[Soekris] DNS Non-delegated local domain behind NATed firewall
zac at zacwolf.com
Fri Nov 3 15:31:28 UTC 2006
This might have some clues:
The document is specific to ipv6, but it talks about the "10."
block-space that is purposely "unallocated" for Internet usage.
Frankly, I always use 192.168. blocks for my home/private networks, but
the company where I work (Cisco Systems, Inc.) uses 10. for all it's
"intra-net" IP addresses.
Interesting factoid, Hewlett-Packard is one of the few corporations that
have their own Class A subnet, anything 15. is HP. Most countries don't
even get a class A subnet. :-)
Jan Ceuleers wrote:
> Bill Maas wrote:
>> Is there any clear policy or guideline on this topic? I've looked for an
>> RFC about this subject, but there doesn't seem to be one. What is the
>> safest option for domain naming behind a NAT box?
> What I do is claim an entirely unused domain. My local name server is
> configured to be authoritative for it. My name server is not visible
> from the Internet, and is in fact protected by several layers of filters
> (NAT, firewall, application-level ACL) in order to avoid any possibility
> of it causing problems on the Internet.
> Soekris-tech mailing list
> Soekris-tech at lists.soekris.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Soekris-tech