0

I am aware of the difference between public and private ipv4 address space. My question is, is there a valid (in terms of DNS) IP address which will never be resolved by definition?

localhost or private address spaces are not a solution as something might still listen on these addresses. Class E is supposed to be reserved but still could be assigned. Is there something that would be valid but would never be answered by any host?

Martin
  • 326
  • 2
  • 14
  • 1
    Any IP that is assigned on any interface on a machine *could* have any of the listening services bound to it, so I'm not sure what problem you're trying to solve. – mfinni Jan 21 '13 at 18:36
  • 1
    What do you mean by "assigned"? Assigned by who to what? And what do you mean by "never be resolved"? Your question is vague and ambiguous. You say private address space is not a solution because "something might still listen". So are you looking for an address that will "never be resolved", "can never be assigned" or one that nothing will listen to?! – David Schwartz Jan 21 '13 at 19:17
  • My question is, if there are address spaces that are not routed by routers, are there also address spaces that are generally not answered hosts? My usage case is simple: Assume a domain or hostname which you would like to temporarily route to "nowhere" without leaving A records in DNS blank. And you would like to make sure it does not resolve to some local network of an unaware visitor. – Martin Jan 21 '13 at 21:29
  • You're still not actually describing the problem that you're trying to solve. The reason that matters is because the short answer is "No, there isn't an IP address you can assign to a host that it's guaranteed to not answer", especially if 127/8 won't work for whatever it is you're trying to do. – mfinni Jan 22 '13 at 02:33
  • If you're trying to do something like 'suspend service' on a hostname by redirecting it to an IP address that doesn't exist, that is possibly one of the most complicated and backwards ways I've heard of trying to accomplish this task. You could set the A to 0.0.0.0 I suppose. – Aaron Jan 22 '13 at 16:32
  • @Aaron This is one of the tasks I am trying to accomplish and unfortunately I have reasons not to use localhost. It is also about temporarily pointing scripts to surely non-existing addresses, in that case having a non-existing but valid address allows me to make sure that services do not work, while I can simply use copy and paste instead of relying on a service staying turned-off. The 0.0.0.0 suggestion by HopelessN00b and you makes sense by reading the docs, but in practice it resolves to localhost for me (using debian and tinydns, the DNS reply for type A is correct 0.0.0.0). – Martin Jan 22 '13 at 22:00
  • What about 300.300.300.300? – Aaron Jan 23 '13 at 02:17
  • 1
    300.300.300.300 may or may not work. It is an invalid address, which is nice because it can never be reached and all requests fail immediately, but it will fail DNS validation and may or may not produce unforeseen results. – Martin Jan 23 '13 at 10:50
  • If you control the network, you can ensure that a given IP isn't ever used, of course. – mfinni Jan 23 '13 at 15:22
  • You are making an extremely bizzare set of conditions - that this name has to be valid by DNS, but go to an IP that doesn't exist. Usually when people have a bizzare set of conditions, they're fixing a problem at the wrong network layer or are envisioning a much more complicated solution to a problem that has already been solved. – Aaron Jan 28 '13 at 01:02
  • @Aaron Well, I am asking if it exists because it would make my life easier, and most importantly being consistent across all clients everywhere. In Linux after all, it is normal to pipe things into /dev/null or to have iptables reject almost everything. So the intuition for my question was, whether something like /dev/null exists for IP. Unfortunately even the RFC you posted regarding routing the space reserved for documentation is not generally followed. – Martin Jan 28 '13 at 10:25

2 Answers2

7

There are several reserved IP blocks - it depends what you mean by 'valid'. Class E is not going to be assigned - that ship had an opportunity to sail 10 years ago but nobody jumped on it and it's too entrenched. 192.0.2.0/24 is an example of an IP space that should never be announced on the Internet - it is only for use in documentation. Check RFC5737, among others. What problem are you trying to solve?

Aaron
  • 2,968
  • 1
  • 23
  • 36
4

0.0.0.0 comes to mind immediately as a possibility as does the Link-local address, but this depends on what you're trying to accomplish... and frankly, the inclusion of the DNS tag just makes this question all the more confusing.

So, along the lines of Aaron's question... what are you trying to do, exactly?

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209