On 3/15/2012 8:56 AM, Seth Mos wrote: >> So I've been creating all my servers in aliases for nothing I guess? I'd >> just have to create the groups I want, then add the servers' DNS name I >> want inther and voila?
> Not a good idea, unless all the records match up. If the system has > different addresses you would need to make very sure they are all in DNS. > > If the DNS server fails that also means that your firewall rules will be > skipped and nothing works. > > I use it for a few websites, but nothing I administer locally for > something which I know the IP address won't ever likely change. ^ that. Hostnames are fine to use for remote things or things you don't know for sure, but that does rely on working DNS. If you know the IPs and they aren't likely to change, use them in an alias. You could use all hostnames in you want, but for something like a remote access alias, be sure to leave yourself at least one in there with an IP just in case DNS fails. In general, leave the hostnames for unknowns, like dyndns addresses, systems you don't have control over that could change without your knowledge, and so on. Jim _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list