Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Apr 1999 12:40:31 -0700
From:      "David Schwartz" <davids@webmaster.com>
To:        "Jason Canon" <jcanon@comtechnologies.com>, "Igor Roshchin" <igor@physics.uiuc.edu>
Cc:        <stable@freebsd.org>
Subject:   RE: netstat -r
Message-ID:  <000001be8cf7$fb2eed80$021d85d1@whenever.youwant.to>
In-Reply-To: <371F6D15.BCBABA04@comtechnologies.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

	The problem will not 'clear up' in any reasonable sense of the word until
you either:

	1) Fix your nameserver so that it stops trying to resolve private IPs using
the global Internet's DNS fabric, or

	2) Fix your machines so that they no longer try to reverse resolve private
IPs on name servers not configured to handle it.

	So long as you are relying on private IP space to behave in a particular
way on the global Internet, when there are no such guarantees, your
configuration is broken. Private IPs are supposed to be quarrantined from
the global Internet.

	DS

> -----Original Message-----
> From: Jason Canon [mailto:jcanon@comtechnologies.com]
> Sent: Thursday, April 22, 1999 11:40 AM
> To: Igor Roshchin
> Cc: David Schwartz; stable@freebsd.org
> Subject: Re: netstat -r
>
>
> I do believe you are correct about someone at IANA performing a bit of
> "tweaking".  The problem on our server cleared up with no action
> on our part.
>
> Thanks,
> Jason
>
> Igor Roshchin wrote:
>
> > > > Our FreeBSD server has been in operation for about a year
> and it just
> > > > runs like a charm.  Every so often
> > > > I do "netstat -r" just to make sure that I'm still being
> the bandwidth
> > > > hog on our network.  Today, however,
> > > > instead of the customary inverse-mapping that I get from
> the /etc/hosts
> > > > file I got a note on each listing  saying:
> > > >
> > > >     "read-rfc1918-for-details.iana.net" followed by our Private IP
> > > > Address and Ethernet Address
> > > >
> > > > What could have changed to create this output?  We have always been
> > > > using RFC 1918 addressing
> > > > along with NAT.
> > >
> > >       It's telling you that you tried to reverse resolve an
> IP address that was
> > > private without configuring your name server to reverse them
> correctly.
> > >
> > >       DS
> > >
> >
> > I don't think so.
> > As one of the previous responders noted, for some reason,
> > today at least several hosts in 10.x.x.x zone had the reverse lookup
> > set to show read-rfc1918-for-details.iana.net
> >
> > I had seen it myself for our regional router (or whatever it is) -
> > today mid-day, then it turned back to be nameless again.
> >
> > It looks like somebody at IANA was tweaking (I hope not hacking :)
> > the DNS for 10.0.0.1 or its part.
> >
> > IgoR
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-stable" in the body of the message
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?000001be8cf7$fb2eed80$021d85d1>