Re: [gentoo-user] Choice of TLD for internal network

[Michael Orlitzky <mjo@gentoo.org>]

On 12/17/2017 09:05 PM, Peter Humphrey wrote:
> Hello list,
> 
> I've been running Linux systems since 1994, calling my private LAN mynet 
> (bowdlerised). Now I come to install neth server on one machine, it insists 
> that I tell it a domain name with at least two dots in it. But I don't have 
> a standard TLD.
> 
> What do you all call your local LANs? Following Google hints, it looks as 
> though I may have to change all .mynet references to .mynet.internal.

You should probably buy a TLD. It's stupid, but there are no reserved
top-level domain names for internal use. There used to be four[0],

  * test
  * example
  * invalid
  * localhost

There was no proscribed behavior for those TLDs, so you were free to use
them for your internal network. Then along came rfc6761[1], which tells
people how to treat those four names. In particular,

  * anything.localhost is out, because users may assume that all
    addresses resolve back to the loopback interface (e.g. 127.0.0.1)

  * anything.invalid is out, because users may assume that the domain
    does not exist.

  * anything.example is out, because it's reserved for documentation.

And that leaves you with "test." Using "test" isn't perfect, because
caching resolvers may not support it: "Caching DNS servers SHOULD offer
a configuration option..." But more importantly, having "test" on the
end of all your production hostnames is stupid.

So that really leaves you with... nothing. Don't use ".internal" or any
other name that isn't reserved or that you don't own[2].

For now, your best option is to buy a domain.


[0] https://tools.ietf.org/html/rfc2606
[1] https://tools.ietf.org/html/rfc6761
[2]
https://isc.sans.edu/forums/diary/Stop+Using+internal+Top+Level+Domain+Names/21095/