sysadmin/BadInternalDomainDNS written at 01:02:53; Add Comment
How not to do DNS for internal domains
Here's a brief recipe for how not to do DNS for your internal domains, as illustrated by eBay:
For extra comedy, consider what happens if eBay is trying to send email to an organization that is also using 10.*.*.* IP address space internally.
Since failure to reach nameservers usually causes a temporary failure during SMTP instead of a hard failure, this is really the gift that keeps on giving. (Which means that eBay pays a price for this too, since they get to sit on all of the stalled mail until it times out in four days or so.)
(This happened some time ago, so I don't know if eBay is still sending out email with those internal addresses. The domains are certainly still leaking out, nameservers in 10.*.*.* and all.)
* * *
Atom feeds are available; see the bottom of most pages.