time and time again that running "internal" DNS on a LAN has become
increasingly frowned upon, but I guess I'm wondering how it can be avoided
if I want to access local services using a domain name?
As one spokesman for the "DNS is tricky and dangerous" crowd, I don't frown
upon running it inside your LAN as long as there's no possibility of your
internal DNS leaking into the outside world (read: as long as there's no way
for outside hosts to query your Xserve).
Allow me to post to someone else's concurrent DNS thread:
This has been one of my biggest questions about DNS: Everyone warns
you not to pollute outside DNS with internal "bogus" DNS info, but
what are the ways to prevent that?
You mention the obvious: block port 53. What are other things you
should do to make sure that your bogus DNS LAN info, or valid DNS LAN
hosts you have, but only want to be available internally, don't
propagate to the outside world?
Views is another, I guess. What else?
I ask because I don't want to screw things up.
Bret
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
