LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 09-01-2011, 10:49 PM   #1
Gerard Lally
Senior Member
 
Registered: Sep 2009
Location: Leinster, IE
Distribution: Slackware, NetBSD
Posts: 2,176

Rep: Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761
Setting FQDN in network with only some public-facing servers


What is the recommended policy regarding naming computers on a network with some public-facing servers? DNS for the public-facing servers is resolved by a third-party DNS provider. For example:

www.example.dynamicdnsprovider.org
mail.example.dynamicdnsprovider.org

What happens if I give the same FQDN to the private machines as well (minus the hostname itself, of course)?

For example:

desktop1.example.dynamicdnsprovider.org
desktop2.example.dynamicdnsprovider.org
desktop3.example.dynamicdnsprovider.org

I want to run a local caching name server to resolve these internal names. Would it be considered better policy to give them a FQDN of lan.local instead? I don't want DNS requests for the private network to leak out onto the Internet.
 
Old 09-02-2011, 12:07 AM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,790

Rep: Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653
Most places will use a separate domain for internal use like in.company.com, you can prevent information leakage by using 'views' in bind.
 
1 members found this post helpful.
Old 09-02-2011, 04:40 AM   #3
Gerard Lally
Senior Member
 
Registered: Sep 2009
Location: Leinster, IE
Distribution: Slackware, NetBSD
Posts: 2,176

Original Poster
Rep: Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761Reputation: 1761
Quote:
Originally Posted by kbp View Post
Most places will use a separate domain for internal use like in.company.com, you can prevent information leakage by using 'views' in bind.
Thanks. Google doesn't always provide an authoritative answer to these things. I was in the habit of using lan.local for private networks, and didn't know what to do when I started putting public servers up; I now understand it's better to use a subdomain of a registered domain. For example:

desktop1.lan.example.dynamicdnsprovider.org
desktop2.lan.example.dynamicdnsprovider.org
desktop3.lan.example.dynamicdnsprovider.org

instead of

desktop1.lan.local
desktop2.lan.local
desktop3.lan.local

I'll read up about views now.

Last edited by Gerard Lally; 09-02-2011 at 04:42 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Public Facing OpenVPN (When to use) richinsc Linux - Security 1 02-14-2011 12:50 PM
Secure Bind 9 for a public facing dns j.smith1981 Linux - Server 3 01-21-2011 03:19 AM
[SOLVED] Opening FTP service on public facing website for 3rd party maintenance access albertwt Linux - Security 6 11-04-2010 09:13 AM
Using a Public-Facing SSH Server to Broker a Connection Between Two Clients nko Linux - Networking 1 02-22-2010 07:14 PM
nslookup returns local ip when resolving another servers fqdn on same subnet nodrogx Linux - Networking 3 10-28-2003 02:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 01:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration