Re: is your host or dhcp server sending dns dynamic updates for rfc1918?
now as to who's responsible, first off you have to understand that we block rfc1918-sourced packets at our AS boundary. (otherwise these numbers would be Much Higher
are you sure? i suspect they are windows 2000 systems behind NATs. so the dynamic update is for the 1918 address, but the packet source address has been natted into real space.
according to our border flow stats, not all of them get nat'd on the way here.
now as to who's responsible, first off you have to understand that we block rfc1918-sourced packets at our AS boundary. (otherwise these numbers would be Much Higher are you sure? i suspect they are windows 2000 systems behind NATs. so the dynamic update is for the 1918 address, but the packet source address has been natted into real space. according to our border flow stats, not all of them get nat'd on the way here.
we already knew nats were broken. but i still believe that win2k behind nats probably explain most of the data behind the updates for 1918 space from non-1918 ip source addresses. randy
On Fri, Apr 19, 2002 at 10:06:19AM -0700, Randy Bush wrote:
according to our border flow stats, not all of them get nat'd on the way here.
we already knew nats were broken.
but i still believe that win2k behind nats probably explain most of the data behind the updates for 1918 space from non-1918 ip source addresses.
We find that updates in the forward zones are a great way of tracking laptops, btw, as nobody ever changes the 'domain' or whatever it is called in Windows. So you see these updates coming in from everywhere the laptop goes. Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
participants (3)
-
bert hubert -
Paul Vixie -
Randy Bush