Problem with zone delegation with private gTLD

Petr Mensik pemensik at
Mon Apr 8 11:40:52 UTC 2019

On 4/8/19 1:05 PM, Matus UHLAR - fantomas wrote:
>> Karl Lovink via bind-users <bind-users at> wrote:
>>> I am trying to set up a private gTLD with BIND9 and underneath that gTLD
>>> a subdomain.
> On 08.04.19 12:00, Tony Finch wrote:
>> Why a TLD?
>> You will have fewer problems if you get a properly registered domain and
>> set up a subdomain of that for private use.
> many users/organizations use private TLDsm, just like they often use
> private
> IP ranges instead of public.
> I believe there should be reserved gTLD for such usage.
I believe there is test domain reserved for similar usage. Or

Organizations should use their own (sub)domain, especially if they use
DNSSEC. Individuals usually lack domain they can control. Organization
often lack good practices to limit some subdomain for private usage.
Complicated setup of secure delegation on some DNS providers might be

I think dns search suffix might help with longer domains usage. But it
is also considered insecure.

Petr Menšík
Software Engineer
Red Hat,
email: pemensik at  PGP: 65C6C973

More information about the bind-users mailing list