[dns-operations] Advisory ? D-root is changing its IPv4 address on the 3rd of January.
Paul Vixie
paul at redbarn.org
Fri Dec 21 18:02:02 UTC 2012
On 2012-12-21 2:50 PM, WBrown at e1b.org wrote:
> Does anyone know if Microsoft will be pushing out an update to change the
> root hints on Windows DNS servers? If so, when?
every OS vendor gets around to this eventually. so...
> Also, we have many sites that need to point to our internal name servers
> for RFC1918 addresses. At some of them, they do this by mucking up the
> hints instead of using server level forwarding. ...
...if you're modifying your hints files, you have to find a way to
manage your modifications, like "puppet".
> ... "Bad thing, man" runs
> through my head when I picture what might happen if Microsoft pushes out a
> patch to update the hints file. I suspect basically all of their RFC1918
> resolutions will be replaced by resolution starting at the root and
> getting public addresses when they should have gotten private addresses.
> Am I correct?
yes, that's how the system was designed.
i've considered several times that full end-to-end architectural support
for private addressing would include distinguished forwarder addresses
when looking up names in 10.in-addr.arpa, 168.192.in-addr.arpa, and so
on. possibly RFC 1918's successor should choose addresses within each
block as the static forwarders for queries about those blocks. like
10.0.0.53 and 10.0.0.99 would be the presumptive forwarders for all
queries in 10.in-addr.arpa, whereas 192.168.0.53 and 192.168.53.53 for
168.192.in-addr.arpa, and so on. probably it's too late and way too
controversial, but that's what full architectural support for private
addressing would have looked like at the DNS level.
paul
More information about the dns-operations
mailing list