<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
Looking at a Rocky9 box...</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
ping localhost</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
ping squirrel.localhost</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
ping curl.localhost </div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
all resolve to 127.0.0.1. Avg response .043-.047ms for each. Pinging another ip is like 10-20 times slower.</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
The localhosts file contains:</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
I don't know if that is unique to the redhat line of systems - or version 9. It seems to have wildcard built in.</div>
<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 14pt; color: rgb(0, 0, 0);">
<br>
</div>
<div class="elementToProof" id="Signature">
<div style="font-size:14pt;color:#000000;font-family:Calibri,Helvetica,sans-serif" dir="ltr" id="divtagdefaultwrapper">
<p style="margin-top: 0px; margin-bottom: 0px;">RW<br>
</p>
</div>
</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Lee <ler762@gmail.com><br>
<b>Sent:</b> Tuesday, January 14, 2025 10:48 AM<br>
<b>To:</b> Robert Wagner <rwagner@tesla.net><br>
<b>Cc:</b> bind-users@lists.isc.org <bind-users@lists.isc.org><br>
<b>Subject:</b> Re: localhost name lookup</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText">This email originated from outside of TESLA<br>
<br>
Do not click links or open attachments unless you recognize the sender and know the content is safe.<br>
<br>
On Tue, Jan 14, 2025 at 6:56 AM Robert Wagner wrote:<br>
><br>
> All,<br>
> I wanted to better understand the use-case of having a DNS server provide localhost lookup. I think every OS has a hosts file with localhost set for 127.0.0.1. This is an instantaneous resolution for localhost, rather than going through the process of setting
of a network connection or worse (TCP socket with TLS).<br>
> Offhand, having a DNS server resolve this seems like unnecessary traffic.<br>
<br>
Yes, it is. But it happens sometimes. What does your machine do with<br>
a "ping zippy.localhost" ?<br>
<br>
> I would be interested in the timing difference between having curl.localhost in the hosts file versus your DNS server.<br>
> This may also allow your localhost resolution and services to continue should something prevent you from reaching the DNS server (or network delays) - thus improving uptime.<br>
<br>
I don't care about how long it takes .. all that much :) I'm more<br>
concerned with Doing The Right Thing and answering with a localhost<br>
address for foo.bar.bax.localhost seems to be the right thing to do<br>
(and isn't possible in the general case for /etc/hosts - or does it<br>
allow wildcards now?)<br>
<br>
The question came up here:<br>
<a href="https://lists.privoxy.org/pipermail/privoxy-devel/2025-January/000801.html">https://lists.privoxy.org/pipermail/privoxy-devel/2025-January/000801.html</a><br>
<br>
It'd be nice to avoid things like<br>
<br>
= > On my systems hostnames ending in .localhost resolve to 127.0.0.1 and ::1.<br>
=<br>
= On my system this isn't the case. I first had to install<br>
= systemd-resolved and point DNS to 127.0.0.53 instead of using the<br>
= locally installed bind on 127.0.0.1.<br>
<br>
Thanks<br>
Lee<br>
<br>
<br>
> ________________________________<br>
> From: bind-users <bind-users-bounces@lists.isc.org> on behalf of Eric <eric@digitalert.net><br>
> Sent: Sunday, January 12, 2025 9:39 PM<br>
> To: Lee <ler762@gmail.com><br>
> Cc: bind-users@lists.isc.org <bind-users@lists.isc.org><br>
> Subject: Re: localhost name lookup<br>
><br>
> This email originated from outside of TESLA<br>
><br>
> Do not click links or open attachments unless you recognize the sender and know the content is safe.<br>
><br>
> I did, but my thought would be it's up to the dns admin to define those zone configurations as you have done. I may be wrong though.<br>
><br>
><br>
><br>
> Jan 12, 2025 6:36:03 PM Lee <ler762@gmail.com>:<br>
><br>
> > On Sun, Jan 12, 2025 at 5:15 PM Eric wrote:<br>
> >><br>
> >> That is means that the 'domain' is reserved and can be used locally. It doesn't specify all records in that namespace / domain will resolve to 127.0.01.<br>
> >><br>
> >> Think of it like .com<br>
> >><br>
> >> If you want every A record in *.localhost to resolve to 127.0.0.1 what you did will do that.<br>
> ><br>
> > Did you look at the RFC?<br>
> ><br>
> > 4. Caching DNS servers SHOULD recognize localhost names as special<br>
> > and SHOULD NOT attempt to look up NS records for them, or<br>
> > otherwise query authoritative DNS servers in an attempt to<br>
> > resolve localhost names. Instead, caching DNS servers SHOULD,<br>
> > for all such address queries, generate an immediate positive<br>
> > response giving the IP loopback address...<br>
> ><br>
> > 5. Authoritative DNS servers SHOULD recognize localhost names as<br>
> > special and handle them as described above for caching DNS<br>
> > servers.<br>
> ><br>
> > So OK.. SHOULD isn't the same as MUST so bind as configured isn't<br>
> > violating that RFC. But is there a _good_ reason to not follow the<br>
> > SHOULD recommendation?<br>
> ><br>
> > Thanks,<br>
> > Lee<br>
> ><br>
> >><br>
> >> Jan 12, 2025 4:38:09 PM Lee:<br>
> >><br>
> >>> Excuse my ignorance, but<br>
> >>><br>
> >>> <a href="https://datatracker.ietf.org/doc/html/rfc6761#section-6.3">https://datatracker.ietf.org/doc/html/rfc6761#section-6.3</a><br>
> >>><br>
> >>> The domain "localhost." and any names falling within ".localhost."<br>
> >>> are special in the following ways:<br>
> >>><br>
> >>> sure seems to mean that if I lookup curlmachine.localhost I should get<br>
> >>> a 127.0.0.1 or ::1 address returned. Correct?<br>
> >>><br>
> >>> I had to change my db.local file to<br>
> >>><br>
> >>> $ cat db.local<br>
> >>> ;<br>
> >>> ; BIND data file for local loopback interface<br>
> >>> ;<br>
> >>> $TTL 604800<br>
> >>> @ IN SOA localhost. root.localhost. (<br>
> >>> 3 ; Serial<br>
> >>> 604800 ; Refresh<br>
> >>> 86400 ; Retry<br>
> >>> 2419200 ; Expire<br>
> >>> 604800 ) ; Negative Cache TTL<br>
> >>> ;<br>
> >>> @ IN NS localhost.<br>
> >>> @ IN A 127.0.0.1<br>
> >>> @ IN AAAA ::1<br>
> >>><br>
> >>> * IN A 127.0.0.1<br>
> >>> IN AAAA ::1<br>
> >>><br>
> >>><br>
> >>> to make localhost and curl.localhost work.<br>
> >>><br>
> >>> Is this wrong? and if so, why?<br>
> >>><br>
> >>> TIA,<br>
> >>> Lee<br>
> >>> --<br>
> >>> Visit <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
> >>><br>
> >>> ISC funds the development of this software with paid support subscriptions. Contact us at
<a href="https://www.isc.org/contact/">https://www.isc.org/contact/</a> for more information.<br>
> >>><br>
> >>><br>
> >>> bind-users mailing list<br>
> >>> bind-users@lists.isc.org<br>
> >>> <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
> --<br>
> Visit <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
><br>
> ISC funds the development of this software with paid support subscriptions. Contact us at
<a href="https://www.isc.org/contact/">https://www.isc.org/contact/</a> for more information.<br>
><br>
><br>
> bind-users mailing list<br>
> bind-users@lists.isc.org<br>
> <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
> --<br>
> Visit <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
><br>
> ISC funds the development of this software with paid support subscriptions. Contact us at
<a href="https://www.isc.org/contact/">https://www.isc.org/contact/</a> for more information.<br>
><br>
><br>
> bind-users mailing list<br>
> bind-users@lists.isc.org<br>
> <a href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</div>
</span></font></div>
</body>
</html>