Setting FQDN in network with only some public-facing servers
What is the recommended policy regarding naming computers on a network with some public-facing servers? DNS for the public-facing servers is resolved by a third-party DNS provider. For example:
www.example.dynamicdnsprovider.org mail.example.dynamicdnsprovider.org What happens if I give the same FQDN to the private machines as well (minus the hostname itself, of course)? For example: desktop1.example.dynamicdnsprovider.org desktop2.example.dynamicdnsprovider.org desktop3.example.dynamicdnsprovider.org I want to run a local caching name server to resolve these internal names. Would it be considered better policy to give them a FQDN of lan.local instead? I don't want DNS requests for the private network to leak out onto the Internet. |
Most places will use a separate domain for internal use like in.company.com, you can prevent information leakage by using 'views' in bind.
|
Quote:
desktop1.lan.example.dynamicdnsprovider.org desktop2.lan.example.dynamicdnsprovider.org desktop3.lan.example.dynamicdnsprovider.org instead of desktop1.lan.local desktop2.lan.local desktop3.lan.local I'll read up about views now. |
All times are GMT -5. The time now is 05:09 AM. |