[Soekris] DNS Non-delegated local domain behind NATed firewall
Zac Morris
zac at zacwolf.com
Fri Nov 3 15:31:28 UTC 2006
This might have some clues:
http://www.ntia.doc.gov/ntiahome/ntiageneral/ipv6/final/IPv6final2.htm
The document is specific to ipv6, but it talks about the "10."
block-space that is purposely "unallocated" for Internet usage.
Frankly, I always use 192.168. blocks for my home/private networks, but
the company where I work (Cisco Systems, Inc.) uses 10. for all it's
"intra-net" IP addresses.
Interesting factoid, Hewlett-Packard is one of the few corporations that
have their own Class A subnet, anything 15. is HP. Most countries don't
even get a class A subnet. :-)
-Zac
Jan Ceuleers wrote:
> Bill Maas wrote:
>
>
>> Is there any clear policy or guideline on this topic? I've looked for an
>> RFC about this subject, but there doesn't seem to be one. What is the
>> safest option for domain naming behind a NAT box?
>>
>
> What I do is claim an entirely unused domain. My local name server is
> configured to be authoritative for it. My name server is not visible
> from the Internet, and is in fact protected by several layers of filters
> (NAT, firewall, application-level ACL) in order to avoid any possibility
> of it causing problems on the Internet.
>
> Jan
> _______________________________________________
> Soekris-tech mailing list
> Soekris-tech at lists.soekris.com
> http://lists.soekris.com/mailman/listinfo/soekris-tech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.soekris.com/pipermail/soekris-tech/attachments/20061103/2d797c04/attachment.html
More information about the Soekris-tech
mailing list