User wanting to use a .local domain to host DNS
I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? -- Hal King - h...@utk.edumailto:h...@utk.edu Systems Administrator Office of Information Technology Systems: Business Information Systems The University of Tennessee 103C5 Kingston Pike Building 2309 Kingston Pk. Knoxville, TN 37996 Phone: 974-1599 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
King, Harold Clyde (Hal) h...@utk.edu wrote: I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? Microsoft have recommended its use for sites that don't have a properly registered domain name. http://support.microsoft.com/kb/296250 Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
Hey there Hal, It doesn't look like .local is officially reserved (http://tools.ietf.org/html/rfc2606), but .localdomain definitely is. John John Miller Systems Engineer Brandeis University 781-736-4619 johnm...@brandeis.edu On 11/14/2012 10:02 AM, King, Harold Clyde (Hal) wrote: I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? -- Hal King - h...@utk.edu mailto:h...@utk.edu Systems Administrator Office of Information Technology Systems: Business Information Systems The University of Tennessee 103C5 Kingston Pike Building 2309 Kingston Pk. Knoxville, TN 37996 Phone: 974-1599 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
The .local TLD is reserved for link-local names, in the context of multicast DNS (mDNS), however, I don't think mDNS has progressed beyond the Internet Draft stage of the IETF Standards Track process. See http://www.multicastdns.org for latest updates. It would be imprudent to use .local for anything other mDNS, due to the possibility that mDNS might get on the Standards Track some day. Tell the user that there are billions of other private TLDs from which to choose. - Kevin On 11/14/2012 10:02 AM, King, Harold Clyde (Hal) wrote: I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? -- Hal King - h...@utk.edu mailto:h...@utk.edu Systems Administrator Office of Information Technology Systems: Business Information Systems The University of Tennessee 103C5 Kingston Pike Building 2309 Kingston Pk. Knoxville, TN 37996 Phone: 974-1599 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/14/2012 10:09 AM, Tony Finch wrote: King, Harold Clyde (Hal) h...@utk.edu wrote: I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? Microsoft have recommended its use for sites that don't have a properly registered domain name. http://support.microsoft.com/kb/296250 Tony. I do this at home with bind on Linux, except I use .localdomain instead of .local. It doesn't seem to treat it any differently than anything else, and since this is just one DNS server servicing a NAT'd network, nothing strange really CAN happen. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/EI-Academic Svcs. - ADMC 450, Newark -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCjtbwACgkQmb+gadEcsb5NMgCgxYAoLyaSf6wNMpq9TmprLr12 /vcAoIB2fBd6N9U0E0gPvzmLnUmdwZc4 =HXqq -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
On 11/14/2012 10:08 AM, Tony Finch wrote: King, Harold Clyde (Hal) h...@utk.edu wrote: I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? Microsoft have recommended its use for sites that don't have a properly registered domain name. http://support.microsoft.com/kb/296250 I stopped reading as soon as I saw the requirement to add a NetBIOS name, being overpowered by the stench of obsolescence. Does anyone actually run 2000 or 2003 versions of Microsoft products any more? Does Microsoft even support those versions? - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
rsa_sign.c:263
Hello, I started to see a flood of these errors after upgrading to the latest BIND 9.9.2: 14-Nov-2012 17:14:15.304 general: warning: RSA_verify failed 14-Nov-2012 17:14:15.304 general: info: error:04077068:rsa routines:RSA_verify:bad signature:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_sign.c:263: It's on FreeBSD 8.3-RELEASE-p4. It's probably related to DNSSec validation (the server has validation enabled), but I thought someone here might have a better idea about the exact cause. Thank you in advance. -- Daniel Ryšlink ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
At 07:15 14-11-2012, John Miller wrote: It doesn't look like .local is officially reserved (http://tools.ietf.org/html/rfc2606), but .localdomain definitely is. .localdomain is not reserved. Regards, -sm ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
Thanks for the catch--guess I was writing a little too quickly this morning. .localhost is reserved; .localdomain isn't. John On 11/14/2012 11:17 AM, SM wrote: At 07:15 14-11-2012, John Miller wrote: It doesn't look like .local is officially reserved (http://tools.ietf.org/html/rfc2606), but .localdomain definitely is. .localdomain is not reserved. Regards, -sm ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
On 14/11/12 15:39, Kevin Darcy wrote: I stopped reading as soon as I saw the requirement to add a NetBIOS name, being overpowered by the stench of obsolescence. Does anyone As per our recent thread, there's load of (recent, modern) stuff that still uses NetBIOS. Sadly. actually run 2000 or 2003 versions of Microsoft products any more? Yes. Does Microsoft even support those versions? No. But other vendors support products which only run on those versions. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
On 14/11/12 15:02, King, Harold Clyde (Hal) wrote: I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? Yes - going down this route is a mistake. Don't do it. I speak from personal experience. First, it conflicts with a possible future standardisation of mDNS. Second, if you ever need to bring the hosts into your real DNS at a future date, you'll find you've made your life really hard, needing DNSSEc trust anchors, forwarders/stub statements, and so on. Pick a private sub-domain of a *real* domain that *you* own e.g. if you are example.com, pick: sub.private.example.com ...and sidestep this at the planning stage. You can easily make that zone hidden by delegating it to nameservers which are only reachable from the appropriate places, or by using allow-query ACLs or similar. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
On 2012.11.14 10.02, King, Harold Clyde (Hal) wrote: I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? this is a bad idea, plain and simple. don't do it. .local is reserved [as others have mentioned] for mdns/zeroconf, and while there may still be some undulation in the various documents which standardize it, it is in active, relatively prevalent use today. i repeatedly see demonstrable, reproducible problems which manifest in mysterious symptoms to those who do not understand the difference between dns and name resolution. while dns itself does not care in the slightest what string a person might choose to use in a label [given of course the constraints of character sets in general], the various name resolution mechanisms used by a system's stub resolver/libraries risk being short circuited [dependent on the specifics of the configuration] by the mdns resolution mechanism if there is a .local reference. while there are no formally established private tlds, the closest thing to a consensus is to user either .site or .internal for this sort of thing. that being said - i question the necessity of a special internal domain. not only is it likely to generate confusion for users, rarely is this truly necessary, with the trivial expense of domain names [not to mention the probability of existing ownership anyway] and mechanisms like split horizon/views. -ben ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Bind 9.9.2 ADB Question
Just upgraded to 9.9.2 today and am seeing the following in syslog for the first time: Nov 14 15:08:58 local@mercury named[2920]: [ID 873579 daemon.info] adb: grow_names to 6143 starting Nov 14 15:08:58 local@mercury named[2920]: [ID 873579 daemon.info] adb: grow_names finished I gather this is dynamic cache-memory allocation as it increases and decreases as needed. Is there are ARM entry that explains this? Thanks John Manson CAO/HIR/NAF Data-Communications | U.S. House of Representatives | Washington, DC 20515 Desk: 202-226-4244 | TCC: 202-226-6430 | john.man...@mail.house.gov ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: User wanting to use a .local domain to host DNS
On 14/11/12 17:50, btb wrote: On 2012.11.14 10.02, King, Harold Clyde (Hal) wrote: I'm a bit confused by a user request. I think he is trying to keep some hosts on the private side of DNS, but he wants to use a DNS name like host.sub.local. I do not know of the use of the .local TLD except in bonjure. Can anyone shed some light on the use of the .local TLD? this is a bad idea, plain and simple. don't do it. .local is reserved [as others have mentioned] for mdns/zeroconf, and while there may still be some undulation in the various documents which standardize it, it is in active, relatively prevalent use today. i repeatedly see demonstrable, reproducible problems which manifest in mysterious symptoms to those who do not understand the difference between dns and name resolution. while dns itself does not care in the slightest what string a person might choose to use in a label [given of course the constraints of character sets in general], the various name resolution mechanisms used by a system's stub resolver/libraries risk being short circuited [dependent on the specifics of the configuration] by the mdns resolution mechanism if there is a .local reference. I did this one time long ago, with the result that all MACs in the network stopped working properly, they actually use that tld for their own purposes. Once I switched to .home, everything started to work again as expected. So as others said: Don't Do This! - at least if you value your sleep. while there are no formally established private tlds, the closest thing to a consensus is to user either .site or .internal for this sort of thing. that being said - i question the necessity of a special internal domain. not only is it likely to generate confusion for users, rarely is this truly necessary, with the trivial expense of domain names [not to mention the probability of existing ownership anyway] and mechanisms like split horizon/views. -ben ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Best regards Sten Carlsen No improvements come from shouting: MALE BOVINE MANURE!!! ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users