There are many DNS names options. Which one do you use?
fritz.box for the machines themselves because Fritz!BOX (although handed out by Pi-Hole),but .lan for anything going over the local proxy towards the same machine for TLS.
Some machines use my custom domain name instead of .lan, if they need to be accessible from outside. So these last ones go directly over the local proxy internally, but automatically over CloudFlare Tunnel and Authentik when not at home. The proxy being Caddy.
I use .lan for everything the router can resolve names for, and .local for Avahi mDNS 😈
I bought a .com for like $10 CAD from Cloudflare that uses a URL not linked to me.
Maybe overly paranoid, but it also makes it easy to get SSL certificates for my lab.
There actually is a correct awnser: home.arpa
See https://www.ctrl.blog/entry/homenet-domain-name.htmlI use
home.arpa
for all my LAN hosts..lan for everything.
I also use .lan I used to use .local for years until I started to have conflict issues with .local resolution on Android when they started using mdns
I didn’t care about any of this (my off the shelf Router used .local) and then I started selfhosting more and using pFsense as a router OS. It defaulted to using home.arpa, which was so objectionable that I spent time looking into RFC 6762 and promptly reverted to .lan forever.
The official choices were: .intranet, .internal, .home, .lan, .corp, and .private. LAN was the shortest and most applicable. Choice made.
I use either .home or an actual domain that I own (makes it easy for https certs and not having to go out of the network and back in)
I use different ones. Got an legit dpmain which I also use locally (with ssl certificates) and in my local network my server listens to SERVI. Just SERVI.
According to IETF, you should only use
.intranet
,.internal
,.private
,.corp
,.home
or.lan
for your private network ( RFC 6762 Appendix G ). Using other TLDs might cause issues in the future, especially since new gTLDs seems to show up every few months or so, which can collide with the TLD you use for your local network.The one reserved for residential usage is
home.arpa
.Interesting, so this is the latest recommendation? Which is probably why I haven’t seen it in the wild yet, at least in my circles.
Which means they probably going to
cash outrelease gTLDs for.intranet
,.internal
,.private
,.corp
,.home
and.lan
soon…
A problem with the
.lan
TLD (maybe others from this list) is that web browsers do not consider it a TLD when you type it in the address bar, and only show you the option to search for that term in your default search engine. You have to explicitly typehttps://
before it, to have the option to visit the URL.E.g type
example.com
in the address bar -> pressing Enter triggers going tohttps://example.com
. Typeexample.lan
-> pressing Enter triggers a search forexample.lan
using your default search engine.Little known trick–or perhaps everyone knows it and is quietly laughing behind my back–with Chromium browsers and Firefox (and maybe Safari, I’m not sure), you can add a slash to the end of an address and it will bypass the search.
So, for example, my router on the LAN goes by the hostname “pfsense”. I can then type pfsense.lan/ into my address bar and it will bring me to the web UI, no HTTP/s needed.
You can throw a
/
after to force it to recognize as a URL too.
@redcalcium
Really? Not .local? Why is it the default on so much?
@zephyr@dpflug @redcalcium @zephyr it is reserved for mDNS.
@sifrmoja
Ah, yep. Now that you say it. Thanks for cluing me in.
@redcalcium @zephyr
A long time ago Microsoft and some teaching sources used .local in example documentation for local domains and it stuck. Like contoso.com was Microsoft’s example company. I was taught to use .local decades ago and it took a very long time to unlearn it.
I can vouch for the fact that .local stopped working suddenly in most browsers a year or two ago, I was forced to migrate to .internal
*.internal.domain.name
since ssl certs are easier to get when you’re using an owned domain name.nothing as home does work (meaning plain hostname) works by default on openwrt dns
While this works for most things, you will run into issues with certain software which automatically assume that no TLD means the provided address is incorrect.
Usually adding a slash at the end works if the protocol is http based
hostname.vlan.local.lan
local.lan is the only fixed part of my fqdn’s
I use a subdomain of a domain name I own.
For local DNS
home.arpa
is I think what we’re ‘supposed’ to use, but I use .lanOnly use another domain name if you actually have it registered, like
myname.net
or something. As a bonus you can then get a wildcard letsencrypt SSL cert for easy HTTPS.Why should you only use ones you own, even if it’s just local network?
Because of interference with existing domains. Say you set a computer on your network to
mypc.google.com
, that won’t work because the DNS server will lookup google.com as an external domain.
I tend to use .local
That will work fine so long as you don’t need services like Avahi and mDNS.