[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC3484 problem: scoping with site-locals/ULAs



Eliot makes a good point about DNS.  This sounds like a perfect case for
split DNS, to maintain isolation of both the (private) inside of the NAT
point and the site local addresses from the public Internet.  What
people see on DNS inside should be reachable from the inside, but what
they see on DNS outside should be nothing(?).  It sounds like the site
in question has a single DNS and it's telling outsiders about private
stuff that should not be allowed to escape.

Walt Lazear