mDNS/LLMNR was Re: [BBLISA] openldap recipe(s)
Daniel Hagerty
hag at linnaean.org
Sat Nov 8 09:08:02 EST 2008
"Michael Tiernan" <michael.tiernan at gmail.com> writes:
> The URLs Mr Anderson provides all seem to indicate that it's only a
> bad idea if you want myspecialdbs.local to be "in a search path" but
> what if, as the example above, you want all traffic to be
> "front-end-oriented" except by specific use of the ".local" suffix
> meaning "go to the back end"?
The LLMNR faq's reasonings are primarily specific to it, and
secondarily that local is not a de-jure standard.
The reason to avoid local is what John said; I was not aware of
the degree to which apple will conflate mDNS with DNS. For your
particular application of playing with LDAP auth on a server named out
of .local, macs prior to 10.5.5 will present you some difficulties.
The backend/frontend is easily solved with the "buy a domain"
mantra. Hang a subdomain (you can even call it .local!) from that
domain and name the backend off that. If you want to hide those names
from the internet, split your DNS as appropriate.
Really, please just buy a domain. More than half of this thread
has been spent on namespace religion, and not "how do I configure my
ldap server". This is all readily avoided by showing up with a
registered domain in hand.
More information about the bblisa
mailing list