[dns-operations] [Ext] How should work name resolution on a modern system?

David Conrad drc at virtualized.org
Thu Jun 16 15:26:32 UTC 2022


On Jun 15, 2022, at 6:57 PM, Mark Andrews <marka at isc.org> wrote:
> Views come down to lack of IPv4 address space forcing RFC 1918 on people

No. Split DNS existed before RFC 1918 was written. What ISC defined as “views" in BIND 9 is simply an implementation of an independent namespace. The fact that it is (now) most frequently used in the context of an independent address space is irrelevant.

> and security theatre that hiding names actually protects anything at all.

As people tend to use descriptive names (e.g., “printer”, “rtr”, “gw”, “Mark Andrew's iPhone”, etc.), useful information can be obtained from DNS names.

> After 27 years we, as an industry, shouldn’t be requiring anyone to use
> RFC 1918 addresses at all but the laggards in various places across the
> planet have prevented this being cleaned up.

Sorry, who are the Internet Police that are requiring the use of RFC 1918?  Regardless, people are using split DNS in IPv6 too.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20220616/f00f4bf1/attachment.sig>

More information about the dns-operations mailing list