Subject: Re: [DNSOP] DNS names for local networks - not only home residental networks ... Date: Fri, Sep 01, 2017 at 10:01:38PM +0200 Quoting Walter H. (walte...@mathemainzel.info): > On 01.09.2017 21:47, Tony Finch wrote:
> > Corporate environments are a somewhat different matter, since you can > > expect them to own their own domain name and have people who can set up > > devices to use it. > BUT this need not necessarily be a public domain ..., just think of Active > Directory Domains ... AD is DNS, and it follows the same rules. A sub-domain, a separate domain or two-face (using the same domain name as you public-facing resources but a different set of authoritative servers and some careful setup of full-service resolvers), all work. The single thing that does not work is to use name-space you do not own (like LOCAL or a domain name from a non-existent TLD, like "web". Ooops. It does now...) and hope it doesn't escape. Or that somebody registers the name and tries to impersonate you. I've run two-face, and the results were excellent. But watch out with DNSSEC; you need to have the same keys signing both zones. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE SA0XLR +46 705 989668 Our father who art in heaven ... I sincerely pray that SOMEBODY at this table will PAY for my SHREDDED WHAT and ENGLISH MUFFIN ... and also leave a GENEROUS TIP ....
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
