James Smith wrote:
> Has anyone picked up on the fact that private (rfc1918) IP addresses
> suddenly started resolving to read-rfc1918-for-details.iana.net in the last
> few days?
>
> This is affecting my, and other's syslog listings and all my machines on our
> 192.168.x.x internal network behind our NAT box and Firewall.
It means that your network is misconfigured.... Read RFC 1918 for details
:--)
> Is this a new decision in the world of TCP/IP that I missed? Also DNS seems
> to resolve these addresses as this host name (nslookup) this seems to be the
> seat of the problem, but no one can tell me if this is new.
Its not really new...
You have a DNS "leak"... To partially solve your problem, you need to configure
your internal dns servers as authoritive for the private range so that the
192.168 reverse lookups dont go out to the internet (if they do, you get that as
the response).. Then you need to configure all devices that use dns to use the
internal DNS server(s) for look ups....
> Though this is probably not a Firewall issue it affects private networks
> which are generally behind Firewalls.... Oh I'm not going to try to motivate
> why I posted it here, I just wanted the best brains I knew of to brainstorm
> about the problem.
--
-
---
Sami Yousif
mailto:[EMAIL PROTECTED]
http://www.mav.net/teddyr/syousif/ Personal Page
http://www.alug.org/ Amarillo Linux Users Group
[eMail sent to any of my addresses is subject to the Conditions outlined
in http://www.mav.net/teddyr/emailtos.shtml]
[Note: I no longer support ARNet (arn.net) as an ISP nor WTAMU
(wtamu.edu) as an educational institution nor LEK (lektech.com) as a
Computer Supplier] {http://www.mav.net/teddyr/access/banned.shtml}
[heard somewhere: "You have the right to remain clueless. Anything you
know may be used against you in a court of law"]
Another day, so many more LARTS to go. [BOFH, BUFH, JOAT]
"Understanding is a three edge sword: Our side, Their Side, and the
Truth" Babylon 5
<time is on my side>
Tuesday, January 19th 2038, 03:14:07 UTC: Are YOU Ready?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
