Email or username:

Password:

Forgot your password?
17 comments
SpookyAlex03

@arichtman Not strong on my DNS knowledge, what's the difference between .internal and .local?

I could already use .local addresses instead of 192.168.*.* for stuff like Home Assistant and OpenMediaVault

Is it just that those were two of many unofficial options and only .internal was made official?

SpookyAlex03

@marie @arichtman @Sqaaakoi *one Wikipedia article later* and ah-ha! Thank you, I've officially learned about something new today

Mikle_Bond

@WeirdAlex03 @marie @arichtman @Sqaaakoi
Yeah, really good news. There are lots of discussions of what to use as internal TLD, with a bunch of people suggesting not to. Different documents suggested different subsets. The best alternative was home.arpa., but it is a second-level domain. I've seen people here on fedi to use lan. as it is shorter and is suggested in RFC6762 by IETF. But ICANN still can (theoretically) steal it from us. Same RFC mentioned intranet., private., home., corp. and internal., and we finally have one of them confirmed to never be on sale. Yay)

@WeirdAlex03 @marie @arichtman @Sqaaakoi
Yeah, really good news. There are lots of discussions of what to use as internal TLD, with a bunch of people suggesting not to. Different documents suggested different subsets. The best alternative was home.arpa., but it is a second-level domain. I've seen people here on fedi to use lan. as it is shorter and is suggested in RFC6762 by IETF. But ICANN still can (theoretically) steal it from us. Same RFC mentioned intranet., private., home., corp. and internal.

aura, magic missile enthusiast

@WeirdAlex03 @arichtman yeah, because wide adoption for internal use didn't stop icann from handing .dev to google - with HSTS preload for the entire top level too to pour some extra salt into that wound.

James Henstridge

@WeirdAlex03 @arichtman .local is for link local multicast DNS (aka zeroconf or Bonjour).

It's generally a bad idea to provide a .local zone via unicast DNS, since it'll cause most systems to disable multicast DNS.

Will Dormann

@jamesh @WeirdAlex03 @arichtman
I've been using .local for internal DNS since before mDNS was a thing.
Apparently I didn't get the memo that I should no longer do that. 🤦‍♂️

James Henstridge

@wdormann @WeirdAlex03 @arichtman Yep. If you forced mDNS on for a particular system, it likely wouldn't ever query any of your unicast .local names.

Things likely worked for you because most systems these days will query the SOA record for "local." via unicast: if they get a hit, they disable mDNS.

mkj

@WeirdAlex03 .local is reserved specifically for mDNS resolution. (RFC 6762.) Using it for other purposes can lead to unexpected behavior when software treats it as being used for what it's actually intended for.

.internal is not quite official yet; people are jumping the gun a bit. ICANN has resolved to never delegate it, but what will hopefully eventually become a RFC describing its intended use is still just an early Internet-Draft.

Shameless self-plug: michael.kjorling.se/blog/2024/

@arichtman

@WeirdAlex03 .local is reserved specifically for mDNS resolution. (RFC 6762.) Using it for other purposes can lead to unexpected behavior when software treats it as being used for what it's actually intended for.

.internal is not quite official yet; people are jumping the gun a bit. ICANN has resolved to never delegate it, but what will hopefully eventually become a RFC describing its intended use is still just an early Internet-Draft.

Ryan Finnie

@arichtman Finally! The best time to have done this would have been 30 years ago. The second best time is now.

(They should have also reserved .lan at the same time, hrpmf.)

Radomír Žemlička

@arichtman I don't really see the difference between `.internal` and `.local`. Can someone please explain?

Alex White-Robinson

@Razemix @arichtman .local is used for mDNS functions, .internal is commonly used for non-mDNS functions

Locasta

@arichtman because a few people are asking:

.local was never officially reserved for internal networks and is (ab)used by the bonjour/mDNS protocols to do hostname resolution when no TLD is specified.

.internal is now the recommended way to get a TLD for your internal networks. However you will need to use a custom CA if you want TLS to work, or buy a domain and use public CAs if you don't control every device that will connect.

Harshal Suryawanshi 🇮🇳

@arichtman
.internal immediately gives the notion that this domain is used for private networks, which is good.

Go Up