I’ve wanted to install pihole so I can access my machines via DNS, currently I have names for my machines in my /etc/hosts files across some of my machines, but that means that I have to copy the configuration to each machine independently which is not ideal.
I’ve seen some popular options for top-level domain in local environments are *.box or *.local.
I would like to use something more original and just wanted to know what you guys use to give me some ideas.
“.home.arpa” for A records.
I run my own CA and DNS, and can create vanity TLDs like: a.git, a.webmail, b.sync, etc for internal services. These are CNAMEs pointing to A records.
RFC 6762 defines the TLDs you can use safely in a local-only context:
*.intranet
*.internal
*.private
*.corp
*.home
*.lanBe a selfhosting rebel, but stick to the RFCs!
How do you get https on those though? A lot of random stuff requires https these days.
https is not a problem. But you’ll need an internal CA and distributed its certificate to your hosts’ trust store.
do not use
.local
, as tempting as it may beuse
.home
personallymaybe not directly answer for you, but I just literally bought 4 domains for 3 euro per year (renews at the same price!) 5 minutes ago :D.
The catch - it has to be 9 numbers.xyz (see https://gen.xyz/1111b for details).
lastname. systems
I used to own lastname.cloud and foolishly let that expire. Its one of my biggest regrets.
For those using a pihole for .internal.example.com, how do you deal with DNSSEC on example.com? Or do you just not?
i have owned a .com since 1997. i use that.
I use .lan for anything local and my public domain is .net for anything publicly hosted.
I use >!.cunt!< for my local TLD. Stands for Can’t Use New Technologies from IT Crowd.
It makes it comnical when I let friends onto my wifi.
Technically every machine is supposed to have a registered TLD, even on a local network. That said, I use .lan
.local
is mDNS - and I’m using that, saves me so much hassle with split-horizon issues etc.I also use global DNS for local servers (AAAA records on my own domain), again, this eliminates split-horizon issues. Life is too short to deal with the hassle of running your own DNS server.
I had problems with .local because it’s used for MDNS and too lazy to figure out how that works so now I just use lan but I also own a .com domain so I have started to use that more
.damo
.uk, but it is an actual .uk that I’ve registered.
everything under *.home.mydomain.tld is reserved for internal use.
I use *.home.mydomain for publicly-accessible IPs (IPv6 addresses plus anything that I’ve port forwarded so it’s accessible externally) and *.int.mydomain for internal IPv4 addresses.