[lug] dns for non Internet visible network

Dean Brissinger Dean.Brissinger at vexcel.com
Fri Dec 31 13:18:04 MST 2004


	Most organizations should stick with Internet valid TLDs and break up
networks with sub-domains.  Small networks for home or testing don't
matter as much.  Corporate, government, and educational sites may find
themselves breaking up campuses over the Internet and using multiple IP
ranges.  Even worse, many times two campuses pick the same private IP
range.  If they also pick the same DNS names your machines will not be
able to find each other.

	Consider if company A buys out company B.  Both companies have private
networks using 'host.localnet'.  When machines on 'host.localnet' at
company A need to talk over a newly created VPN to machines on
'host.localnet' at company B things commence to get ugly.

	This can happen with mail services, www services, etc.  Even Microsoft
AD can't handle this case.



On Fri, 2004-12-31 at 12:55 -0600, Hugh Brown wrote:
> What's the "best practice" for setting up dns for a group of systems
> that aren't addressable from the Internet?  Do people use .dom endings
> or do they just extend the domains that they own?
> 
> For example:
> 
> I have a lot of machines at home and I don't want to manage
> the /etc/hosts file (or equivalent on other OSes) on all of them.  I'm
> going to set up dns on one of the boxes and I'm wondering what the
> preferred method is for domain naming esp. since this dns server won't
> be accessible by any Internet hosts.
> 
> It seems like I could just call the domain myhomedomain.blah and set up
> the forward and reverse zones for it (on a reserved non-routed ip
> range).  It seems like I could also use one of the domains that I have
> registered and do that.
> 
> Any experiences?
> 
> Hugh
> 
> 
> 




More information about the LUG mailing list