thoughts for a fake domain

Kenneth Porter shiva at well.com
Thu Mar 29 07:22:49 UTC 2001


On Wed, 28 Mar 2001 15:42:52 +0100, Jim Reid wrote:

>>>>>> "Roy" == Roy Arends <Roy.Arends at nominum.com> writes:
>
>    Roy> If you want to be sure that you choose an unused domain, try
>    Roy> being your own tld.
>
>If someone's going to do that, they should pick a TLD that doesn't
>exist and probably never will exist. RFC2606 -- Reserved Top Level DNS
>Names -- has some recommendations on this.

That RFC defines these names:

>".test" is recommended for use in testing of current or new DNS
>related code.
>
>".example" is recommended for use in documentation or as examples.
>
>".invalid" is intended for use in online construction of domain names
>that are sure to be invalid and which it is obvious at a glance are
>invalid.
>
>The ".localhost" TLD has traditionally been statically defined in
>host DNS implementations as having an A record pointing to the loop
>back IP address and is reserved for such use. Any other use would
>conflict with widely deployed code which assumes this use.

None of the four sound like good candidates for a good TLD for use on a
company internal LAN for real use. Two names that come to mind are
".private" and ".lan". Has any effort been made to reserve a TLD for
this, similar in spirit to the blocks of private non-routable IP
addresses?

On a somewhat related not, what are the downsides of using a subdomain
of one's real public domain, and setting the delegation records to
point to private non-routable IP addresses of name servers on the LAN?
(One that comes to mind is that it advertises the location of the
internal name servers to any cracker who makes it into the LAN.)

Ken
mailto:shiva at well.com
http://www.sewingwitch.com/ken/
[If answering a mailing list posting, please don't cc me your reply. I'll take my answer on the list.]




More information about the bind-users mailing list