There are many DNS names options. Which one do you use?

  • VerifiablyMrWonka
    link
    fedilink
    35
    edit-2
    1 year ago

    I just bought an actual domain and use that 😅

    As an added bonus, letsencrypt works with no effort.

    • masterX244
      link
      fedilink
      31 year ago

      same. saved my ass already a few times when doing some reverseengineering voodoo. being able to set a valid https cert makes it easier to redirect apps than to bypass forced HTTPS. had to pretend to be a update server for something once and patching the URL was enough via getting a cert quickly (using DNS-01 challenge, no exposed ports ever)

  • @[email protected]
    link
    fedilink
    English
    191 year ago

    You shouldn’t use .local for your manually defined local domain names if you plan to ever use mdns/avahi/bonjour/zeroconf.

    • Mr_Figtree
      link
      fedilink
      101 year ago

      And .box has been registered as a generic TLD now, so you could run into external .box domains.

      • Perhyte
        link
        English
        81 year ago

        Hopefully AVM gets to register fritz.box then, because they’ve been setting up their customers with that as their internal domain for ages…

    • Meow.tar.gz
      link
      fedilink
      English
      21 year ago

      I actually use .lan for an internal domain but I guess I could use a real domain with the DNS-01 challenge and have real internal certificates. I had not thought about that until just now.

  • redcalcium
    link
    fedilink
    English
    19
    edit-2
    1 year ago

    According to IETF, you should only use .intranet, .internal, .private, .corp, .home or .lan for your private network ( RFC 6762 Appendix G ). Using other TLDs might cause issues in the future, especially since new gTLDs seems to show up every few months or so, which can collide with the TLD you use for your local network.

      • redcalcium
        link
        fedilink
        English
        2
        edit-2
        1 year ago

        Interesting, so this is the latest recommendation? Which is probably why I haven’t seen it in the wild yet, at least in my circles.

        Which means they probably going to cash out release gTLDs for .intranet, .internal, .private, .corp, .home and .lan soon…

    • @vegetaaaaaaa
      link
      English
      5
      edit-2
      1 year ago

      A problem with the .lan TLD (maybe others from this list) is that web browsers do not consider it a TLD when you type it in the address bar, and only show you the option to search for that term in your default search engine. You have to explicitly type https:// before it, to have the option to visit the URL.

      E.g type example.com in the address bar -> pressing Enter triggers going to https://example.com. Type example.lan -> pressing Enter triggers a search for example.lan using your default search engine.

      • distantorigin
        link
        fedilink
        171 year ago

        Little known trick–or perhaps everyone knows it and is quietly laughing behind my back–with Chromium browsers and Firefox (and maybe Safari, I’m not sure), you can add a slash to the end of an address and it will bypass the search.

        So, for example, my router on the LAN goes by the hostname “pfsense”. I can then type pfsense.lan/ into my address bar and it will bring me to the web UI, no HTTP/s needed.

    • Kata1yst
      link
      fedilink
      21 year ago

      I can vouch for the fact that .local stopped working suddenly in most browsers a year or two ago, I was forced to migrate to .internal

  • Walter_Ego
    link
    fedilink
    English
    121 year ago

    i use my external zone name but have an internal view of the zone inside my lan so records point to local ips.

      • Meow.tar.gz
        link
        fedilink
        English
        21 year ago

        Ah that’s a really good point. I will have to Google this so I can learn how it is done in iptables because I’ve only ever done it with pf on OpenBSD.

      • @[email protected]
        link
        fedilink
        English
        11 year ago

        I’ve never experienced any issues so far, the devices should be flushing the cache on network change in theory.

    • @InverseParallax
      link
      English
      31 year ago

      I use subdomains, i.<external domain>, w.<ext> for wifi, few others for vms and containers.

      With wireguard everything just works, and wireguard overhead over wireless is negligible even on wifi6.

      • Meow.tar.gz
        link
        fedilink
        English
        21 year ago

        I agree on WireGuard. It’s clearly the winner in terms of speed for point to point VPN.

    • Kaan
      link
      fedilink
      English
      21 year ago

      Same, I achieve this with Adguard DNS rewrite.

    • @TheInsane42
      link
      English
      2
      edit-2
      1 year ago

      Same here. I have several domains, one is used for servers and email, 2nd for websites, 3rd for messing around (test setups) and a 4th is almost unused now, but with the demise of twitter and reddit I’m thinking of using that one for the fediverse (it’s my username in national tld).

      BTW internal and external dns run on different systems and all private zones are dnssec signed. (Loved the challenge on setting that up correctly)

    • @tiwenty
      link
      English
      21 year ago

      Exactly the same. I’d like to add that my devices still get a .lan TLD from the router.

  • KairuByte
    link
    English
    101 year ago

    *.internal.domain.name since ssl certs are easier to get when you’re using an owned domain name.

  • @[email protected]
    link
    fedilink
    English
    81 year ago

    There’s a draft rfc that defines “.home.arpa” as an internal. It looks stupid and totally misses the point, but works.

  • @aezart
    link
    English
    71 year ago

    I use a subdomain of a domain name I own.

  • @[email protected]
    link
    fedilink
    English
    61 year ago

    I bought a .com for like $10 CAD from Cloudflare that uses a URL not linked to me.

    Maybe overly paranoid, but it also makes it easy to get SSL certificates for my lab.

  • @[email protected]
    link
    fedilink
    English
    5
    edit-2
    1 year ago

    For local DNS home.arpa is I think what we’re ‘supposed’ to use, but I use .lan

    Only use another domain name if you actually have it registered, like myname.net or something. As a bonus you can then get a wildcard letsencrypt SSL cert for easy HTTPS.

      • @[email protected]
        link
        fedilink
        English
        31 year ago

        Because of interference with existing domains. Say you set a computer on your network to mypc.google.com, that won’t work because the DNS server will lookup google.com as an external domain.

    • Meow.tar.gz
      link
      fedilink
      41 year ago

      That will work fine so long as you don’t need services like Avahi and mDNS.

  • @[email protected]
    link
    fedilink
    English
    31 year ago

    I use either .home or an actual domain that I own (makes it easy for https certs and not having to go out of the network and back in)

  • @[email protected]
    link
    fedilink
    English
    31 year ago

    I use .lan for everything the router can resolve names for, and .local for Avahi mDNS 😈

  • Krafting
    link
    English
    31 year ago

    server.home for my part