How not to set up your DNS (part 7)
January 12, 2006
Presented in point form, because the illustrated form is too verbose:
The 10.*.*.* IP addresses are RFC 1918 private addresses, so no one outside netsolhost.com can get to them. The net effect that the first query for something in bos.netsolhost.com will return useful information but everything after that fails, because when 18.104.22.168 answers your first query it also feeds you the bad nameserver IP addresses and 'poisons' your nameserver cache.
I've seen all the elements of this one separately, but this is the first time I've seen glue record hell and leaking internal domains with internal-only IP addresses combined so creatively.
We noticed this because 22.214.171.124 (allegedly
'vux16.bos.netsolhost.com') kept trying to send us email with the
Comments on this page:
* * *
Atom feeds are available; see the bottom of most pages.