Stop using .local as the top level domain for your LAN

If you live in a country like mine, where most networks are not publicly routable, you’ve probably given your LANs whimsical names so that they don’t have any chance of colliding with “real” domains on the internet.  Of course, if you’re not pedantic (like me) you don’t bother to setup a DNS server since the network is not accessible from the outside anyway.  However, for the few of you who do setup DNS servers on your local area networks I have one request.  PLEASE PLEASE PLEASE do not use a .local top-level domain.  I use .lan, and so should you.

The .local domain is what is called a pseudo-top-level domain.  What does that mean? It means that it’s not an official top level domain usable (routable) on the internet, but it has a semi-official standing because it is used in some applications.  In the case of .local it is used by the Multicast Domain Name Service (mDNS).  Hosts that implement this service use .local as their domain names and have their own way of resolving names.  Normally, this wouldn’t be a problem; however, if you also implement DNS on your network with .local as the top-level domain it will cause serious name resolution issues.  I’ve seen this happen a lot on Linux systems, and I imagine Apple’s OS X will probably have these issues as well.  Usually, on these types of networks you find that DNS name resolution doesn’t work at all or works only some of the time.  In the end, you end up having to use ip addresses all the time because you don’t know whether a name might resolve or not (which negates the whole point of having a DNS server in the first place).

So, instead of naming your PCs server.mycompany.localboss.mycompany.local, and sec.mycompany.local, use server.mycompany.lanboss.mycompany.lan, and sec.mycompany.lan.  I’ve been doing it for many years and haven’t had  any problems.

 

P.S. – Please, also make sure to turn recursion off on your DNS server so that you don’t clog the internetz with spurious DNS requests for hosts on your internal domain.

www Prefix No Longer Considered Mandatory

Lately I’ve been noticing a lot of ‘.et’ websites require you to type ‘www’ in front of the domain name for the website to come up.  This used to be OK during the early days of the internet when everybody was hand crafting html in Notepad and Altavista was the search engine of choice.  Not any more. In an age where’ google.com’ works just as well as ‘www.google.com’ (and is in fact considered common sense) this seems rather counter-intuitive to me.  So , here’s my modest contribution to making the Ethiopian web just a bit more user-friendly.

When you come down to it, it’s actually rather easy.  You just have to define an additional resource record for the domain that points to the same IP Address as your ‘www’ record.  But before we get to that let’s look at the basic structure of a zone file first.

A zone file consists of directives, resource records, and comments. The first thing in your zone file, other than comments, should be a $TTL directive. This should be followed by an $ORIGIN directive and an SOA record.

$TTL 24h
$ORIGIN example.com.et.
@    IN    SOA example.com.et root.example.com.et (
                           2012091601   ;serial
                           1d           ; refreesh
                           15           ; update
                           3w           ; expiry
                           3h           ; negative TTL
                                 )

Make note of the origin directive in the above snippet.  This is crucial to what we will be doing next.  This directive is used to determine the fully qualified domain name (FQDN) of an unqualified resource.  Basically, it means that when we encounter a name in the zone file that doesn’t end with a dot ‘.’ the origin will be tacked on at the end of it.  For the above example ‘www’ would become ‘www.example.com.et.’  If your zone file doesn’t have an $ORIGIN Bind will substitute the zone name from the named.conf configuration file.

Next, we have our DNS and mail servers:

               IN        NS    ns1.example.com.et.
               IN        NS    ns2.example.com.et.
               IN        MX 10 mail.example.com.et.

Lastly, we define resource records for each of the hosts in our domain.  In our case we will define only 2 records: one for ‘www.example.com.et’ and another one for ‘example.com.et’.

@        IN        A        10.0.0.1
www      IN        A        10.0.0.1

The magic happens in the first line.  The ‘@’ label is replaced by the value in the $ORIGIN directive. So, effectively the last two lines could also be written as:

example.com.et.  IN        A        10.0.0.1
www              IN        A        10.0.0.1

Since, both names point to the same IP Address typing ‘example.com.et’ in the address bar of your browser has the same effect as ‘www.example.com.et’.