<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div class="elementToProof">All,<br>
</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
I wanted to better understand the use-case of having a DNS server provide localhost lookup. I think every OS has a hosts file with localhost set for 127.0.0.1. This is an instantaneous resolution for localhost, rather than going through the process of setting
of a network connection or worse (TCP socket with TLS).</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
Offhand, having a DNS server resolve this seems like unnecessary traffic.</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
I would be interested in the timing difference between having curl.localhost in the hosts file versus your DNS server. </div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
This may also allow your localhost resolution and services to continue should something prevent you from reaching the DNS server (or network delays) - thus improving uptime. </div>
<div id="Signature">
<div id="divtagdefaultwrapper" dir="ltr" style="font-size:14pt;font-family:Calibri, Helvetica, sans-serif;color:rgb(0, 0, 0)">
</div>
</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> bind-users <bind-users-bounces@lists.isc.org> on behalf of Eric <eric@digitalert.net><br>
<b>Sent:</b> Sunday, January 12, 2025 9:39 PM<br>
<b>To:</b> Lee <ler762@gmail.com><br>
<b>Cc:</b> bind-users@lists.isc.org <bind-users@lists.isc.org><br>
<b>Subject:</b> Re: localhost name lookup</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText">This email originated from outside of TESLA<br>
<br>
Do not click links or open attachments unless you recognize the sender and know the content is safe.<br>
<br>
I did, but my thought would be it's up to the dns admin to define those zone configurations as you have done. I may be wrong though.<br>
<br>
<br>
<br>
Jan 12, 2025 6:36:03 PM Lee <ler762@gmail.com>:<br>
<br>
> On Sun, Jan 12, 2025 at 5:15 PM Eric wrote:<br>
>><br>
>> That is means that the 'domain' is reserved and can be used locally. It doesn't specify all records in that namespace / domain will resolve to 127.0.01.<br>
>><br>
>> Think of it like .com<br>
>><br>
>> If you want every A record in *.localhost to resolve to 127.0.0.1 what you did will do that.<br>
><br>
> Did you look at the RFC?<br>
><br>
> 4. Caching DNS servers SHOULD recognize localhost names as special<br>
> and SHOULD NOT attempt to look up NS records for them, or<br>
> otherwise query authoritative DNS servers in an attempt to<br>
> resolve localhost names. Instead, caching DNS servers SHOULD,<br>
> for all such address queries, generate an immediate positive<br>
> response giving the IP loopback address...<br>
><br>
> 5. Authoritative DNS servers SHOULD recognize localhost names as<br>
> special and handle them as described above for caching DNS<br>
> servers.<br>
><br>
> So OK.. SHOULD isn't the same as MUST so bind as configured isn't<br>
> violating that RFC. But is there a _good_ reason to not follow the<br>
> SHOULD recommendation?<br>
><br>
> Thanks,<br>
> Lee<br>
><br>
>><br>
>> Jan 12, 2025 4:38:09 PM Lee:<br>
>><br>
>>> Excuse my ignorance, but<br>
>>><br>
>>> <a href="https://datatracker.ietf.org/doc/html/rfc6761#section-6.3">https://datatracker.ietf.org/doc/html/rfc6761#section-6.3</a><br>
>>><br>
>>> The domain "localhost." and any names falling within ".localhost."<br>
>>> are special in the following ways:<br>
>>><br>
>>> sure seems to mean that if I lookup curlmachine.localhost I should get<br>
>>> a 127.0.0.1 or ::1 address returned. Correct?<br>
>>><br>
>>> I had to change my db.local file to<br>
>>><br>
>>> $ cat db.local<br>
>>> ;<br>
>>> ; BIND data file for local loopback interface<br>
>>> ;<br>
>>> $TTL 604800<br>
>>> @ IN SOA localhost. root.localhost. (<br>
>>> 3 ; Serial<br>
>>> 604800 ; Refresh<br>
>>> 86400 ; Retry<br>
>>> 2419200 ; Expire<br>
>>> 604800 ) ; Negative Cache TTL<br>
>>> ;<br>
>>> @ IN NS localhost.<br>
>>> @ IN A 127.0.0.1<br>
>>> @ IN AAAA ::1<br>
>>><br>
>>> * IN A 127.0.0.1<br>
>>> IN AAAA ::1<br>
>>><br>
>>><br>
>>> to make localhost and curl.localhost work.<br>
>>><br>
>>> Is this wrong? and if so, why?<br>
>>><br>
>>> TIA,<br>
>>> Lee<br>
>>> --<br>
>>> Visit <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
>>><br>
>>> ISC funds the development of this software with paid support subscriptions. Contact us at
<a href="https://www.isc.org/contact/">https://www.isc.org/contact/</a> for more information.<br>
>>><br>
>>><br>
>>> bind-users mailing list<br>
>>> bind-users@lists.isc.org<br>
>>> <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
--<br>
Visit <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
<br>
ISC funds the development of this software with paid support subscriptions. Contact us at
<a href="https://www.isc.org/contact/">https://www.isc.org/contact/</a> for more information.<br>
<br>
<br>
bind-users mailing list<br>
bind-users@lists.isc.org<br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</div>
</span></font></div>
</body>
</html>