ICANN today issued a report to IT professionals worldwide on how to identify and manage private name space leakage into the public Domain Name System.
‘Name Collision Identification and Mitigation for IT Professionals’ aims to eliminate the causes of name collisions as new Top Level Domains that are are added to the DNS. ICANN attempted to explain the nature and causes of name collision and propose possible solutions.
The report explains how DNS queries leak into the global DNS from private name spaces and how these leaks can have unintended consequences.
The report argues that private networks will consistently, stably, and reliably perform name resolution when they use fully qualified domain names and resolve them from the global DNS, and proposes methods to migrate to FQDNs.
Paul Mockapetris, Global Domains Division Security Advisor, ICANN, said, “While it appears that name collisions won’t affect significant numbers of corporate network operators or Internet users, ICANN considers it essential that it does everything possible to minimise potential impact and to offer clear advice on dealing with the issue.”
The report recommends that every organisation that is not already using FQDNs from the public DNS should consider the following strategy:
• Monitor name services, compile a list of private TLDs or short unqualified names you use internally, and compare the list you create against the list of new TLD strings.
• Formulate a plan to mitigate causes of leakage.
• Prepare users for the impending change in name usage by notifying them in advance or providing training
• Implement a plan to mitigate the potential collision