Stop using .local as the top level domain for your LAN

If you live in a country like mine, where most networks are not publicly routable, you’ve probably given your LANs whimsical names so that they don’t have any chance of colliding with “real” domains on the internet.  Of course, if you’re not pedantic (like me) you don’t bother to setup a DNS server since the network is not accessible from the outside anyway.  However, for the few of you who do setup DNS servers on your local area networks I have one request.  PLEASE PLEASE PLEASE do not use a .local top-level domain.  I use .lan, and so should you.

The .local domain is what is called a pseudo-top-level domain.  What does that mean? It means that it’s not an official top level domain usable (routable) on the internet, but it has a semi-official standing because it is used in some applications.  In the case of .local it is used by the Multicast Domain Name Service (mDNS).  Hosts that implement this service use .local as their domain names and have their own way of resolving names.  Normally, this wouldn’t be a problem; however, if you also implement DNS on your network with .local as the top-level domain it will cause serious name resolution issues.  I’ve seen this happen a lot on Linux systems, and I imagine Apple’s OS X will probably have these issues as well.  Usually, on these types of networks you find that DNS name resolution doesn’t work at all or works only some of the time.  In the end, you end up having to use ip addresses all the time because you don’t know whether a name might resolve or not (which negates the whole point of having a DNS server in the first place).

So, instead of naming your PCs server.mycompany.localboss.mycompany.local, and sec.mycompany.local, use server.mycompany.lanboss.mycompany.lan, and sec.mycompany.lan.  I’ve been doing it for many years and haven’t had  any problems.


P.S. – Please, also make sure to turn recursion off on your DNS server so that you don’t clog the internetz with spurious DNS requests for hosts on your internal domain.


www Prefix No Longer Considered Mandatory

Lately I’ve been noticing a lot of ‘.et’ websites require you to type ‘www’ in front of the domain name for the website to come up.  This used to be OK during the early days of the internet when everybody was hand crafting html in Notepad and Altavista was the search engine of choice.  Not any more. In an age where’’ works just as well as ‘’ (and is in fact considered common sense) this seems rather counter-intuitive to me.  So , here’s my modest contribution to making the Ethiopian web just a bit more user-friendly.

When you come down to it, it’s actually rather easy.  You just have to define an additional resource record for the domain that points to the same IP Address as your ‘www’ record.  But before we get to that let’s look at the basic structure of a zone file first.

A zone file consists of directives, resource records, and comments. The first thing in your zone file, other than comments, should be a $TTL directive. This should be followed by an $ORIGIN directive and an SOA record.

$TTL 24h
@    IN    SOA (
                           2012091601   ;serial
                           1d           ; refreesh
                           15           ; update
                           3w           ; expiry
                           3h           ; negative TTL

Make note of the origin directive in the above snippet.  This is crucial to what we will be doing next.  This directive is used to determine the fully qualified domain name (FQDN) of an unqualified resource.  Basically, it means that when we encounter a name in the zone file that doesn’t end with a dot ‘.’ the origin will be tacked on at the end of it.  For the above example ‘www’ would become ‘’  If your zone file doesn’t have an $ORIGIN Bind will substitute the zone name from the named.conf configuration file.

Next, we have our DNS and mail servers:

               IN        NS
               IN        NS
               IN        MX 10

Lastly, we define resource records for each of the hosts in our domain.  In our case we will define only 2 records: one for ‘’ and another one for ‘’.

@        IN        A
www      IN        A

The magic happens in the first line.  The ‘@’ label is replaced by the value in the $ORIGIN directive. So, effectively the last two lines could also be written as:  IN        A
www              IN        A

Since, both names point to the same IP Address typing ‘’ in the address bar of your browser has the same effect as ‘’.

Desktop Linux is Dead. Again.

Here we go again. Without fail approximately every six months someone proclaims that Linux on the Desktop is dead (not to be confused with the other perennial favorite: BSD is dead). This time it’s Miguel. And there are plenty of rebuttals.  Not content to sit on the side lines, and seeing as I have this brand new blog to populate with fascinating, insightful, thought-provoking, captivating content I thought I might give you the tl;dr version:

Linux (especially the Desktop bits) is built by hackers for hackers.  Hackers needed a gui so it got a gui. Hackers needed to play music so it got a sound system. Hackers needed to download pr0n on their neighbor’s wifi so it got a wifi stack.  Now, when I say “it got a gui and a sound system, etc”, I mean it in the sense that a Formula 1 race car may have a steering wheel and brakes but it ain’t for your average driver.  Almost everything (mostly) worked most of the time, but you still had to set aside at least a few days to play around with alternate drivers and patch files every time your distro-of-choice upgraded to the next minor release (for my sanity– and yours– we won’t mention upgrades to major releases).  Then OS X happened. Suddenly, the hackers didn’t have to futz with alternate drivers and source patches anymore. And they found they could actually do useful work with all the time this freed up.  So, most of them bought Macs and got on with their lives.  The rest of us can’t afford Macs.  Ergo, Desktop Linux is not dead.

(ሰላምታ) Hello world!

Welcome to my brand-spanking-new blog!  I’m a programmer slash tech enthusiast and I’d like to use this blog as a home on the internetz where I can put down my thoughts on programming, FreeBSD, Ubuntu, Python, Django, OpenERP, and current events in the tech industry.

Hopefully, this will not be my last post.