On Aug 30, 2007, at 6:29 PM, L Goodwin wrote:

Do you mean avoid giving any machines on your LAN the
same hostname as the (hosted) web server, mail server
and ftp server? I don't even know what the hostname
for the web server is. The mail and ftp servers are
"mail.<domainname>.com" and "ftp.<domainname>.com", so
I guess I would not want to use these.

I have a minimum of three names for any machine visible to the outside world.

(1) I have the internal name that I give a box. A few years ago, I asked my daughter for help naming machines, and we ended up with a Harry Potter theme. So my primary external server (which has the most names) is dobby.ewd.goldmark.org, but that name isn't visible to the world. It's not secret, but I have no intention of having anything out side my local network needed to refer to it that way.

(And in the Harry Potter scheme, my three headed firewall is named fluffy.)

(2) But there is another name it must also have. I have a tiny block of IP addresses which all had PTR records associated with them like


It took more than two hours on the phone to Verizon to get those changed, so it was something I only ever wanted to do once, so I have names like


and so on.  So dobby is also known of as n118.ewd.goldmark.org

(3) Now dobby runs a couple of public servers. It runs Apache as www.goldmark.org and about half a dozen vhosts. It also also runs a mailserver (postfix) with mailman primarily visible under the name lists.shepard-families.org.

So recapping. One is my quasi-private name for the box itself. And that is what hostname knows. Two is a name corresponding the the reverse lookup of any public IP address it might have. There may be several of these if the machine had multiple IP addresses. And three are "role" names for all of the services it runs. This way, if I want to move a service to a different host, that is relatively easy.


Jeffrey Goldberg                        http://www.goldmark.org/jeff/

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to