Any time I think of something you’re not supposed to do with network architecture, I always think of Good Morning Vietnam. When Robin Williams says: “Don’t go near there!” But Betty! “Don’t go near there…get away from the river! Stay away from there!”
One of the things you’re not supposed to do on networks is have conflicting DNS information. One example is to use a www record on one DNS server and a different one on another DNS server. This introduces a potential problem when some users end up with one DNS server and others end up with another. IP, DNS and other conflicts are usually a bad thing.
Another example is to use sponsored Top Level Domains for internal purposes as they’re used for specific purposes. We often use various TLD (Top Level Domains), which are often referred to as domain extensions, when building out internal DNS for various purposes. For example, when building DNS for an internal Xsan network, we might use organizationname.xsan (where organizationname is replaced by the company or school’s name. In the Apple world, we’re taught not to use .local extensions, even though it is OK for users of most every other platform. Zeroconf is growing in popularity though, and so using .local extensions is basically not a great idea these days.
But other than that, we just use domains, other than those that are country coded (e.g. .zw for Zimbabwe, .au for Australia, .dk for Denmark and .tv for Tuvala), general (gTLDs include .com, .info, .net and .org) and .arpa (as any good DNS server admin will quickly note).
These include the following:
- .aero – Used by aerospace and air transit organizations (obviously major airlines have .coms)
- .asia – Used by Asia-Pacific organizations
- .cat – For Catalan
- .coop – For co-ops (cooperatives) – must have long hair and a beard to participate (yay, I’m in this week but maybe not next week if it gets itchy)
- .edu – Reserved for schools
- .gov – Reserved for member organizations of the US Government
- .int – Reserved for International treaties, such as NATO (and randomly the YMCA)
- .jobs – For posting jobs and cavorting with other HR managers
- .mil – Reserved for the US military (e.g. Army, Navy, Air Force and Dick Cheney)
- .mobi – Mobile providers
- .museum – Um, museums I think
- .tel – Contact information on businesses (short for telephone number, but can use lots of different contact info)
- .travel – Travel agents and other people involved in travel (who aren’t already part of one of the previous TLDs)
- .xxx – Guessing I don’t need to explain what this one is for
Be careful when picking a TLD to use in a network environment. Reserved TLDs of various types are tracked and used through IANA. You can look up those that are currently reserved by IANA at http://www.iana.org/domains/root/db. And of course, you can try and register your own. But they’re a little strict about that. It’s not like they let just anyone (cough, ICM Registry, cough) get one of their own…
In addition to Sponsored TLDs, there are also four that were reserved in RFC 2606 and should not be used. These include example, invalid, localhost and test. Example is also a reserved second level domain name, per RFC 2606 as well. Some other TLDs have also been retired, but would likely be poor practice to put into circulation when attempting to avoid conflicts. These include .nato, .cs, .ba, .dd, .yu, and .zr.I wouldn’t use proposed TLDs that ICANN is actually considering either, which include free, music, shop, berlin and nyc (just in case – never hurts to future proof). Most single letter second level domain names are reserved. Two letter domain names aren’t reserved but are all taken. The regulations regarding second level domain names are usually up to the entity that sponsored the domain in the first place.
If you use internal DNS, even if the environment doesn’t route, make sure there are no conflicts. Unless of course, those conflicts are planned for (for example, re-routing sites that you don’t want users to visit in DNS, which there are arguably better ways to do, but whatever). Finally, you shouldn’t use single-label domain names. These are domains with no TLD (or where the TLD is the domain name). For example, a domain name of CONTOSO is not a good domain name and is illegal in most uses (despite what your LanManager and NT 4.0 books tell you). These were popular back in the days of Windows NT, but were pretty exclusively used in naming Windows Domains in the days before Active Directory brought sanity such nonsense.