Oct 8, 2004

what IS this prisoner.iana.org?

Well, once RFC 1918 (and its predecessors, actually) came out, the IANA -- the old name, recall, for the folks in charge of handing out IP address blocks -- realized that they needed a "placeholder" in-addr.arpa zone for the three ranges of non-routable addresses. So they put zones named 10.in-addr.arpa, 16.172.in-addr.arpa, and 168.192.in-addr.arpa on a three DNS servers named blackhole-1.iana.org, blackhole-2.iana.org and prisoner.iana.org, at IP addresses,, and, and prisoner is set as the primary DNS server for the zones. Thus, if one of your systems with a 192.168.x.x address tries to register its PTR record then it will, unless you have a local DNS server with a 168.192.in-addr.arpa zone, end up trying to register with prisoner.iana.org -- which will reject the request. The bottom line is, don't worry about it in most cases. In one case, however, you MIGHT worry about it, if you were running an intranet with a dialup connection to the Internet.

copy from Expert-Exchange