User wanting to use a .local domain to host DNS

Carsten Strotmann cas at strotmann.de
Thu Nov 15 14:39:29 UTC 2012


Phil Mayers <p.mayers at imperial.ac.uk> writes:

> On 14/11/12 15:02, King, Harold Clyde (Hal) wrote:
>> I'm a bit confused by a user request. I think he is trying to keep some
>> hosts on the private side of DNS, but he wants to use a DNS name like
>> host.sub.local. I do not know of the use of the .local TLD except in
>> bonjure. Can anyone shed some light on the use of the .local TLD?
>
> Pick a private sub-domain of a *real* domain that *you* own e.g. if
> you are "example.com", pick:
>
> sub.private.example.com

>From my experience I recommend the solution Phil is describing. While
using a private top level domain is technical possible, I have seen too
many DNS admins that do not understand the implications and end up with
a system that is a burden for the local network and as well a burden for
the root-server system in the Internet.

Look at the DSC graphs of l.root-servers.net for invalid TLDs requested
<http://dns.icann.org/cgi-bin/dsc-grapher.pl?window=86400&node=ams01&plot=qtype_vs_invalid_tld&server=L-root-Europe>

'.local" is the 4th most queried domain name (after localhost, com and
net), but it should not exist at all in the Internet (or queries should
not reach the root server system). You see "corp", "intern" and "intra"
as well in the top 20 list.

Failing to operate a private TLD correctly is causing internal data
leaking to the Internet, which could be a security risk but in all cases
is a burden on the root server system.

A private subdomain of a delegated DNS domain owned by the company
(organization, individual) is much more save, and simpler to setup, and
serves the same purpose. 

-- Carsten



More information about the bind-users mailing list