back to article It's official: .corp, .home, .mail will never be top-level domains on the 'net

You will never be able to own an official .home, .mail or .corp domain name or email address on the public internet. It means if you have machines called things like storage.home or buildserver.corp on your home or private business network, you can be sure no one will be able to buy domains like storage.home or buildserver. …

Silver badge
Devil

as an alternative to '.local'

prior to the related RFC6762 publishing, ".local" was being recommended (by Microsoft, among others) to be used for 'local LAN DNS' kinds of things. I've been using it for ~2 decades. [and I don't care much about mDNS].

Post RFC6762 it's officially reserved for mDNS. Wheee.

NOW we have others, in particular '.home' '.corp' and '.mail'.

Will there be an RFC or similar document to CODIFY and STANDARDIZE these so that we don't get a "whoops, SURPRISE!" later on???

9
2
Silver badge

Re: as an alternative to '.local'

Post RFC6762 it's officially reserved for mDNS. Wheee.

And if you actually read that RFC:

Multicast DNS designates a portion of the DNS namespace to be free for local use, without the need to pay any annual fee, and without the need to set up delegations or otherwise configure a conventional DNS server to answer for those names.

[My emphasis.]

In other words .local is exactly what it should be and anybody can use it for their local network. Nobody's going to come round to verify you're actually running mDNS rather than having a DNS .local domain or just putting the addresses in your host file.

0
0
Silver badge

Re: as an alternative to '.local'

The problem is if you set your LAN domain to .local and you have mDNS devices on it as well, if your mDNS resolver isn't very good or configured wrong then you might not be able to resolve some addresses.

0
0
Silver badge

I use .internal

Whenever I need to set up an internal network. I'm pretty sure that's not going to be an attractive TLD for obvious reasons, but it is good that ICANN put common sense above money grabbing registrars for once...

5
2
Silver badge
Devil

Re: I use .internal

'.internal' sounds like a winner - I'd like to see that listed in an RFC alongside a few others.

There are dedicated fake domains for OTHER things, why not a SPECIFIC one for private LAN use? Yeah, THAT is the point!

/me wonders if all of the ".profanity" and/or scatalogical TLDs could become 'private LAN' naming candidates

2
2
Silver badge

Re: I use .internal

.lan would be sensible, but some bright spark at ICANN let Latam Airlines have it.

5
0
Silver badge

Re: I use .internal

I actually use .int myself, for the same reason, with the additional catch that it's three letters. The fact it can also be easily confused with a common shorthand for integers makes me think it's an unlikely TLD to be registered.

PS. Only NOW do I learn that .int is indeed reserved. Good news is that it's intended for true international agencies and that the application process is incredibly strict. End result: I probably haven't stepped on anyone's toes in the process. I'll change the internal TLD later.

0
0
Silver badge

We had a story about ".dev'" a few weeks ago.

It's not difficult - don't try to use domain names you don't own. If you do, at some point in the future something bad will happen.

3
5
Silver badge
Thumb Down

"It's not difficult - don't try to use domain names you don't own"

And pay the "internet domain TLD tax" while we're at it. for every private LAN in the world.

NO!

there NEEDS to be "something we can use" for non-public naming. THAT is the point!

17
2
Anonymous Coward

Hell's bells, bob: here, from the last Millenium, is "Reserved Top Level DNS Names" http://www.faqs.org/rfcs/rfc2606.html

5
3
Bronze badge

... and none of

.test

.example

.invalid

.localhost

are suitable for, or intended for, .local domains. Since the whole RFC is barely longer than it's URL, I can only conclude that anyone mentioning that URL in this context is trolling.

.local was in use. It was deliberately stolen for another use, in order to make trouble for people who were already using it. Because there is a group of people who (a) think every host should have a globally accessible MAC, IP address and URN, and (b) think that the internet should be reserved for people who agree with them.

27
0
PTW
Thumb Up

Only one up vote allowed

2
0
Silver badge

phish pie

don't try to use domain names you don't own. If you do, at some point in the future something bad will happen.

I own invalidemail.org.uk (fantastic for passive aggressively giving out email addresses to people you don't like but secretly want to see where they are going with their request). A national UK charity actually sends acknowledgement emails to noemail@invalidemail.org.uk when a fundraiser registers for one of their challenges but doesn't provide an email (or opts for no email or something). Mostly I just get a name but for some I could reset the password for a fundraising totals page and one time they included some contact details. They have not responded to my emails so far

4
0
Silver badge

Reserved Top Level DNS Names

For that matter there are the user assigned code elements of ISO 3166-1 alpha-2. OK they are country codes rather than ccTLDs but we can be pretty certain that they won't get used as ccTLDs as it would cause too much confusion.

TL;DR version: the following two letter combinations can currently be used as non-conflicting TLDs and are highly unlikely to ever conflict in the future - AA, QM-QZ, XA-XZ, and ZZ(*).

(*) Long beards optional.

1
0
Anonymous Coward

""It's not difficult - don't try to use domain names you don't own""

"And pay the "internet domain TLD tax" while we're at it. for every private LAN in the world."

We're talking $15/year to make sure your network has a unique domain?

0
5
Silver badge

You're seriously suggesting you believe every household paying the Danegeld to ICANN every year is better than a standard domain for LAN addresses?

And back to the OP, .dev is Google using their Chrome trojan horse to clear the path before monetising a domain which they bought knowing that it's often used on LANs.

3
0
Silver badge

What would Scotland get if it were to become independent in the future?

I can’t see any obvious options beginning with s, however it’s official country name in Gaelic is Alba, and Gaelic would be an official language. .al is Albania, so either .ab or .aa are likely

0
0
Silver badge

What I Want to Know...

is when are we getting .cotton for EastEnders-themed websites?

14
0
Silver badge

Re: What I Want to Know...

Bravo old sport, bravo.

3
0
Silver badge

My workplace has the ".int" set as the AD domain... shame we don't own that and probably never can.

I assume they though it meant "internal", but obviously they haven't heard of .local or even using the main domain name that we DO own...

Luckily it doesn't cause many problems, but it's an annoyance I hope to one day purge.

0
0
Facepalm

.int

Be careful with that: the International Telecommunication Union has a .int domain:

www.itu.int

0
0
Silver badge

Re: .int

Be careful with that: the International Telecommunication Union has a .int domain:

That would be because .int is reserved for international organisations.

Two relevant paragraphs from the Unreliable Source:

The domain name int is a sponsored top-level domain (sTLD) in the Domain Name System of the Internet. Its name is derived from the word international, characterizing its use for international organizations and treaty-related purposes.[1] The first use of this domain was by NATO, which had previously been assigned the top-level domain nato.

According to Internet Assigned Numbers Authority (IANA) policy, based on RFC 1591, the sTLD int is reserved for international treaty-based organizations, United Nations agencies, and organizations or entities having observer status at the UN.[2] int is considered to have the strictest application policies of all TLDs, as it implies that the holder is a subject of international law. For this reason, the application procedure requires the applicant to provide evidence that it is indeed treaty-based by providing a United Nations treaty registration number and that it has independent legal status.

https://en.wikipedia.org/wiki/.int

2
0
Silver badge
Facepalm

My last job used $companyname.co.uk as the internal AD domain name. I never did work out whose bright idea that was but I ended up having to use so many terrible DNS hacks just so people could still get their email from both inside and outside the office (for example).

0
0

Re: .int

As do about 165 other organisations:

List of organizations with .int domain names

0
0
Silver badge

"My last job used $companyname.co.uk as the internal AD domain name."

There's nothing wrong with that, so long as you own that domain. In fact, that's why it's called a domain name in AD and in DNS (and AD is DNS based).

The "hack" to make it work internally? Set your external DNS resolvers to reply with your external IP and your internal ones to reply with your internal IP? Same config I have here.

"helpdesk.companyname.com" resolves to a 192.168. if you're querying our internal nameservers and to our external IP if you're querying our "real" DNS servers visible to the outside world. Works fine.

In fact, the gateway is smart enough to redirect and port-forward even internal access just using the external IP from inside (i.e. no DNS changes required) but I don't like that... I like a clear separation.

That's not a facepalm - that's how you should be configuring it. In fact, I'd query how you'd migrate smoothly to Azure etc. in the future if you're not already doing this (https://support.office.com/en-gb/article/how-to-prepare-a-non-routable-domain-such-as-local-domain-for-directory-synchronization-e7968303-c234-46c4-b8b0-b5c93c6d57a7)

3
0
Silver badge

Re: .int

Sadly tpc.int is no more. A pity for those of us old enough to get the reference.

0
0
Bronze badge
Boffin

@Lee D:

The formal name for the 'hack' is called "Split DNS", and if you've had to deal with Exchange, you will be very, very familiar with it.

example: owa.redacted.com internally resolves to the load balanced IP address of the exchange client access servers, whereas on the outside, it resolves to an external IP address which points at the same load balancer through a firewall, which is also doing NAT at the same time. This way, you only need to configure a single name, and for the execs and sales people (and others with laptops that tend to unchain themselves from the desk) as long as Exchange and outlook are configured for RPC over HTTPS, it will just work.

1
0
Silver badge
Headmaster

Fellow Geeks

A geek is a fan of something. A nerd is a practitioner. Dorks know the difference.

7
0

Never been a fan of made-up pseudo-TLDs for intranet purposes. One company I used to work for used intra.<company>.com as their intranet domain, where the "intra" subdomain only existed internally. Seemed to work quite well.

1
0
Silver badge

Because there are those (like home users) where such a setup may not be advised or possible (take me, I have a noip.me DDNS subscription, but I wouldn't dare the noip.me setup internally). There are also pure intranets (no external connections) where it would nonetheless be prudent to keep a DNS hierarchy set up, in which case it would help to have a placeholder TLD just in case (and by using an invalid one, it won't resolve from the outside).

0
0
Silver badge

One company I used to work for used intra.<company>.com as their intranet domain, where the "intra" subdomain only existed internally. Seemed to work quite well.

I do something similar, with machines on the internal LAN being in the subdomain home.mypublic.domain. However, there are a few gotchas when an externally visible server has one (NATted) address to the outside world and an internal RFC 1918 address internally. Nothing that the knowledgeable can't handle provided they understand DNS and have a sensible gateway, but not for the average punter. This is one area where IPv6 will make life simpler, as all internal addresses will be globally routable without NAT. (I really must sort out IPv6 this year.)

1
0
Bronze badge

IF we can have RFC 1918 IPs for internal use,

Why cant we have .internal .private .pdn or .pipa domains too

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018