[ale] HomeVPN

Michael Trausch mike at trausch.us
Wed Nov 14 11:49:39 EST 2012


I simply run internal DNS servers that use an internal sub domain. The main
DNS servers then delegate to the internal ones for things, so the only
internal IPs which are exposed are the ones used by the internal DNS
servers.

I am, however, moving away from that and towards the use of sane firewall
rules and public IPv6 space. I just hope that HE's free service continues
to exist long enough to get me to the point where native connectivity is
easy to get.
On Nov 14, 2012 11:45 AM, "Robert L. Harris" <robert.l.harris at gmail.com>
wrote:

>
> Yeah, there's no overlap.  I re-ip'd a while back and picked a lesser used
> chunk and I've been lucky the new job uses 10.X versus my 172 spaces.
>
> I don't want to make it public so I may be just using some host entries
> then.  Ugly but better than posting what I have online.
>
>
>
> On Wed, Nov 14, 2012 at 7:39 AM, Brian MacLeod <nym.bnm at gmail.com> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> On 11/14/12 6:53 AM, Richard Bronosky wrote:
>> > If this is for home use, then you probably have only 1 public IP
>> > and are using NAT internally. If so, you can publicly host DNS
>> > that exposes your private IPs (10. or 192.168. etc.) with
>> > impunity.
>> >
>>
>> That was actually part of my point of concern.  I was guessing that he
>> might have private address space allocated to his internal network,
>> but without "knowing" the network the clients are behind, there could
>> be address overlap, and thus, the packets do not go where you think
>> they would go.
>>
>> bnm
>>
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
>> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
>>
>> iQE4BAEBCAAiBQJQo600Gxhoa3A6Ly9rZXlzZXJ2ZXIudWJ1bnR1LmNvbQAKCRD5
>> XCJY/q4Y6B29B/9P4kFke6FZLd5NcmUsUd+F6UOxm9sNfBEOpyDnLO7TUbE1gChL
>> eDFqaGQEk/qM+UEHME9W1bc1Q/noOEQrXWhETt48WORBbknO/ciwsF9G4PcJ66kn
>> TTHqinRMKugJmfjvLY7ug/lsW8gsp3E/6RUPUyBNbsnuNLDi079hbTv9GTT8jDvl
>> Z5r7r16sOIo0oV1YmswAKbuWIspq8v2wuZBr6rx2Mg0GNMYpVn/supDzDb8oRBGN
>> 6hq11ow/mttp8GehHueh37q3ocKzL/3jllRALQMqlWVbgZP1alVIHtejgqk4QIg8
>> z99uF5DlKYh2K5iIxgIs2IwsL/KH8fC83KMi
>> =wFF4
>> -----END PGP SIGNATURE-----
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>
>
>
> --
> :wq!
> ---------------------------------------------------------------------------
> Robert L. Harris
>
> DISCLAIMER:
>       These are MY OPINIONS             With Dreams To Be A King,
>        ALONE.  I speak for                      First One Should Be A Man
>        no-one else.                                     - Manowar
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20121114/ce158eba/attachment-0001.html>


More information about the Ale mailing list