Re: Dot Local Domains

Top Page
This message is part of the following thread:
M+-\the complete thread tree sorted by date
MM\MJames Mcphee via PLUG-discuss at <-
MMMRyan Petris via PLUG-discuss at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Steve Litt via PLUG-discuss
Date:  
To: plug-discuss
CC: Steve Litt
Subject: Re: Dot Local Domains
Keith Smith via PLUG-discuss said on Sat, 29 Oct 2022 08:07:03 -0700

>Hi,
>
>For some reason .local popped into my head this morning. From what I
>read it appears I may be able to create an Intranet that has a private
>domain name such as MyBusiness.local, on a private IP, and I am
>thinking I can run BIND and make a zone file for this Intranet.

For the last 20 years the LAN in my house has TLD .cxm. I chose .cxm
specifically because there's no such TLD in the global DNS.

I use unbound instead of bind. The following is my unbound.conf:

##########################################################
### BE SURE to use unbound-checkconf
### before enabling a changed conf file!

#FORWARD-ZONE SECTION!!!!!!!!!!!!!!!!
# The following is how you query google DNS instead of root servers
# I chose to query the root servers and commented it out.
#forward-zone:
#name: "."
#forward-addr: 8.8.8.8
#forward-addr: 8.8.4.4


#REMOTE-CONTROL SECTION!!!!!!!!!!!!!!
# Enable use of unbound-control
# Remote control is very, very useful
# Use judgement re security
# Use doublequotes on filenames, unbound should read them
# from /etc/unbound
# Create keys and certs by running unbound-control-setup
remote-control:
control-enable: yes
control-use-cert: yes
server-key-file: "unbound_server.key"
server-key-file: "unbound_server.key"
server-cert-file: "unbound_server.pem"
control-key-file: "unbound_control.key"
control-cert-file: "unbound_control.pem"



#SERVER SECTION!!!!!!!!!!!!!!!!!!!!!!
server:
use-syslog: yes

# Use 192.168.0.2 so whole WAN can use it
ip-address: 192.168.0.102

# Guard against future default changes: no systemd ever!
use-systemd: no

# Speed UDP
so-reuseport: yes

# use all CPU cores, I have 1 CPU with 2 cores
num-threads: 2

# power of 2 close to num-threads
msg-cache-slabs: 2
rrset-cache-slabs: 2
infra-cache-slabs: 2
key-cache-slabs: 2

# more cache memory, rrset=msg*2
rrset-cache-size: 100m
msg-cache-size: 50m

# more outgoing connections
# depends on number of cores: 1024/cores - 50
outgoing-range: 450

# Larger socket buffer.
# OS may need config, so I don't use it
#so-rcvbuf: 4m
#so-sndbuf: 4m

# Faster UDP with multithreading (only on Linux).
so-reuseport: yes

# ROOT HINTS STUFF TO FIND ROOT DNS SERVERS
# /etc/unbound/root.hints refreshed by following command
# Update every six months
# No (default) or old root-hints make slow lookups
# curl -o /etc/unbound/root.hints \
# https://www.internic.net/domain/named.cache
root-hints: /etc/unbound/root.hints

### AUTH DNS on subnet, no separate AUTH srvr needed
local-zone: "cxm." static
local-data: "littlinks.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 littlinks.cxm"
local-data: "robert.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 robert.cxm"
local-data: "litt.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 litt.cxm"
local-data: "troubleshooters.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 troubleshooters.cxm"

local-zone: "littlinks.cxm." static
local-data: "www.littlinks.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 www.littlinks.cxm"
local-data: "cz3.littlinks.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 cz3.littlinks.cxm"



local-data: "stylz.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 stylz.cxm"
local-zone: "stylz.cxm." static
local-data: "www.stylz.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 www.stylz.cxm"

local-zone: "troubleshooters.cxm." static
local-data: "www.troubleshooters.cxm. IN A 192.168.0.2"
local-data-ptr: "192.168.0.2 www.troubleshooters.cxm"

# Other stuff, see
# https://www.tecmint.com/setup-dns-cache-server-in-centos-7/
# Enable dig command with allow_snoop
#access-control: 0.0.0.0/0 allow_snoop
access-control: 0.0.0.0/0 deny
# access-control: 192.168.0.236/30 allow
access-control: 192.168.0.0/24 allow
access-control: 127.0.0.0/8 allow

local-zone: "168.192.in-addr.arpa." nodefault #FANTASTIC MAGIC!

stub-zone:
name: "mydesk."
stub-addr: 192.168.0.2
stub-zone:
name: "home.lan"
stub-addr: 192.168.0.2

stub-zone:
name: "0.168.192.in-addr.arpa."
stub-addr: 192.168.0.2
##########################################################

The preceding works but I think it has has a lot of unnecessary stuff
and non-customary ways of doing things, but it gives you the flavor of
what I'm doing with .cxm. As long as the global system doesn't contain
a .local, I'm sure you can use .local the same way I use .cxm. I chose
.cxm because it looks a lot like .com. I write technical books and
wanted examples that are glancible but cannot hit real servers on
the Internet.

SteveT

Steve Litt
Summer 2022 featured book: Thriving in Tough Times
http://www.troubleshooters.com/bookstore/thrive.htm
---------------------------------------------------
PLUG-discuss mailing list:
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Dot Local DomainsRe: Dot Local Domains->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)