0

I don't know a lot about DNS. So I am wondering if the following is possible:

We would like to have subomains that we internally can refer to without the last part of the domain.

Example:

We have a server foo in a subdomain bar at our company acme.com. So the full name of this server would be foo.bar.acme.com. No problem, this works.

However, we would also like to be able to use the abbreviated name foo.bar to refer to this server on computers that are in our intranet.

This way, for instance, if foo is a webserver, our internal users could surf to http://foo.bar instead of having to go to http://foo.bar.acme.com.

Is this possible to set up?

(Our network is Windows based)

Klas Mellbourn
  • 347
  • 1
  • 5
  • 10
  • 1
    Have a look at [this](https://superuser.com/questions/61827/how-can-i-add-a-search-domain-in-windows-7). – gxx May 30 '16 at 17:15
  • 1
    You can't reliably do this anymore, because of [name collisions](http://serverfault.com/q/626612/126632). – Michael Hampton May 30 '16 at 17:31
  • @MichaelHampton Not sure if I get this right: One could register a domain just for internal use. I know of at least one big company in Germany who are doing just this. – gxx May 30 '16 at 21:18
  • @gf_ Yes, you could. Google got dozens of them. But they're pretty expensive. At least $200,000 to start, and I don't even know what annually. Not going to be worth it for most. – Michael Hampton May 30 '16 at 21:21

1 Answers1

2

You can create an internal DNS zone called bar, and then create a CNAME record in this zone, so that foo.bar points to foo.bar.acme.com. Repeat for each host which needs this kind of aliasing.

Another option would be to configure the network interfaces on your computers to use additional DNS search suffixes other than the default domain one, so that when they need to resolve a non-FQDN name, they will automatically try appending different suffixes to it in order to find the full name. This can be managed centrally via Group Policies. However, be careful with this as it could sometimes lead to unpredictable results.

I strongly suggest the first option, a server-side DNS zone is much easier to manage (and troubleshoot if/when something goes wrong) than thinkering with how clients resolve names; also, you can choose which names are treated this way, while a client-side DNS search suffix would apply to any name.

Massimo
  • 68,714
  • 56
  • 196
  • 319
  • 1
    I have similar functionality working here, using CNAMES as suggested by Massimo. – arana May 30 '16 at 17:36
  • ...why the downvote? – Massimo May 30 '16 at 17:47
  • Added "internal" for clarity. Although it should have been obvious by the context. – Massimo May 30 '16 at 18:41
  • Deleted my prior comment, I wasn't awake yet. I think it goes back to the point Michael Hampton was making above...fake suffixes are bad due to the brave new world of gTLDs. Especially since people are finding [very creative ways to abuse them](https://www.us-cert.gov/ncas/alerts/TA16-144A). – Andrew B May 30 '16 at 18:53