It’s used in many cases where the machine may not be on the LAN and LAN is a technical term. “Internal” is not and to me signifies that it’s “not public” aswell as probably managed by someone, well, internally at the entity you’re with.
Comment on ICANN proposes creating .INTERNAL domain
conorab@lemmy.conorab.com 11 months ago
A good move!
I’m surprised they didn’t codify “.lan” though since that one is so prevalent.
Atemu@lemmy.ml 11 months ago
fishpen0@lemmy.world 11 months ago
Seconding the other comment, lots of orgs picked .lan and then over the last few years have moved things into the cloud and .lan has become a meaningless soup since half the shit isn’t even on local network. Now it just means “needs a vpn or ztn to talk to”
Luckily my last three orgs finally bought a second domain for private dns. It’s quickly becoming a pattern that myorg.com owns myorg.tech or whatever for private traffic. Domains are cheap as fuck compared to everything else a business spends money on, it’s really silly how many people are using hacks for this
sir_reginald@lemmy.world 11 months ago
I think needing a VPN to access the internal network is a good practice. And if you’re going to be used a VPN anyway, I don’t see why you wouldn’t use a “fake” TLD like .lan for internal stuff, after all it’s just simple DNS rules.
fishpen0@lemmy.world 11 months ago
VPN is inherently not zero trust. You really should be moving to ZTN based tools