dmo145
asked on
Internal/public domain names and DNS
Hi Experts,
I'm trying to decide on an internal domain name for our office network. We currently have a public name, we'll call it "abc.com", registered and pointing to our externally hosted web server. Originally I was planning on just using "corp.abc.com" as the internal network name but after reading more about DNS it seems like this could create problems down the road if we ever wanted to host anything from our office network (like exchange). I'm new to DNS but it seems like names with a master name abc.com would eventually try and hit the web server to resolve names and we'd have to route name resolution from the web server back to the internal office DNS. The long hops might slow things down. I’m thinking of either using an entirely different domain or something like "abc.local".
From your experience, which would you recommend? What are the limitations and advantages of each method? Is having a name like "corp.abc.com" really even a problem or am I way off base?
Any further light on this issue would be great.
Thanks Experts,
Dane
I'm trying to decide on an internal domain name for our office network. We currently have a public name, we'll call it "abc.com", registered and pointing to our externally hosted web server. Originally I was planning on just using "corp.abc.com" as the internal network name but after reading more about DNS it seems like this could create problems down the road if we ever wanted to host anything from our office network (like exchange). I'm new to DNS but it seems like names with a master name abc.com would eventually try and hit the web server to resolve names and we'd have to route name resolution from the web server back to the internal office DNS. The long hops might slow things down. I’m thinking of either using an entirely different domain or something like "abc.local".
From your experience, which would you recommend? What are the limitations and advantages of each method? Is having a name like "corp.abc.com" really even a problem or am I way off base?
Any further light on this issue would be great.
Thanks Experts,
Dane
The microsoft recommendation is to use a subdomain for internal use (like corp.abc.com), since it makes it impossible to create duplicate FQDNs.
maeb3
maeb3
I'm all about using a DNS subdomain for your active directory. Corp.abc.com is fine and would not cause any problems what so ever, even with owa and exchange. Like Maeb3 says, MS recommends using a subdomain. I personally like the subdomain method because it allows you to delegate DNS control for just active directory to the domain controllers. Some people won't care or have such small networks that the DCs are the only nameservers anyway, in which case it doesn't matter.
Both will work (a .local or a subdomain) but whatever you choose DON'T name it "abc.com". It's just confusing and will lead to problems.
Both will work (a .local or a subdomain) but whatever you choose DON'T name it "abc.com". It's just confusing and will lead to problems.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for the posts.
Ajay,
Yeah, it seemed like I wouldn't be using DNS like i should if I used "corp.adc.com" and that it could cause problems not actually having the parent domain. From my understanding, .local and .internal can't be registered, if we were to host a server from our office sometime down the road is there I way we could have that server join our domain? or would we have to create another domain, like xyz.com?
Also, this bring to mind another question. Is there anything wrong with just using abc.com as our domain even though we have our web server registered with that name? what kind of complications would run into in this scenario? I've heard about split, or split brain, DNS. Is this the situation when that headache is required?
Thanks again everyone,
Dane
Ajay,
Yeah, it seemed like I wouldn't be using DNS like i should if I used "corp.adc.com" and that it could cause problems not actually having the parent domain. From my understanding, .local and .internal can't be registered, if we were to host a server from our office sometime down the road is there I way we could have that server join our domain? or would we have to create another domain, like xyz.com?
Also, this bring to mind another question. Is there anything wrong with just using abc.com as our domain even though we have our web server registered with that name? what kind of complications would run into in this scenario? I've heard about split, or split brain, DNS. Is this the situation when that headache is required?
Thanks again everyone,
Dane
ASKER
jar 3817,
Wow, left the page open and just refreshed when I got home, didnt even see the post. So using "abc.com" would just be confusing and create problems. Scratch that.
The .local and .internal can't be registered question still stands however :).
Thanks again,
Dane
Wow, left the page open and just refreshed when I got home, didnt even see the post. So using "abc.com" would just be confusing and create problems. Scratch that.
The .local and .internal can't be registered question still stands however :).
Thanks again,
Dane
You're correct .local or .internal names can't be registered, but it really doesn't matter. All the hosts that will need to know about .local name will be local lan clients that use the DCs as their nameservers. As for hosting servers in some remote location, they'll need to be connected to your lan via something like VPN.
ASKER
jar,
Just to clarify, I was suggesting hosting internally, on the lan, not remotely. ".local" seems like it would restrict me from ever hosting an exchange server from our office network (I'd make it a member of the internal domain, whatever it may be). Am I wrong? What do people do when they have a network that hosts public content (like an exchange server) but also have a remote website that hosts public content?
Thanks,
Dane
Just to clarify, I was suggesting hosting internally, on the lan, not remotely. ".local" seems like it would restrict me from ever hosting an exchange server from our office network (I'd make it a member of the internal domain, whatever it may be). Am I wrong? What do people do when they have a network that hosts public content (like an exchange server) but also have a remote website that hosts public content?
Thanks,
Dane
dmo145:
You can still host an exchange server with the .local. You would create MX records with your web hosting company to point to the fully qualified name of your exchange server. This is exactly what we do at my office.
jocasio
You can still host an exchange server with the .local. You would create MX records with your web hosting company to point to the fully qualified name of your exchange server. This is exactly what we do at my office.
jocasio
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the help experts! You saved me some big headaches down the road.
BTW, you would use corp.abc.com if you had a sub domain (or if a host on your network was corp, then it's fully qualified name would be corp.abc.com)
HTH
jocasio