Lennart Poettering wrote:
On Mo, 28.09.20 22:54, Björn Persson (Bjorn@rombobjörn.se) wrote:
It can work in company-scope if the company has competent network admins. My local DNS server at home resolves local hostnames to private IPv4 addresses in the 192.168/16 block. Clients on the Internet see another view. Both views are DNSsec-signed, and validation works fine. There's no reason why this setup wouldn't work on a corporate network. The key is to use a domain that is actually registered to the company, not some made-up TLD like "internal" or whatever the incompetent network admins come up with.
You never take your laptop outside to a cafe or so? You never connected it to something that is not your home or office network?
A cafe is company-scope? I'm not sure whether that counts as moving the goalposts or changing the subject, but neither is a constructive way to discuss a technical topic.
Björn Persson