North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS
> -----Original Message----- > From: [email protected] [mailto:[email protected]]On Behalf Of > Pyda Srisuresh > Sent: May 15, 2001 12:03 PM > To: [email protected]; Adam McKenna > Cc: [email protected] > Subject: Re: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS > > > Forcing hostnames and PTR's to match will also prevent people from NAT > land accessing your servers. There are hardly any NAT implementations > that do dynamic DNS updates. Your NAT implementation must not be the same as the ones I've worked with, because with the [simple] ones I've seen, you have something like 192.168.0.0/24 all coming out and talking to the world as 1.2.3.4 (the more elaborate implementations give each private IP a unique outside IP, in which case you just set up your DNS for each IP. A little more work, perhaps, but...). Now, if 1.2.3.4 has proper matching forward/reverse DNS lookups, I don't see how people behind someone else's NAT pose a problem. Vivien -- Vivien M. [email protected] Assistant System Administrator Dynamic DNS Network Services http://www.dyndns.org/
|