[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ossig] DNS equivalent of RFC1918 private IPs?



I can't see what's wrong with creating your own fake TLD.  BIND has to accept
new TLDs from time to time (.name, .info, .biz etc), and copes fine.  I
had one server  serving it's own dummy TLD (.raq)  for some
time, worked fine, but it wasn't a full network configuration, just one
server and one win client using the server for its primary DNS.

You might still run into problem since new.net and possibly others have
created their own private TLDs and tried to push ICANN into accepting them
(no luck so far).  Apparently lots of requests for these leak out and
contribute a lot to the load on the root nameservers.


Or how about a '.my' 2nd level domain that would be unlikely to be ever
used?  Since there is already an 'edu.my', what about 'ac.my'?

Imran


Christopher DeMarco wrote:
Hi  all...    I've   got  an  internal network   which  has  NO Internet
connectivity.  I'm using  DNS to handle naming, and  up to now I've been
using "foo.com" as my domain name  even though it's  not mine.  No prob,
right, since my  NS will  only ever be  used by  my internal no-Internet
network.  Yeah I know, bad idea for multiple reasons... but I don't have
delegation of a namespace which I can use for this project, and I *need*
to use DNS.

So  I got to  wondering  whether there's a DNS    analog to the  RFC1918
"private" non-routable  IP  address space.    Something that  a)  nobody
"outside"  who might foolishly somehow use  my  NS for recursive queries
would ever look up  and b) no root server  would ever return  NS records
for, if somehow my network ever got onto  the big scary Information Toll
Highway.

I had the idea of   just putting myself into a   totally bogus TLD  like
.foo.  But BIND is so broken that I don't  want to tempt  it with such a
wacky configuration and djbdns doesn't do dynamic updates >:b

Please, any ideas?


--
Imran William Smith
Project Manager, Open Source Development,
MIMOS Berhad, Malaysia

Asian Open Source Centre : http://www.asiaosc.org
MIMOS Open Source        : http://opensource.mimos.my



------------------------------------------------------------
To unsubscribe: send mail to ossig-request@mncc.com.my
with "unsubscribe ossig" in the body of the message