrabber.com
Let's face it, there's no Hollow Earth, no robots, and
no 'mute rays.' And even if there were, waxed paper is
no defense. I tried it. Only tinfoil works.
