name resolution

Xen list at xenhideout.nl
Thu Nov 23 18:58:30 UTC 2017 

Liam Proven schreef op 23-11-2017 18:23:
> On 23 November 2017 at 18:01, compdoc <compdoc at hotrodpc.com> wrote:
>> On 11/23/2017 09:58 AM, Xen wrote:
>> 
>>> Then, when .here becomes popular, they take that over too ;-).
>> 
>> 
>> I've switched to .lan
>> 
>> anyone know of troubles with that one?
> 
> Back when I ran my own LAN -- oh happy days -- I _think_ I picked that, 
> too.
> 
> I think that it's safe.
> 
> And, as Xen says... for now.

I just think it's another bad choice and it happens to have been pushed 
by mr. SystemD himself.

Yes, Lennart Poettering also maintains the Avahi packages.

It's the same kind of "Your opinions don't matter" approach that we see 
everywhere else.

He writes:

"   Please note: The line above makes nss-mdns authoritative for the
    .local domain. If you have a unicast DNS domain with the same name 
you
    will no longer be able to resolve hosts from it. mDNS and a unicast
    DNS domain named .local are inherently incompatible. Please contact
    your local admistrator and ask him to move to a different domain name
    since .local is to be used exclusively for Zeroconf technology.
    [26]Further information."

"is to be used"

Because they decide that.



This encroachment on personal liberty goes on everywhere.

Every router could just as easily deploy dnsmasq and have DHCP requests 
turn into name resolution as I have.

It solves the same problem and people need DHCP routers anyway.

Oh, but they try to get rid of that too of course.

In the end there will be no way left to run any personal server.

So of course Apple picked the most attractive name that everyone already 
used.

Microsoft used it, and Apple started using it.

It is the common choice.

And the above line is bollocks:

"mDNS and a unicast DNS domain named .local are inherently 
incompatible."

You could just as well let local dns supersede.

Yes that would cause leackage onto the internet.

But normally inside the home you have a router, and normally you use the 
router as a proxy for DNS.

So the router might just as well block .local requests from getting out.

Again, different solution to the same problem, and a lot nicer.

Something that's actually respectful of people's choices.

/End rant.





I mean it is really this simple:




# do not use /etc/resolv.conf, because it points to ourselves.
no-resolv

# attach suffix to hostnames
expand-hosts

# do not forward plain names to upstream servers (no use)
domain-needed

# do not forward reverse lookup for 192.168.1.0/24 to upstream servers 
(no use)
bogus-priv

# references the DNS server to forward to
server=8.8.8.8

# tells what domains to answer for, instead of forwarding:
local=/local/

More information about the ubuntu-users mailing list