Stu Fleming
I have a...friend, let's say...who operates a DNS server at a small ISP. In a few of the zone files, there are A records that resolve to IP addresses outside of the Class C that my..friend...controls. My friend has been told that this is "against the rules" and that it is "causing problems".
I suspect I know what's happening here. It was a particular vexation for me some time ago when I was responsible for a network, and I'm going to guess it's the same one as your ...friend.... is dealing with, and found that 3rd parties were registering IP addresses with 'my' Class B as some other domain name. i.e I 'control' 172.17.0.0/24 as example.com and someone with a host in my range has registered a domain with an external supplier as someotherexample.com using 172.17.224.0/24 ip numbers, say. I looked into it, and asked around, and found that there were no rules stopping it, and no technology. I eventually realised that the external provider was outside my range of control and had to control my clients by telling them that it was against the AUP (as it was) for them to do it this way. If you have a relationship with this other network provider then you're probably better off doing your best to help them and their clients conform to their AUP, on a strictly "getting along with people" thing. But you're doing nothing anyone can stop. > > Questions:
- is resolving an A record outwith the delegated IP range "against the rules"?
discourteous is about it once they've asked you to stop. But you've got paying customers.
- if so, is there any documentation of the rules?
should be against their internal AUP and so its someone elses problem
- what potential problems could this cause to the network that contains the IP address to which the A records point?
reverse lookups for what you're hosting resolve to their network address range. Some mail services might choke More likely, (assuming its who I think it is) they're shortly going to change a lot of internal IP numbers and what you're doing might cause them headaches in that process. Not the best way to maintain a relationship. -- Brendan Murray brendan(a)wolfhoundsecurity.com The Observation Post www.wolfhoundsecurity.com 14 Centre Road Phone: +64-3-4543282 RD 2 Ocean Grove Fax: +64-3-4543285 Dunedin, New Zealand Mobile: +64-21-1153290 PGP Key = http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE89566 Key fingerprint = 6F3C 3197 8C30 47EF 4E1A 5781 5DCA D13C E895 6106