1 |
On 12/17/2017 09:05 PM, Peter Humphrey wrote: |
2 |
> Hello list, |
3 |
> |
4 |
> I've been running Linux systems since 1994, calling my private LAN mynet |
5 |
> (bowdlerised). Now I come to install neth server on one machine, it insists |
6 |
> that I tell it a domain name with at least two dots in it. But I don't have |
7 |
> a standard TLD. |
8 |
> |
9 |
> What do you all call your local LANs? Following Google hints, it looks as |
10 |
> though I may have to change all .mynet references to .mynet.internal. |
11 |
|
12 |
You should probably buy a TLD. It's stupid, but there are no reserved |
13 |
top-level domain names for internal use. There used to be four[0], |
14 |
|
15 |
* test |
16 |
* example |
17 |
* invalid |
18 |
* localhost |
19 |
|
20 |
There was no proscribed behavior for those TLDs, so you were free to use |
21 |
them for your internal network. Then along came rfc6761[1], which tells |
22 |
people how to treat those four names. In particular, |
23 |
|
24 |
* anything.localhost is out, because users may assume that all |
25 |
addresses resolve back to the loopback interface (e.g. 127.0.0.1) |
26 |
|
27 |
* anything.invalid is out, because users may assume that the domain |
28 |
does not exist. |
29 |
|
30 |
* anything.example is out, because it's reserved for documentation. |
31 |
|
32 |
And that leaves you with "test." Using "test" isn't perfect, because |
33 |
caching resolvers may not support it: "Caching DNS servers SHOULD offer |
34 |
a configuration option..." But more importantly, having "test" on the |
35 |
end of all your production hostnames is stupid. |
36 |
|
37 |
So that really leaves you with... nothing. Don't use ".internal" or any |
38 |
other name that isn't reserved or that you don't own[2]. |
39 |
|
40 |
For now, your best option is to buy a domain. |
41 |
|
42 |
|
43 |
[0] https://tools.ietf.org/html/rfc2606 |
44 |
[1] https://tools.ietf.org/html/rfc6761 |
45 |
[2] |
46 |
https://isc.sans.edu/forums/diary/Stop+Using+internal+Top+Level+Domain+Names/21095/ |