• @reddig33
    link
    3011 months ago

    .local already exists. More idiocy from ICANN.

    • Pup Biru
      link
      fedilink
      36
      edit-2
      11 months ago

      .local exists for a very specific reason and it’s not meant to be used by regular DNS… people use it for alternate things, but it’s reserved for mDNS

      if .internal were to be added, we could start using that instead of overloading!

    • @LordCrom
      link
      19 months ago

      .local is a bad choice especially if you have any MAC hosts on the network.

      There is an RFC about that, but I’m too sleepy to goook it up

  • Possibly linux
    link
    fedilink
    English
    21
    edit-2
    11 months ago

    Please no

    It would be nice to figure out a way to get local SSL certs for .lan and .local domains though.

    • Justin
      link
      fedilink
      English
      1311 months ago

      I just use a subdomain of my main domain and use dns validation of let’s encrypt.

      • Possibly linux
        link
        fedilink
        English
        711 months ago

        That requires outside authentication though. I think it would be cool to incorporate some SSL into dhcp

        • @[email protected]
          link
          fedilink
          English
          1111 months ago

          That will never happen. SSL is based on trust, and the trust root will never blindly delegate to whatever happens in random LANs. Subdomain is 100% the right approach for internal network.

          • @[email protected]
            link
            fedilink
            2
            edit-2
            11 months ago

            It can and has already happened. You can make your own root ca. Internal domains need internal root cas. Is it a pia to setup yes. Do I have it installed on my unrooted android phone and linux computers? Yes.

            Edit: I didn’t see the dhcp part. But you can still make your own root ca

        • Fontasia
          link
          fedilink
          411 months ago

          The maintainers of DHCP can’t even be bothered standardising a query to check if an address is currently in use, doubt they could take on being a CA at the same time

    • @[email protected]
      link
      fedilink
      111 months ago

      You can do this, I already use .internal and you can male your own root ca and make your own certificates with that

  • @theit8514
    link
    1811 months ago

    If only they had done this with .local ages ago. Still, it’s a nice change, but I doubt my company will adopt.

      • RedFox
        link
        fedilink
        311 months ago

        For real. Once Google and others started killing DNS lookups in mobile devices, think about how many legacy networks had to get rebuilt.

        Maybe we could all just make up our minds.

        • mozz
          link
          fedilink
          511 months ago

          Honestly the whole fabric of the internet, how email/SMTP and DNS and things work, is just a relic of an earlier time. I honestly think the money-men have their hands deep enough into the workings at this point that you wouldn’t be able to create something like those things today and have them go anywhere. I’m surprised that it all still works as well as it does.

          • R0cket_M00se
            link
            English
            111 months ago

            You mean the OSI and TCP/IP models? Or just specifically TCP/UDP ports?

            • mozz
              link
              fedilink
              511 months ago

              No, I was talking about the shared infrastructure. SMTP, DNS, ICANN, things like that require a level of cooperation and shared investment in the whole thing working well, not really because anyone’s going to “win” the business game by running it to their particular advantage. That’s a very alien way of thinking on the modern internet. The equivalent today would be something like massive publicly available caching web proxies that anyone could use as a big reverse-CDN to speed up their web access that were just kind of provided to everyone, government-funded, just sitting out there as a public resource. You know, like communism.

              I’ve heard network engineers say they had a lot of trouble talking to their bosses about “peering” (setting up routes between two ISPs that happen to have operations close to each other, so they can hand traffic off to each other if it’d be more efficient to use the other guy’s routes and both networks get more efficient to operate). They said they had a lot of trouble explaining the concept to the business people. They pay us for service? Fine. We pay them for service? Fine. We provide service to each other and both of us benefit without any money being involved? Plt… bzzt… I give up, I don’t get it. Who gets paid? Why do we do this?

              They’ve lost sight of the idea that it’s a good thing to set up the world in a nice well working way (for everyone, including yourself), and just focused on how they can make their check bigger even if there’s no point, or even if everything gets worse as a result.

    • @breadsmasher
      link
      English
      211 months ago

      Just out of curiosity, does your company use a different TLD or something more arbitrary/just an IP?

    • @[email protected]
      link
      fedilink
      311 months ago

      Explain what’s wrong with this. I’m out of the loop, seems like a good idea to me at first glance.

      • @[email protected]
        link
        fedilink
        9
        edit-2
        11 months ago

        It’s the SPOF for most of the internet, it’s function should be democratic and distributed.

        Registering TLDs costs absurd amounts of money last I checked.

  • @Shadywack
    link
    English
    211 months ago

    Porn sites would like this.

  • @[email protected]
    link
    fedilink
    English
    110 months ago

    I have clients that use internal, but they do it as a subdomain; so internal.contoso.com

    Any internal only domains that I set up are probably going to go the same way. I’ve used domain.local previously, and the DNS headache I get from that is immeasurable.

    With so many things going “to the cloud” or whatever, the internal.domain.tld convention tends to make more sense to me.

    What’s everyone else doing?