Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    bad example.

    General Discussion
    1
    1
    1088
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • thctlo
      thctlo last edited by

      Hai,

      I was reading :
      https://kb.kopano.io/display/WIKI/Install+Kopano+Core+on+Debian+or+Ubuntu+with+OpenLDAP

      why o why is .local used in the examples and not example.com?

      .local is a registered TLD for Apple’s mDNS (zeroconf/avahi-daemon)
      which is by default installed on for example ubuntu

      Result failures in resolving.

      please read:
      https://tools.ietf.org/html/rfc6761 (Special-Use Domain Names)

      what MS is saying about this.
      ( source : https://social.technet.microsoft.com/wiki/contents/articles/34981.best-practices-for-internal-ad-domain-and-network-names.aspx )

      Dummy DNS name vs official DNS name

      In the past, lots of people chose to use a dummy, unofficial TLD (top-level-domain) for their internal network, like domain.lan, domain.local of domain.internal (and also domain.internalhost)

      But this can get you in serious trouble. Because these names are not supported by internet standards, the most important RFC on this is: RFC 2606 Jump (http://tools.ietf.org/html/rfc2606 Jump ) This RFC standard is very explicit on choosing domain names for private testing and documentation
      •.test
      •.example
      •.invalid
      •.localhost

      But also for documentation some 2nd level domains are reserved
      •example.com
      •example.net
      •example.org

      As you can see, these names are created for testing and not for production.

      Plus, if the public naming standards change or additional names are released you might be using a name you don’t own and that can be routed to the internet, which conflicts with the initial use. Therefore, the technical conclusion is fairly straight forward: register a public DNS name and use it for your internal DNS resolution. So the use of <yourinternaldomain>.be is technically correct but it doesn’t stop there. There are some important consequences. Allow me to take the discussion a step further. You have to make a choice on the DNS zones:
      •using a single DNS zone
      •Using subdomains
      •using different DNS zones

      Now why am i saying this. For example: samba4 + kopano + kerberos auth and NOT useing .local helps in less problems.

      Thanks for reading.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post