User wanting to use a .local domain to host DNS

Phil Mayers p.mayers at imperial.ac.uk
Wed Nov 14 16:48:51 UTC 2012


On 14/11/12 15:02, King, Harold Clyde (Hal) wrote:
> I'm a bit confused by a user request. I think he is trying to keep some
> hosts on the private side of DNS, but he wants to use a DNS name like
> host.sub.local. I do not know of the use of the .local TLD except in
> bonjure. Can anyone shed some light on the use of the .local TLD?

Yes - going down this route is a mistake. Don't do it. I speak from 
personal experience.

First, it conflicts with a possible future standardisation of mDNS.

Second, if you ever need to bring the hosts into your "real" DNS at a 
future date, you'll find you've made your life really hard, needing 
DNSSEc trust anchors, forwarders/stub statements, and so on.

Pick a private sub-domain of a *real* domain that *you* own e.g. if you 
are "example.com", pick:

sub.private.example.com

...and sidestep this at the planning stage. You can easily make that 
zone hidden by delegating it to nameservers which are only reachable 
from the appropriate places, or by using "allow-query" ACLs or similar.



More information about the bind-users mailing list