<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2650.12">
<TITLE>RE: Question: resolution of private IP addresses </TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>I remember researching this too, and remember that we actually put a 10/8 address in the public DNS. AFAIK it is not considered good practice.</FONT></P>
<P><FONT SIZE=2>I also remember a comment by one of my colleagues that the typical VPN software should also be able to handle this issue. Once you have a secure tunnel into your corporate network, you should be able to use the (single) DNS on your intranet.</FONT></P>
<P><FONT SIZE=2>Peter van Eijk, Deloitte & Touche Bakkenist, Network Strategy & Architecture, tel: +31 6 53515927, www.van-eyk.net/pve, pvaneijk@deloitte.nl, pve@van-eyk.net</FONT></P>
<BR>
<BR>
<P><FONT SIZE=2>> -----Original Message-----</FONT>
<BR><FONT SIZE=2>> From: owner-dns-wg@ripe.net [<A HREF="mailto:owner-dns-wg@ripe.net">mailto:owner-dns-wg@ripe.net</A>]On Behalf Of</FONT>
<BR><FONT SIZE=2>> Greg Cipollone</FONT>
<BR><FONT SIZE=2>> Sent: 16 January 2002 15:23</FONT>
<BR><FONT SIZE=2>> To: dns-wg@ripe.net</FONT>
<BR><FONT SIZE=2>> Subject: Question: resolution of private IP addresses </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> Dear all,</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> I have a simple question regarding the resolution of </FONT>
<BR><FONT SIZE=2>> hostnames with private</FONT>
<BR><FONT SIZE=2>> IP addresses.</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> One of our corporate customers would like to (mis)use DNS to allow the</FONT>
<BR><FONT SIZE=2>> resolution of intranet hosts. The customer operates its own </FONT>
<BR><FONT SIZE=2>> global VPN but</FONT>
<BR><FONT SIZE=2>> for operational reasons cannot install / manage local DNS it </FONT>
<BR><FONT SIZE=2>> each and every</FONT>
<BR><FONT SIZE=2>> of its locations. Also, the customer does not want to operate </FONT>
<BR><FONT SIZE=2>> a centralised</FONT>
<BR><FONT SIZE=2>> intranet DNS service as the Internet connectivity, which is </FONT>
<BR><FONT SIZE=2>> local in each</FONT>
<BR><FONT SIZE=2>> country, in some of its remote locations would be severely </FONT>
<BR><FONT SIZE=2>> affected (as DNS</FONT>
<BR><FONT SIZE=2>> requests would take inordinate amount of time).</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> I have tried to research this but could not find anything </FONT>
<BR><FONT SIZE=2>> that would be</FONT>
<BR><FONT SIZE=2>> prevent the resolution to private IP addresses. The main </FONT>
<BR><FONT SIZE=2>> concern is that</FONT>
<BR><FONT SIZE=2>> ISP's would filter out their DNS cache to prevent this.</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> Any comments?</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> Best regards,</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> Greg Cipollone</FONT>
<BR><FONT SIZE=2>> Technischer Direktor</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> ***************************************************************</FONT>
<BR><FONT SIZE=2>> Twinwave Intranet und Internet Services GmbH</FONT>
<BR><FONT SIZE=2>> Schmidtstr. 51, 60326 Frankfurt</FONT>
<BR><FONT SIZE=2>> Tel.: +49-69-75 086-0, Fax: +49-69-75 086-555</FONT>
<BR><FONT SIZE=2>> E-Mail: g.cipollone@twinwave.net</FONT>
<BR><FONT SIZE=2>> Web-Seite: <A HREF="http://www.twinwave.net" TARGET="_blank">http://www.twinwave.net</A></FONT>
<BR><FONT SIZE=2>> ***************************************************************</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>This e-mail message and its attachments are subject to the disclaimer published at the following website of Deloitte & Touche : <A HREF="http://www.deloitte.nl/disclaimer" TARGET="_blank">http://www.deloitte.nl/disclaimer</A> <<A HREF="http://www.deloitte.nl/index.asp?Pageid=010109135051734" TARGET="_blank">http://www.deloitte.nl/index.asp?Pageid=010109135051734</A>></FONT></P>
</BODY>
</HTML>