Date: Thu, 22 Apr 1999 17:44:26 -0400 From: Jason Canon <jcanon@comtechnologies.com> To: bmah@CA.Sandia.GOV Cc: David Schwartz <davids@webmaster.com>, Igor Roshchin <igor@physics.uiuc.edu>, stable@FreeBSD.ORG Subject: Re: netstat -r Message-ID: <371F9839.1AF82914@comtechnologies.com> References: <199904222128.OAA28085@stennis.ca.sandia.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks Bruce! Your posting clarifies that indeed the RFC 1918 authoritative servers were responsible for what both Igor and I observed. I run both the firewall and NAT. Do we know if the so called "sub-optimal" implementation is confined to certain versions and/or if a patch has been released that will reduce the queries? Thanks, Jason "Bruce A. Mah" wrote: > If memory serves me right, "David Schwartz" wrote: > > > I will repeat, it is an error to use private IPs in any way on > > the global Internet. That includes attempting to resolve them using > > the Internet's DNS system. They are supposed to be quarantined. If > > you choose to use DNS and you choose to use private address space, > > you are supposed to make sure they don't conflict. > > Hoping to inject some more Useful Information here...the following > paragraphs regarding read-rfc-1918-for-details.iana.net are from a > posting by Bill Manning to comp.protocols.dns.bind (Message-Id: > <199904211922.AA06595@zed.isi.edu>): > > > This was coming from the authoritative servers for the RFC 1918 space > > zones. It has been planned for more than a year. The data that drove > > the change was the exponental increase in the number of queries that > > these servers receive. This was an indication that firewall and NAT > > designers were becoming "sloppy" and not following the RFC statement > > that these addresses should not appear in the Internet. It appears > > that besides the "sub-optimal" firewall & NAT implementations, there > > are also other commercial packages that object to authoritative > > replies. :) This effect was compounded by the terse lable that formed > > the query response. > > > > And so the servers are (for now) back in the mode of silently discarding > > queries. I have been told that the lable will be reworked to be > > more informative and that I will receive instructions to re-enable > > authoritative answers soon. (likely a few months out but I don't really > > know when). > > Bruce. > > ------------------------------------------------------------------------ > Part 1.2Type: application/pgp-signature To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?371F9839.1AF82914>