Why do we need a domain in the intranet?
While installing few softwares they need fully qualified domain name of a server to get discovered in the network. Eg softwares are Freeipa, cpanel etc.. If the software is hosted in public server, then we can buy a domain name and map that domain name to public server. But, we cannot assign a public domain to our private network/servers as it is illegal.
Do we have any private domains like private ip address so what we can use it in our intranet? What if we need a domain name for installing software inside our NAT network? Yes, we can make use of ".local" domain. This is basically an internal TLD(Top level domain) similar to private ip address.
We can use this domain to assign fqdn to any number of hosts. This domain doesn't need any registration. To such servers which need domain name and fqdn we should assign hostname as follows:
- Domain name: "example.local"
- Server FQDN: "server.example.local"
- Clients FQDN: "client.example.local"
To make domain name autodiscovery easy, just follow these steps:
- Keep gateway name as "gateway.example.local"
- Add static entries of domain name and static hosts in the default dns server.
- Enable auto update dns records from DHCP registered clients in gateway
- Configure all hosts to query default DNS server
Done, this way we can make use of ".local" domain eliminating hostname conflicts when you encounter mandatory domain name issue.
Note: "example" domain name is given just for an example, anyone can assign any dns name to their network in ".local" TLD.
I have planned this blog to express my view on Information security and will try to learn/help from/for other security minds. All views expressed here are strictly from personal view. This blog is neither an organization nor affiliated to any organization with respect to the blog posts.
Hi.. Myself Varun Kondagadapa and I am Information Security Specialist having 2+ years of experience in Securing organizations. From startups to MNC I have work experience in all scales of Infra.
Be the first one to comment