What is the point of the zones.rfc1918 file for Bind9?

bind internal-dns rfc
13,465

It is generally considered a good practice to serve localhost, 0.0.127.in-addr.arpa and the RFC-1918 reverse zones on your internal DNS system to prevent sending queries from them out to the internet. It saves time (you get replies for those queries quickly), bandwidth (no requests leaving your network for zones that shouldn't exist), and relieves the load on servers upstream of you.

If you are using RFC-1918 addresses by all means serve the appropriate reverse data for the range(s) you use. You should also serve empty zones (or wildcarded zones) for the other ranges.

Share:
13,465

Related videos on Youtube

romandas
Author by

romandas

Mainly a systems security guy with some Perl knowledge. I'm reading through SICP and K&R right now. I wish someone had shown me SICP earlier in my career. Just Chapter 1 has been blowing my mind.

Updated on September 18, 2022

Comments

  • romandas
    romandas over 1 year

    Using an Ubuntu 10.04 LTS server in a standalone environment and trying to use views to serve two different subnets of clients. Getting errors regarding the zones.rfc1918 file, so I'd like to know what that file is used for. What's the point of hosting the rfc1918 addresses?

    The subnets I'm using are rfc 1918 addresses, btw. Will including the default zones.rfc1918 file cause me any (more) headaches?

    • womble
      womble over 12 years
      The answers you're looking for are all provided in RFC1912, section 4.1.
    • voretaq7
      voretaq7 over 12 years
      @womble - Oddly (or perhaps not if you consider their relative numbers :) RFC 1912 doesn't specify that you should always have the RFC 1918 zones -- I was looking for an informative or standards-track RFC that says you should, but all I could find are the comments in the default named.conf file that comes with FreeBSD
    • womble
      womble over 12 years
      @voretaq7: I've always read RFC1912 in such a way that it's principles apply to RFC1918 addressing (along with other blocks that weren't specified then, such as 192.0.2.0/24 and certain IPv6 netblocks.
    • voretaq7
      voretaq7 over 12 years
      @womble - as have I, and I've always considered it to be Right and Proper Good Practice, but I've never found an RFC that explicitly says "You should serve the RFC-1918 zones locally so you don't bother your upstream DNS servers (you feckless twits!)". Perhaps I should submit one... can you say "feckless twits" in an IETF RFC? :)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

dns bind not working nslookup gives servfail
Bind Sub-Domain Zone Forward?
bind9 DNS Ubuntu names pingible on server, but not on Windows Machines?
How to resolve sub-domains in bind9?
DNS how to dynamically bind subdomains to ip and port pairs
BIND9 Forwarding by view
Master/Slave DNS setup vs. rsync'ed DNS servers
Recursive forward a zone in BIND
What would be correct setup procedure for PDNS server?
Override a DNS record using BIND9?