User wanting to use a .local domain to host DNS
Phil Mayers
p.mayers at imperial.ac.uk
Wed Nov 14 16:48:51 UTC 2012
On 14/11/12 15:02, King, Harold Clyde (Hal) wrote:
> I'm a bit confused by a user request. I think he is trying to keep some
> hosts on the private side of DNS, but he wants to use a DNS name like
> host.sub.local. I do not know of the use of the .local TLD except in
> bonjure. Can anyone shed some light on the use of the .local TLD?
Yes - going down this route is a mistake. Don't do it. I speak from
personal experience.
First, it conflicts with a possible future standardisation of mDNS.
Second, if you ever need to bring the hosts into your "real" DNS at a
future date, you'll find you've made your life really hard, needing
DNSSEc trust anchors, forwarders/stub statements, and so on.
Pick a private sub-domain of a *real* domain that *you* own e.g. if you
are "example.com", pick:
sub.private.example.com
...and sidestep this at the planning stage. You can easily make that
zone hidden by delegating it to nameservers which are only reachable
from the appropriate places, or by using "allow-query" ACLs or similar.
More information about the bind-users
mailing list