No announcement yet.

local domain name and terminal server placement

  • Filter
  • Time
  • Show
Clear All
new posts

  • local domain name and terminal server placement

    I need an explanation why Microsoft do not recommends to name local domain with a real domain name.
    I am always using .local but need detailed info what problems could happend if a real domain name used.

    "When you hit a wrong note it's the next note that makes it good or bad". Miles Davis

  • #2
    Re: local domain name and terminal server placement

    Good question.

    Option 3—Unrelated Names for Internal and External Domains

    This configuration involves two namespaces. The domain names used for internal and external resources are completely different. For example, an organization uses the domain name for their external namespace but uses the name wingtiptoys.local for their internal namespace. This example uses “.local” as a non-publicly resolvable suffix; such domains are known as internal stand-alone domains. As an alternative to using a non-publicly resolvable suffix, the internal domain could use a variant of the public domain with a slight change to the names, such as adding “-corp” to the domain name as in

    The advantages of using unrelated names for internal and external domains include:

    Security: This design uses a unique internal domain name that is not resolvable from any external clients. The internal name need not be registered with the Internet registry; therefore, any name can be used although it is advisable to register the name. As the internal name is not used within any externally reachable DNS, there is no risk of external systems being able to resolve the IP addresses of your internal systems. If a suffix is used that is not publicly resolvable, names can never be resolved by public DNS servers, thereby adding a layer of protection.

    Distributed administration: This design enables you to distribute administrative responsibilities across internal and external domains easily, which are completely separate and can be appropriately managed.

    Hosting flexibility: Because the internal and external domain namespaces are separate, it is possible and advisable to host them on different DNS servers.

    The disadvantages of using unrelated names for the internal and external domains include:

    Management overheads: This design requires additional administrative work because two separate namespaces must be managed to provide full internal and external name resolution for internal clients in an efficient manner.

    Potential user confusion: Using a stand-alone internal domain that is unrelated to your external domain might create confusion for users, because the namespaces do not reflect a relationship between resources within and outside your network.

    Potential internal-external communication problems: If there are design needs that require transparent crossover between a company’s private and public namespaces, use of a non-resolvable name may cause problems or at least additional planning requirements.

    Requires additional Internet registrations: If you want to provide for design changes that require the internal domain to be used externally, you must register two DNS names with the Internet name authority.

    I know this is for SBS but there is some info there

    Please read this before you post:

    Quis custodiet ipsos custodes?


    • #3
      Re: local domain name and terminal server placement

      Thanks, Andy.
      "When you hit a wrong note it's the next note that makes it good or bad". Miles Davis