On Feb 20, 2007, at 07:20, Edward Lewis wrote:
At 5:00 +0000 2/20/07, Paul Vixie wrote:
because the default is for ambiguous addresses to leak into places
where
they make no sense. similarly, rfc 1918 source addressed ip
packets should
not be able to escape their routing domain by default.
The addresses are "private" not "ambiguous."
No Ed, they're ambiguous. Paul's right. Consider two companies each
of whom use 10/8 on their intranets.
They set up a joint venture and interconnect their nets. Whose 10/8
is telling the truth for some 10/8 address and which one is lying?
What goes into the DNS? Let's say they use a common 10/16 for the
joint venture. If someone's in that /16, which (parts of) 10.in-
addr.arpa do they resolve against for other parts of the network?
it's everybody's problem and every protocol's and service's
problem. in
dns, it looks like A RR's and so that's where i'm proposing to
filter it.
You can alter your implementation to serve your user base. But so
long as there are standard ways to properly use RFC 1918 space, I
would hope that there are tools to available to do that.
What I think we're trying to achieve here is define an element of
the "standard way to properly use RFC 1918 space".
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
