Advice on Internal Domain Names

Mark Taylor nobody at nowhere.com
Thu Feb 3 11:06:10 UTC 2000 

Just a little question, as a follow on.

If I have a server called bob.intranet.foo.co.uk, and a branch call
london.foo.co.uk.  Anyone on the intranet.foo.co.uk domain will be able to
get bob by using http://bob

However, everyone on the london.foo.co.uk domain will have to use
http://bob.intranet.foo.co.uk (as many people on here have said is the
down-side to the scheme I'm trying to adopt).

My question is, is there anyway to put a pointer into the
london.intranet.foo.co.uk zone file that points to bob.  I tried the
following to no avail:

bob CNAME bob.intranet.foo.co.uk

Any ideas (or this the cross I have due to the name scheme)?

Mark
Check out this Free Web Mail that pays YOU MONEY
http://themail.com/ref.htm?ref=139869

Mark Taylor wrote in message <873ie1$njk$1 at taliesin2.netcom.net.uk>...
>Wow.
>
>Come back five days later and find a huge response.
>
>Thanks to everyone for their advice.  I think I will probabley stick to the
>host.branch.intranet.foo.co.uk structure because, as Peter says, it will
>allow for some common services.
>
>I'm not to worried about the long host name implication as most users will
>be defaulted to localhost.branch.intranet.foo.co.uk, or
>bigserver.intranet.foo.co.uk, and then use links to jump around (if they
>ever need to).  And for those buggers that want their home page to be
>www.big-girls-r-us.com, then they can put the servers in their favourites
>:-)
>
>Thanks again
>
>Mark Taylor
>
>Kevin Darcy wrote in message <388F54CA.63B649C7 at daimlerchrysler.com>...
>>Adam Augustine wrote:
>>
>>> [snip]
>>>
>>> Also, it is actually very simple to make a general distinction between
>>> external and internal hosts for a web browser without going through all
>the
>>> exception list stuff even though they may be in the same DNS subdomain.
>>>
>>> The requirements are that the hosts are on different IP subnets (as they
>>> typically are in this situation) and the other gotcha is that it uses a
>DNS
>>> check to distinguish external and internal, so it creates an extra
lookup
>>> for every host resolved (once for the check the client makes to see
which
>>> subnet the target host is on, and once for the firewall to actually
>resolve
>>> the address).
>>
>>An extra lookup for every URL is a *huge* performance hit on a stupid
>Wintel
>>desktop that doesn't cache its DNS lookups. Remember that a single page
can
>>have dozens of URL's; all those lovely images to automatically download.
We
>>experimented with this approach and were practically lynched by the pilot
>user
>>group, because it slowed their web access to a crawl. Just a word of
>caution.
>>
>>Ran fine on my Solaris workstation, of course...
>>
>>
>>- Kevin
>>
>>> -----Original Message-----
>>> From: Ole Christensen [mailto:Ole.Christensen at post.uni2.dk]
>>> Sent: Tuesday, January 25, 2000 4:52 PM
>>> To: Jim Reid
>>> Cc: comp-protocols-dns-bind at moderators.isc.org
>>> Subject: Re: Advice on Internal Domain Names
>>>
>>> If you want your "internal" users to have access to "external"/"public"
>>> webservers in the foo.co.uk domain AND "internal" webservers, you should
>>> definitely not use the naming scheme 'host.foo.co.uk' for internal
>>> servers. The reason for this is you will have to register the external
>>> servers on both the external (outside/public) DNS as well as on the
>>> internal, and that if you plan to use a http-proxy for external
>>> web-access you will have to administrate a (limited length)
>>> exception-list for servers that your users browsers should  access
>>> directly rather than through the proxy.
>>>
>>> Whether or not you should use 'host.branch.intra.foo.co.uk' or only
>>> 'host.branch.foo.co.uk' is (I think) a matter of personal taste and how
>>> complicated you want your (and your users) life to  be.
>>>
>>> Regards,
>>>
>>> Ole Christensen
>>>
>>> Jim Reid wrote:
>>> >
>>> > >>>>> "Mark" == Mark Taylor <nobody at nowhere.com> writes:
>>> >
>>> >     Mark> Hi I want some advice on how to name my internal domains.
>>> >     Mark> We have a registered Domain Name (foo.co.uk for this
>>> >     Mark> example), and I need to break it down for my internal
>>> >     Mark> branches.
>>> >
>>> >     Mark> This will put all our internet servers on "visible"
>>> >     Mark> foo.co.uk.  Everything on our intranet will be "non-visible"
>>> >     Mark> intranet.foo.co.uk.
>>> >
>>> >     Mark> Is this the recommend approach to naming internal domains ?
>>> >
>>> > I don't think there are any recommendations for this. The naming
>>> > scheme you've suggested will work OK, but it's perhaps a bit
>>> > clumsy. You'll end up with internal hostnames like
>>> >         host.branch.intranet.foo.co.uk
>>> > which is a bit of a handful. The extra typing could be a bit of a
>>> > nuisance for the internal users.
>>> >
>>> > It might be better to just use host.branch.foo.co.uk internally unless
>>> > you *really* want to include another domain name component to
>>> > differentiate between external and internal hosts. [And if you do
>>> > that, there might be subtle knock-on effects on your internal mail
>>> > configuration, resolver setups and so on.] You could just use split
>>> > DNS and have two versions of foo.co.uk: one for the outside world and
>>> > one for the inside. The outside world doesn't get to see your internal
>>> > name space. The internal foo.co.uk could even be a superset of the
>>> > external one. Running the two foo.co.uk on different name servers is a
>>> > good idea too. That way it's easier to seperate the two name spaces
>>> > and prevent the internal names from leaking to the outside world.
>>
>>
>>
>>
>>
>>
>
>
>
>
>

More information about the bind-users mailing list