1

Assume you have a web server and database server, the web server is publicly accessible, while the database is only used by the web server, their DNS is

web.example.com
web-internal.example.com

db-internal.example.com

So obviously the db should only use the internal DNS as the hostname, what about the web server? Should I also use the internal DNS as the hostname for the sake of consistency?

Ryan
  • 5,341
  • 21
  • 71
  • 87

2 Answers2

2

The Public web server should use the Public DNS. If possible, you want the web server in a DMZ. Depending on how your network addressing is done, you may want the external name pointing to the internal IP address on the internal IP address. The Public DNS should have the IP address required to access the server from the Internet. If you use NAT or a proxy, this may not be the address of the web server.

Unless you want the Database server accessible from the Internet, it should be on the internal network and use the internal DNS. It is relatively rare that you would want the server accessible from the Internet. Depending on the contents, their may be obligations to secure the database against access from the Internet.

The value of the /etc/hostname can be whatever you want, but should be an internal name. It is common to have services with their own name which is distinct from the name of the host on which they run. Separating the service name from the host name facilitates moving or scaling the service.

If you add the addresses to /etc/hosts use the internal DNS addresses. Anything in this file should be the same value as the host would get from DNS. Unless your internal DNS is unreliable, it should not be necessary to include the addresses there. In my case I use dnsmasq as my internal DNS, and it is configured from a hosts file. This makes it very easy to have one true source for IP addresses.

If you do put the addresses in the hosts file, try to automate the update so you don't have to edit every servers file manually. Manual edits tend to be error prone, and you want to do as few as possible.

BillThor
  • 27,354
  • 3
  • 35
  • 69
  • I understand your point, but I am asking what should be the recommended value of my "/etc/hostname"? Should it be the same the public DNS or internal DNS, in both cases. – Ryan Jan 15 '14 at 15:19
  • @Yoga I have updated my response. – BillThor Jan 15 '14 at 15:31
  • I'd add that what standard you choose is not of overwhelming importance - the main point is that you do choose a standard and stick to it. – Jenny D Jan 15 '14 at 15:33
2

Generally speaking the hostname is completely irrelevant for the services running on a server. As long as the actual DNS records users and applications will use (both the public and internal) are correct and point to the server offering that specific service.

More about naming conventions in this answer.

The only exception that comes to mind are outgoing SMTP servers, because unless explicitely configured otherwise those will identify themselves by their hostname and that hostname should be resolvable and identical to the PTR record.

Community
  • 1
HBruijn
  • 72,524
  • 21
  • 127
  • 192