mDNS/LLMNR was Re: [BBLISA] openldap recipe(s)

Michael Tiernan michael.tiernan at gmail.com
Fri Nov 7 19:38:32 EST 2008


On Fri, Nov 7, 2008 at 4:37 PM, Dean Anderson <dean at av8.com> wrote:
> Don't use .local

Ok. I see the logic of the argument. Someone smarter than I (not that
this was difficult) suggested to me that if you have a network where
each machine has two NICs that it's "a good idea" to use
[traditional?] names for the front ends and ".local" for the backends.

The front end being isolated may respond to "myspecialdbs.example.com"
but the backend, which you don't want any outsiders touching is
"myspecialdbs.local". This is what management systems, backup, etc.,
would look at/for when they need to reach these interfaces. (Usually
on an RFC1918 restricted address model.)

His arguments seemed to make sense and I am not savvy enough to sort
out the positives vs negatives on this. The URLs Mr Anderson provides
all seem to indicate that it's only a bad idea if you want
myspecialdbs.local to be "in a search path" but what if, as the
example above, you want all traffic to be "front-end-oriented" except
by specific use of the ".local" suffix meaning "go to the back end"?
-- 
    << MCT >>   Michael C Tiernan.
    Is God a performance artist?
    EGO hack vivo quod ago accido.
    http://www.linkedin.com/in/mtiernan




More information about the bblisa mailing list