I’ve wanted to install pihole so I can access my machines via DNS, currently I have names for my machines in my /etc/hosts files across some of my machines, but that means that I have to copy the configuration to each machine independently which is not ideal.
I’ve seen some popular options for top-level domain in local environments are *.box or *.local.
I would like to use something more original and just wanted to know what you guys use to give me some ideas.
do not use
.local, as tempting as it may beuse
.homepersonally“.home.arpa” for A records.
I run my own CA and DNS, and can create vanity TLDs like: a.git, a.webmail, b.sync, etc for internal services. These are CNAMEs pointing to A records.
RFC 6762 defines the TLDs you can use safely in a local-only context:
*.intranet
*.internal
*.private
*.corp
*.home
*.lanBe a selfhosting rebel, but stick to the RFCs!
How do you get https on those though? A lot of random stuff requires https these days.
https is not a problem. But you’ll need an internal CA and distributed its certificate to your hosts’ trust store.
I mean… I use xtremeownage.com
But, ya know… I own it. Although, I use a few subdomains for my home-network, with a split-horizon DNS setup.
If you want to avoid problems, use TLD that are assigned for this purpose, for example
.home.arpaor.homeor.lanor.privateetc.Avoid using
.localbecause its already used by mDNS.I own both mydomain.com as well as mydomain.me. I use the *.me as my local domain and *.com for the real world.
I own lastname.me and lastname.dev and everything public is lastname.me and everything local ist lastname.dev. I don’t have a VPS anymore so the .me domain is a bit useless and only relevant for emails these days but I’d have something like nc.lastname.me for my public next cloud instance and docs.lastname.dev for my paperless instance that I don’t want to have on somebody else’s machine.
Why use a different domain for local as external?
maybe not directly answer for you, but I just literally bought 4 domains for 3 euro per year (renews at the same price!) 5 minutes ago :D.
The catch - it has to be 9 numbers.xyz (see https://gen.xyz/1111b for details).
lastname. systems
I used to own lastname.cloud and foolishly let that expire. Its one of my biggest regrets.
i have owned a .com since 1997. i use that.
I own both `mydomain.com` and `mydomain.net`, and the `.net` is all my internal services (eg `homeassistant.mydomain.net`). The public `.com` domain I use exclusively for email and a static site.
I had some old employer with a similar segmentation so it just made sense to me ¯\_(ツ)_/¯
.damo
I’ve never used DNS in my local network (because it’s additional burden to support, so I tried to avoid it), but couple of month ago when I needed several internal web-sites on standard http port, I’ve just came up with “localdomain.”
Yep, it’s non-standard too, but probability of it’s usage of gTLD is lowest among all other variants because of it’s usage in Unix world and how non-pretty it is :)
If DNS is a burden to support you’re doing it wrong. I set it up once and haven’t touched it since. Everything new that gets added “just works”.
It’s not like DNS is a huge burden by itself, it’s just approach of avoiding creation of critical services unless they become necessary. Because infrastructure around them is a burden: they needs additional firewall rules on middleboxes, monitoring, redundancy, IaC, backups etc.
I don’t fully follow that but like I said, sounds like you’re doing it wrong if you have to alter firewall rules every time you add a host because of DNS issues.
I am not speaking about maintainance of DNS zones (that’s easy), but about maintanance of authoritative DNS servers.
*.oob.mydomain.tld
I use >!.cunt!< for my local TLD. Stands for Can’t Use New Technologies from IT Crowd.
It makes it comnical when I let friends onto my wifi.