Hi Micheal, Thank you for your help!! Ok, in this example, host.butash.net is public - one A record and one or more CNAMEs. host.internal.butash.net is private. I assume you have two DNS servers? One public and one private? Who gets the A record and all other hosts are CNAMEs? Thanks!! Keith On 2022-11-23 12:51, Michael Butash via PLUG-discuss wrote: > General rule of thumb is not to spoof real domains, as you'll break > anyone using it elsewise, just about anything else is open game. I > can make a tld domain, .xyz (assuming this isn't a free-form tld now), > and so long as things point at that naturally (like an internal > resolver), it will pretend to be authoritative even if not. I've had > customers run internal dns under AD with something random as their > domain, it works so long as everything using the domain knows to point > internally first. > > What I do is use my domain, butash.net [2], and create an internal > subdomain off it, internal.butash.net [3] or like, and put all my > home/lab stuff under that as my internal dns knows to put a ns record > for the subdomain to itself, otherwise go out to public. No one is > the wiser generally, and my needs are met. Recommend the same. > > -mb > > On Wed, Nov 23, 2022 at 12:19 PM David Schwartz via PLUG-discuss > wrote: > >> I looked into this topic a while back and it’s a bit of a >> quagmire. >> >> The general concensus I found was to use .local as your TLD as it >> has been reserved for that purpose. There are a few more, like >> .test, but .dev is a legitimate TLD run by Google. >> >> I’ve talked with several people who set up their own DNS server on >> their intranet to respond to their own TLD so you don’t need to >> use the hosts file on every machine. I think most companies with >> multiple layers of firewalls take that approach because it won’t >> resolve the URLs across the firewall — public DNS will always >> return an error on the lookups. >> >> -David Schwartz >> >>> On Nov 23, 2022, at 9:26 AM, Keith Smith via PLUG-discuss >>> wrote: >>> >>> Hi, >>> >>> As you know I am building a "home office" lab for PHP development >>> and testing. I was not satisfied with the research I completed on >>> "non-routeable" domains for a private network made up of >>> "non-routeable" domains. >>> >>> In the distant past I used to use .dev for the TLD. From what I >>> am reading this is not a good idea. >>> >>> According to https://www.rfc-editor.org/rfc/rfc8375.html [1] one >>> should use "home.arpa.". They add a period to the end which I >>> assume is the DNS domain name stop character when used in zone >>> files. Any thoughts? >>> >>> I will not be using DNS. My needs are so simple I will be adding >>> the IP and domain name in my host file, at least for now. >>> >>> I've read a lot about this subject. Some say to use a registered >>> domain with a subdomain that is on a private IP. I really do not >>> want to commingle public and private assets on the same domain. >>> >>> Any feedback is much appreciated!! >>> >>> Thanks!! >>> Keith >> >> --------------------------------------------------- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss > > > Links: > ------ > [1] > https://u2206659.ct.sendgrid.net/ls/click?upn=SJEG7TF39YLaAIMD0HhsfI0lbTtxhf0B9iVXMIHo234e-2FVw-2FyhT-2BRhbwtow13oAB1bD76MUDbm-2FuyVnd7UVxqQ-3D-3DqK4N_o-2BjQxMsWfboH-2B-2BcY2qb3IYCoqvthnvff9ftZz0pNEJ2tF1jbVlVBtrlaPYq4av3GFmhIl6hDTJp0vlcEfWuD5HliN7mazq1NqkL46JEotJwwOK-2FkuKaTizng8wU1HWxnp-2FMw8BnQ6VeeHFxnCcbBMqs4qb-2Fp11-2FJtxGr4MPTS6hEGMLYpFcvZWkbxeQNcCqBF3sv-2F7D-2BuOIrW1z5JDzK2UEZktkYqoOIEHWfocWRNmw-3D > [2] http://butash.net > [3] http://internal.butash.net > --------------------------------------------------- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss --------------------------------------------------- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss