[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] strange problem resolving addresses

To: Roger Nebel <roger@homecom.com>, JByrd@iucu.org
Subject: Re: [FW1] strange problem resolving addresses
From: Vincent Toh <tohvincent@yahoo.com>
Date: Wed, 21 Apr 1999 17:55:30 -0700 (PDT)
Cc: steve@zoneoftrust.com, AlexJohnston@tcbk.com, lp6356@alpha.rwu.edu, uncleron@geocities.com, fw-1-mailinglist@lists.us.checkpoint.com

Hi all,

I am from Singapore. I thought it was my network or firewall that is
giving this problem. I am also facing the same problem for the last 3
days. 

regards,
Vincent
--- Roger Nebel <roger@homecom.com> wrote:
> my caffeine induced guess is that someone got tired
> of having the global
> dns constantly being hit for address resolution on
> rfc private addresses
> which should be resolved internally anyways...so
> from now on you get the
> digital equivalent of a reminder to buckle up...aka
> an idiot light.
> 
> JByrd@iucu.org wrote:
> > 
> > Steve,
> > 
> > That is the catch.  I do have an internal DNS
> server.  It has the problem.
> > I have server names set up in it so I could do a
> fake internal zone.  The
> > DNS bypasses that now and looks up to the internet
> now for them.  I have a
> > backup DNS on the outside.  It really isn't
> affected because it never sees
> > 10.x addresses just the legal NATted ones.  Yes
> they do show up in my
> > firewall to, but I am not too worried about that.
> > 
> > Now how do I explain to users they have problems
> getting into the intranet
> > because some one out on the internet changed a
> setting.  They will think I
> > was making it up. ;)
> > 
> > Yes it was a VERY stupid thing for them to do!
> > 
> > I have in contact with many other institutions
> with the same issue.  It is
> > probably a global wide issue.
> > 
> > Thanks,
> > 
> > James Byrd
> > 
> > -----Original Message-----
> > From: Steve McBride [mailto:steve@zoneoftrust.com]
> > Sent: Wednesday, April 21, 1999 12:11 PM
> > To: 'JByrd@iucu.org'; AlexJohnston@tcbk.com;
> lp6356@alpha.rwu.edu;
> > uncleron@geocities.com;
> fw-1-mailinglist@lists.us.checkpoint.com
> > Subject: RE: [FW1] strange problem resolving
> addresses
> > 
> > It is something that's on the root servers, I
> guess.  Every nslookup I
> > do for an IP address in the RFC 1918 range comes
> back as named
> > "read-rfc1918-for-details.iana.net"
> > 
> > Pretty stupid thing to do - the only way around it
> that I know of is
> > either an internal DNS server or maybe a hosts
> file local to your
> > firewall.
> > 
> > Steve McBride
> > 
> > -----Original Message-----
> > From: JByrd@iucu.org [mailto:JByrd@iucu.org]
> > Sent: Wednesday, April 21, 1999 10:06 AM
> > To: AlexJohnston@tcbk.com; lp6356@alpha.rwu.edu;
> uncleron@geocities.com;
> > fw-1-mailinglist@lists.us.checkpoint.com
> > Subject: RE: [FW1] strange problem resolving
> addresses
> > 
> > I have dealt with the same issue all morning.  How
> many of you out there
> > has
> > this affected?  Is this a new DNS server hole?  A
> problem with the root
> > servers?  I have had to turn off internal DNS of
> my 10.x network to get
> > some
> > of my critical systems going again, because it was
> affecting them.
> > 
> > Is there a fix??
> > 
> > Thanks,,
> > James Byrd
> > PC/LAN Manager
> > 
> > -----Original Message-----
> > From: Alex Johnston [mailto:AlexJohnston@tcbk.com]
> > Sent: Wednesday, April 21, 1999 12:07 PM
> > To: 'Larry Pesce'; uncleron@geocities.com;
> > fw-1-mailinglist@lists.us.checkpoint.com
> > Subject: RE: [FW1] strange problem resolving
> addresses
> > 
> > NT here, last night all my RFC 1918 addressed
> devices began reporting
> > there
> > address in the logs as
> read-rfc1918-for-details.iana.net as well.
> > 
> > This does prove a problem as any log files
> exported will now have
> > read-rfc1918-for-details.iana.net as the resolved
> address....any log
> > cruncher's defined queries are now worthless as
> all RFC1918 devices now
> > have
> > one address... read-rfc1918-for-details.iana.net
> !! (GRRR)
> > 
> > How many other people have seen this?  I thought
> it was my server unable
> > to
> > handle load of name resolution...
> > But we now have two others, on different
> platforms, with the same
> > symptoms
> > on the same day...
> > 
> > Anybody else want to volunteer info??
> > 
> > Alex
> > 
> >         -----Original Message-----
> >         From:   Larry Pesce
> [SMTP:lp6356@alpha.rwu.edu]
> >         Sent:   Wednesday, April 21, 1999 8:43 AM
> >         To:     uncleron@geocities.com;
> > fw-1-mailinglist@lists.us.checkpoint.com
> >         Subject:        Re: [FW1] strange problem
> resolving addresses
> > 
> >         I noticed a similar type of occurence
> today too...
> > 
> >         We use HP OpenView to manage our network,
> and it automaticaly
> > discovers
> >         nodes using ARP tables from routers.  A
> few months ago we
> > attached
> > our
> >         network via ATM over Sonnet to another
> hospital, but HP OV did
> > not
> > discover
> >         anything across our ATM router to the
> other hospital....untill
> > last
> > night.
> >         And all of the other devices that were
> discovered at the other
> > hopital came
> >         through with the same definition:
> > read-rfc1918-for-details.iana.net
> > 
> >         The other hospital uses a network
> 172.25.X.X and you are using
> >         192.168.X.X which are NOT in the range of
> address reserved for
> > private
> >         internal networks, although close.  The
> reserved networks are
> > listed
> > in
> >         RFC1918.
> > 
> >         I'm thinking the IANA did something to
> notify all of those users
> > that are
> >         using IP classes that are not specifcaly
> reserved for private
> > internal use,
> >         but are using addresses that are close???
> > 
> >         Any one have any ideas?
> > 
> >         -Larry
> > 
> >         ----- Original Message -----
> >         From: <uncleron@geocities.com>
> >         To:
> <fw-1-mailinglist@lists.us.checkpoint.com>
> >         Sent: Wednesday, April 21, 1999 10:51 AM
> >         Subject: [FW1] strange problem resolving
> addresses
> > 
> >         >
> >         > When I have address resolution turned on
> in the log viewer, my
> > private
> >         > address machines (192.168.x.x) are
> resolved as
> > read-rfc-1918-for
> >         > -details.iana.net.  This started
> yesterday with 1 or 2
> 
=== message truncated ===

> ATTACHMENT part 2 application/x-pkcs7-signature name=smime.p7s


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
Prev by Date: [FW1] SecuRemote and Outlook Client
Next by Date: Re: [FW1] Is there a list archive?
Prev by thread: Re: [FW1] strange problem resolving addresses
Next by thread: RE: [FW1] strange problem resolving addresses
Index(es):
- Date
- Thread