.local was given to multicast dns, which is a completely different protocol, unfortunately.  i'd recommend a .admin or something like that.  Whether you use an internal TLD or not, you're probably going to want to set up internal dns servers forwarding to the internet, but intercepting whatever domain you want with either split-horizon or RPZ.  some routers have a limited ability to do this builtin.  the problem with .local is that if your client thinks .local is for mdns, it may try to use that protocol instead of normal dns, and then it may or may not fallback to regular dns, which at best creates delay and at worst breaks you.

On Wed, Nov 23, 2022 at 12:19 PM David Schwartz via PLUG-discuss <plug-discuss@lists.phxlinux.org> wrote:
I looked into this topic a while back and it’s a bit of a quagmire.

The general concensus I found was to use .local as your TLD as it has been reserved for that purpose. There are a few more, like .test, but .dev is a legitimate TLD run by Google.

I’ve talked with several people who set up their own DNS server on their intranet to respond to their own TLD so you don’t need to use the hosts file on every machine. I think most companies with multiple layers of firewalls take that approach because it won’t resolve the URLs across the firewall — public DNS will always return an error on the lookups.

-David Schwartz




On Nov 23, 2022, at 9:26 AM, Keith Smith via PLUG-discuss <plug-discuss@lists.phxlinux.org> wrote:



Hi,

As you know I am building a "home office" lab for PHP development and testing.  I was not satisfied with the research I completed on "non-routeable" domains for a private network made up of "non-routeable" domains.

In the distant past I used to use .dev for the TLD.  From what I am reading this is not a good idea.

According to https://www.rfc-editor.org/rfc/rfc8375.html one should use "home.arpa.".  They add a period to the end which I assume is the DNS domain name stop character when used in zone files.  Any thoughts?

I will not be using DNS.  My needs are so simple I will be adding the IP and domain name in my host file, at least for now.

I've read a lot about this subject.  Some say to use a registered domain with a subdomain that is on a private IP. I really do not want to commingle public and private assets on the same domain.

Any feedback is much appreciated!!

Thanks!!
Keith


---------------------------------------------------
PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss


--
James McPhee
jmcphe@gmail.com