Phil Mayers <p.may...@imperial.ac.uk> writes: > On 14/11/12 15:02, King, Harold Clyde (Hal) wrote: >> I'm a bit confused by a user request. I think he is trying to keep some >> hosts on the private side of DNS, but he wants to use a DNS name like >> host.sub.local. I do not know of the use of the .local TLD except in >> bonjure. Can anyone shed some light on the use of the .local TLD? > > Pick a private sub-domain of a *real* domain that *you* own e.g. if > you are "example.com", pick: > > sub.private.example.com
>From my experience I recommend the solution Phil is describing. While using a private top level domain is technical possible, I have seen too many DNS admins that do not understand the implications and end up with a system that is a burden for the local network and as well a burden for the root-server system in the Internet. Look at the DSC graphs of l.root-servers.net for invalid TLDs requested <http://dns.icann.org/cgi-bin/dsc-grapher.pl?window=86400&node=ams01&plot=qtype_vs_invalid_tld&server=L-root-Europe> '.local" is the 4th most queried domain name (after localhost, com and net), but it should not exist at all in the Internet (or queries should not reach the root server system). You see "corp", "intern" and "intra" as well in the top 20 list. Failing to operate a private TLD correctly is causing internal data leaking to the Internet, which could be a security risk but in all cases is a burden on the root server system. A private subdomain of a delegated DNS domain owned by the company (organization, individual) is much more save, and simpler to setup, and serves the same purpose. -- Carsten _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users