--On den 30 september 2005 13.19.41 +0200 Paul Herman <pherman@cleverbridge.com> wrote:
Hello dns-wg list!
SUMMARY: In short, in a SOA RR of ours we have an MNAME that corresponds to a primary master server which has a private IP address. This is causing problems with many RIPE member registrars.
Is it possible that RIPE could consider relaxing this "recommendation" that causes problems for RFC compliant zones? How do you, the DNS community, feel about this?
I think not. The collateral damage of allowing this relaxation when applied to another organisation, where there are slave servers that might not be in the same routing domain[0] as the MNAME box (and thus not able to see the RFC 1918 address, because 1918 says those addresses should stay in one routing domain) would be un-nice. Basically, using RFC 1918 address space for central, critical infrastructure that might get connections from arbitrary places on the net is a bad idea. Allowing it in a policy document is even worse. -- Måns Nilsson Systems Specialist +46 70 681 7204 cell KTHNOC +46 8 790 6518 office MN1334-RIPE [0] Many texts, ripe-192 being one of the more well-written ones, explicitly talk about getting secondaries in Other Places(tm), which means that you probably, as a slave, are not seeing the same 192.168.47.11 as the other servers, if the MNAME resolves to a RFC 1918 address. This also is messy with dynamic updates.