Hi Micheal,
Thank you for your help!!
Ok, in this example,
host.butash.net is public - one A record and one or more CNAMEs.
host.internal.butash.net is private.
I assume you have two DNS servers? One public and one private? Who
gets the A record and all other hosts are CNAMEs?
Thanks!!
Keith
On 2022-11-23 12:51, Michael Butash via PLUG-discuss wrote:
> General rule of thumb is not to spoof real domains, as you'll break
> anyone using it elsewise, just about anything else is open game. I
> can make a tld domain, .xyz (assuming this isn't a free-form tld now),
> and so long as things point at that naturally (like an internal
> resolver), it will pretend to be authoritative even if not. I've had
> customers run internal dns under AD with something random as their
> domain, it works so long as everything using the domain knows to point
> internally first.
>
> What I do is use my domain, butash.net [2], and create an internal
> subdomain off it, internal.butash.net [3] or like, and put all my
> home/lab stuff under that as my internal dns knows to put a ns record
> for the subdomain to itself, otherwise go out to public. No one is
> the wiser generally, and my needs are met. Recommend the same.
>
> -mb
>
> On Wed, Nov 23, 2022 at 12:19 PM David Schwartz via PLUG-discuss
> <plug-discuss@lists.phxlinux.org> wrote:
>
>> I looked into this topic a while back and it’s a bit of a
>> quagmire.
>>
>> The general concensus I found was to use .local as your TLD as it
>> has been reserved for that purpose. There are a few more, like
>> .test, but .dev is a legitimate TLD run by Google.
>>
>> I’ve talked with several people who set up their own DNS server on
>> their intranet to respond to their own TLD so you don’t need to
>> use the hosts file on every machine. I think most companies with
>> multiple layers of firewalls take that approach because it won’t
>> resolve the URLs across the firewall — public DNS will always
>> return an error on the lookups.
>>
>> -David Schwartz
>>
>>> On Nov 23, 2022, at 9:26 AM, Keith Smith via PLUG-discuss
>>> <plug-discuss@lists.phxlinux.org> wrote:
>>>
>>> Hi,
>>>
>>> As you know I am building a "home office" lab for PHP development
>>> and testing. I was not satisfied with the research I completed on
>>> "non-routeable" domains for a private network made up of
>>> "non-routeable" domains.
>>>
>>> In the distant past I used to use .dev for the TLD. From what I
>>> am reading this is not a good idea.
>>>
>>> According to https://www.rfc-editor.org/rfc/rfc8375.html [1] one
>>> should use "home.arpa.". They add a period to the end which I
>>> assume is the DNS domain name stop character when used in zone
>>> files. Any thoughts?
>>>
>>> I will not be using DNS. My needs are so simple I will be adding
>>> the IP and domain name in my host file, at least for now.
>>>
>>> I've read a lot about this subject. Some say to use a registered
>>> domain with a subdomain that is on a private IP. I really do not
>>> want to commingle public and private assets on the same domain.
>>>
>>> Any feedback is much appreciated!!
>>>
>>> Thanks!!
>>> Keith
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
> Links:
> ------
> [1]
> https://u2206659.ct.sendgrid.net/ls/click?upn=SJEG7TF39YLaAIMD0HhsfI0lbTtxhf0B9iVXMIHo234e-2FVw-2FyhT-2BRhbwtow13oAB1bD76MUDbm-2FuyVnd7UVxqQ-3D-3DqK4N_o-2BjQxMsWfboH-2B-2BcY2qb3IYCoqvthnvff9ftZz0pNEJ2tF1jbVlVBtrlaPYq4av3GFmhIl6hDTJp0vlcEfWuD5HliN7mazq1NqkL46JEotJwwOK-2FkuKaTizng8wU1HWxnp-2FMw8BnQ6VeeHFxnCcbBMqs4qb-2Fp11-2FJtxGr4MPTS6hEGMLYpFcvZWkbxeQNcCqBF3sv-2F7D-2BuOIrW1z5JDzK2UEZktkYqoOIEHWfocWRNmw-3D
> [2] http://butash.net
> [3] http://internal.butash.net
> ---------------------------------------------------
> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list:
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)