DNS names for intranet sites?

1337

What is the recommended practice when naming intranet sites?

In the past you could name something "portal" and if you entered that in the web browser it would find "portal" in your local DNS and go straight to the site. Today web browsers go straight to the search engine unless you have a .com or other top level domain at the end. You have to prefix the url with http:// for it to work the way you want.

I've seen people use .local but I've heard that is not recommended because local is not a top level domain.

I've also seen people use the subdomain of a company domain, for instance firewall1.company.net. It just not a short name for this.

What is best practice on this?

stacksofplates

@pete-s said in DNS names for intranet sites?:

Today web browsers go straight to the search engine unless you have a .com or other top level domain at the end

If you put a / at the end it usually resolves correctly.

Obsolesce

Add a dns search domain or whatever its called... theres a lot of options for resolving names. If you type http://portal, it automatically uses a specified dns suffix

scottalanmiller

@pete-s said in DNS names for intranet sites?:

I've seen people use .local but I've heard that is not recommended because local is not a top level domain.

That's why it was recommended. Apple intentionally did things to break its use to mess with Windows shops, hence why it is a problem. Make up your own and no problem.

scottalanmiller

Doing short names, like just https://portal/ is a problem because it implies you are only functional on the LAN and not from other locations. Few companies want to design their naming system in that way today.

black3dynamite

We use subdomain of our company domain.

1337

@scottalanmiller said in DNS names for intranet sites?:

Doing short names, like just https://portal/ is a problem because it implies you are only functional on the LAN and not from other locations. Few companies want to design their naming system in that way today.

Got it! But how do they want to design it?

I'm thinking especially if you have a mixed OS environment and using a number of hosts that resides locally or in the cloud or at different company locations over a VPN network.

I have a hard time wrapping my head around how to set things up with hostnames, FQDNs, DNS on the *nix side and WINS, DNS, AD on the other side.

JaredBusch

@pete-s said in DNS names for intranet sites?:

@scottalanmiller said in DNS names for intranet sites?:

Doing short names, like just https://portal/ is a problem because it implies you are only functional on the LAN and not from other locations. Few companies want to design their naming system in that way today.

Got it! But how do they want to design it?

I'm thinking especially if you have a mixed OS environment and using a number of hosts that resides locally or in the cloud or at different company locations over a VPN network.

I have a hard time wrapping my head around how to set things up with hostnames, FQDNs, DNS on the *nix side and WINS, DNS, AD on the other side.

Because no matter what the device, you have a single DNS source internally. That is where you control resolution.

Use proper FQDN. Yes, it means split DNS if you also want the services publicly available.

My house router at home is setup to use jaredbusch.com for the “domain” in the DHCP server. I don’t generally use it except for when I am lab/testing things.

At clients it is always deigned this way.

scottalanmiller

@pete-s said in DNS names for intranet sites?:

@scottalanmiller said in DNS names for intranet sites?:

Doing short names, like just https://portal/ is a problem because it implies you are only functional on the LAN and not from other locations. Few companies want to design their naming system in that way today.

Got it! But how do they want to design it?

I'm thinking especially if you have a mixed OS environment and using a number of hosts that resides locally or in the cloud or at different company locations over a VPN network.

VPN just extends the LAN, that's not the modern alternative, that's the old 1990s way. As long as you are 100% LAN, you just use your local DNS, that's it. There's nothing more to know. None of those things are factors.

If you are doing it the modern LANless way, then you use public DNS. We do this all the time. Totally normal, nothing complex.

scottalanmiller

@pete-s said in DNS names for intranet sites?:

I have a hard time wrapping my head around how to set things up with hostnames, FQDNs, DNS on the *nix side and WINS, DNS, AD on the other side.

WINS isn't a factor, you should never be setting anything in WINS. AD is not a factor and doesn't interact here. Unix systems aren't special in any way, they behave and resolve exactly like Windows systems. So whatever works for Windows will work for Unix.

scottalanmiller

Even if you are LANless and you want pure hostnames and no FQDN, you just set your search settings and that handles that regardless of LAN or LANless design.