architecture question

Dave Warren davew at
Fri May 10 23:47:21 UTC 2013

On 2013-05-10 16:39, btb at wrote:
> On May 10, 2013, at 01.18, Dave Warren <davew at> wrote:
>> On 2013-05-08 11:13, btb wrote:
>>> it's also mildly humorous that they used to quite religiously endorse .local, in some documents even categorizing use of the same domain name on an internal and external network as a "security risk".
>> Keep in mind that this was before ubiquitous, always-on TCP/IP was the norm. It was coming, but we weren't there yet and Microsoft was still catching up.
> i disagree.  in 1999, when .local was first referenced [and only in id form], short of perhaps the residential environment, always-on tcp/ip was commonplace - and i'm doubtful you'd even find microsoft references that early to it anyway, since microsoft was still catching up [this i heartily agree with, as they always are] :)

In those days, I was in the ISP world and we had a huge number of 
customers who were just starting to get IP connectivity to their 
networks, and very few hosted anything themselves, most used us as a web 
host and had no interest in their internal resources being involved with 
that internet thing at all.

I'm not talking IT companies, I'm talking their clients who were just 
discovering the internet and still hadn't really figured out it's value, 
many of which were just starting to consider connecting their computers 
to the internet in any real way.

In this context, a .local type domain isn't actually the worst idea in 
the world.

As far as Microsoft and their documentation and recommendations go, 
Active Directory development started what, 4-5 years before that? So 
best practices pre-dated the W2K release when this stuff went live and 
after that, it was no doubt a fight against inertia to change best 
practices. I know the courses I took in those days were definitely 
recommending some sort of internal-only TLD, just as internal-only IPs 
were recommended.

Dave Warren

More information about the bind-users mailing list