I’ve wanted to install pihole so I can access my machines via DNS, currently I have names for my machines in my /etc/hosts files across some of my machines, but that means that I have to copy the configuration to each machine independently which is not ideal.
I’ve seen some popular options for top-level domain in local environments are *.box or *.local.
I would like to use something more original and just wanted to know what you guys use to give me some ideas.
RFC 6762 defines the TLDs you can use safely in a local-only context:
*.intranet
*.internal
*.private
*.corp
*.home
*.lanBe a selfhosting rebel, but stick to the RFCs!
How do you get https on those though? A lot of random stuff requires https these days.
https is not a problem. But you’ll need an internal CA and distributed its certificate to your hosts’ trust store.
do not use
.local, as tempting as it may beuse
.homepersonally“.home.arpa” for A records.
I run my own CA and DNS, and can create vanity TLDs like: a.git, a.webmail, b.sync, etc for internal services. These are CNAMEs pointing to A records.
.box since it’s recognized as valid TLD by many devices. Never use .local it’s reserved for multicast DNS.
I use .test a lot in my sandbox environments
In home decided to use .dot because for some reason chrome and chromium based do not automatically redirect it to https ,(at least for now) when you just type in the address in address bar, and do not redirect to search. So much more comfortable… why?.. ok, it maybe break access to all .dot sites but I never see something for me in that zone so so don’t care
Everything at my house has a TLD named after the road I live on (a founding father last name). Everything at my offsite at my dads house uses TLD named after the road he lives on (a woman’s first name).
It’s both arbitrary and practical. A number systems exist at both such as proxmox. truenas. pihole. plex. So it’s a good way to tell them appart without having to differentiate them in the domain name.
I use *.mydomain.dev cos I’m a dev… Got it for public access but ended up using locally as well because it’s more convenient.
I use `.home.arpa` as that is the “official” use of that domain.
https://datatracker.ietf.org/doc/html/draft-chapin-rfc2606bis-00
I use .host because .internal is too long to type and .local is a pita, but mostly because the browser actually tries to go there instead of some stupid search engine that tracks that kind of info and I don’t have to remember to put a slash at the end.
I use home.arpa as the base dns as that play very well and are the official standard, then I have a domain for my reverse proxy. Of course I can use that domain for the whole network, but I like to split it up
.local
I read the answers and I am wondering if I should change what I do.
I use the exact same domains and sundomains internally and externally. I simply have a DNS internally that will answer requests with local IP.
So I don’t have to address my machines with a different name when I am outside or inside.
Can someone explain to me what I missed ?
I do this too. I don’t think it’s bad. Sometimes you can have weird issues. Only time I remember weirdness is I had wildcard enabled on public DNS. So if a local DNS wasn’t available it would always resolve to the public IP. Can be confusing.
I own a domain I purchased thru cloudflare.
public facing services are say xyz.mydomain.com
internal facing is xyz.local.mydomain.com
This was internal access pipes into pihole, DNS directs it to Traefik on my server, then to the internal service. Not internet dependent.
.lab