On 25. 01. 23 20:17, Michael Richardson wrote:
I strongly agree with you recommendation:
Globally unique names do not equate to globally resolvable names or even
global names that resolve the same way from every perspective. Globally
unique names can prevent any possibility of collisions at present or in the
future, and they make DNSSEC trust manageable. Consider using a registered
and fully qualified domain name (FQDN) from global DNS as the root for
enterprise and other internal namespaces.
Oh yes please. I 100% support this.
FTR the DNS protocol folks, myself included, were saying this for a long
time. Advice like this can also be seen in even in enterprise-oriented
docs, e.g.
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/networking_guide/ch-configure_host_names#sec-Recommended_Naming_Practices
(That's from ~ 2015, so also not brand new.)
If you can make somehow amplify this advice I might end up owing you
lots and lots of beverages :-)
--
Petr Špaček
Internet Systems Consortium
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
