It should be something else than .local, as mDNS is using that (see
Section 3 of
http://tools.ietf.org/html/draft-cheshire-dnsext-multicastdns-14). Use
of .local in unicast DNS and mDNS creates some problems (see
http://avahi.org/wiki/AvahiAndUnicastDotLocal)
I have a similar setup like John in the Lab (using FreeBSD machines and
BIND).
I have two separate DNS severs, one for IPv4 transport and one for IPv6
transport. Both resolve AAAA and A addresses. Both resolve local hosts:
The IPv4 DNS resolves all hosts in the Lab, and all names are visible
form the Internet, while the IPv6 DNS resolves only a few hosts
(manually entered) using the same domain as the IPv4 hosts, but they're
not visible from the Internet.
I'm using SLAAC and RFC6106 (obsoletes RFC5006) to advertise the IPv6
DNS and a DNS search list, which consists of the domain the hosts are
in. The IPv4 DNS is set up manually, but I've tested it with DHCP
assigned DNS as well, and it's just the same.
The result is that on my client I have 4 DNS servers, 1 IPv6 and 3 IPv4.
Now if I resolve a host in the Internet, it goes via IPv6 transport to
my IPv6 DNS which then goes via an other forwarder etc. until the name
is resolved. No problem there, most of the time.
In unlucky cases the name can't be resolved, and it falls back using the
IPv4 DNS, until the name can be resolved, or until every DNS server has
been tried.
If I look up a local host, it goes via IPv6 DNS and if it can't be
resolved (about 95% of the hosts can't), it will fall back to IPv4 DNS
and resolve the names.
But I see the problem: I'm using an authoritative BIND, not forwarding
requests for the "local" domain upstream, John's DNS server might
forward it.
And I think that's the real problem. I think users might really want to
use .whatever for their local domain rather than .local or something
predefined.
And what if a user gets a domain form their ISP, and the ability to
register one or two hosts via some web-interface, but can't push names
via local DNS? I'm sure that the user would still set up multiple hosts
using the very same domain fro local networking, but in that case he'd
have partial visibility from the Internet, the two hosts registered via
web-interface are visible, and the rest is not. How to deal with that?
Mat
On 10/09/11 05:19, Fred Baker wrote:
On Sep 9, 2011, at 12:16 PM, Ray Bellis wrote:
I don't personally think that "DNS existence tests" will be sufficient
- but ensuring that local nodes have their own private namespace (i.e.
".local") would avoid that.
yes
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
