If searching the internet, lots of post will recommend not to use .local as the domain name. Particularly in WiKi, "Networking device hostnames ending with .local are often employed in private networks, where they are resolved either via the multicast domain name service (mDNS) or local Domain Name System (DNS) servers. The implementation of both approaches on the same network can be problematic, however, so resolving such names via “unicast” DNS servers has fallen into disfavor as computers, printers and other devices supporting zero-configuration networking (zeroconf) have become increasingly common." so the question is here, should we use it or not? what is the real reason behind of this?
Using .local will cause issue with mDNS and zeroconf? Alright, what mDNS and zeroconf does? Still according to WiKi, "the multicast Domain Name System (mDNS) resolves host names to IP addresses within small networks that do not include a local name server", and "The mDNS protocol is published as RFC 6762, uses IP multicast User Datagram Protocol (UDP) packets, and is implemented by the Apple Bonjour and Linux nss-mdns services". Also "Without zeroconf, a network administrator must set up services, such as Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), or configure each computer's network settings manually". The truth is that there always are DNS server and DHCP server in corporate environment, so the zeroconf is not required at all. Also, based on the published document from Apple, this .local domain issue can be resolved from v10.4 above, https://support.apple.com/en-au/HT201275.
Some of the online posts also recommend to use routable domain name in Active Directory. I believe this is because the office 365 requires the routable domain to be verified. However, this can be resolved using Azure AD connect. Also using routable domain in Active Directory will cause the issues to split DNS setup.
The conclusion is:
1. Do not use routable domain name in Active Directory. This will not expose the internal domain to public and enhance security, also avoid the issue with split DNS setup;
2. If there is mDNS required, also with legacy OSX system, do not use .local as domain name.
So, there is no issue at all in most of time to choose .local as domain name.
It is a great website.. The Design looks very good.. Keep working like that!. renewing a domain name
ReplyDelete