.local

Last updated

The domain name .local is a special-use domain name reserved by the Internet Engineering Task Force (IETF) so that it may not be installed as a top-level domain in the Domain Name System (DNS) of the Internet. As such it is similar to the other special domain names, such as .localhost. [1] However, .local has since been designated for use in link-local networking, in applications of multicast DNS (mDNS) [2] and zero-configuration networking (zeroconf) so that DNS service may be established without local installations of conventional DNS infrastructure on local area networks.

Contents

Multicast DNS standard

The Internet Engineering Task Force (IETF) reserves the use of the domain name label .local as a special-use domain name for hostnames in local area networks that can be resolved via the Multicast DNS name resolution protocol. [2] Any DNS query for a name ending with the label local must be sent to the mDNS IPv4 link-local multicast address 224.0.0.251, or its IPv6 equivalent ff02::fb. (Note that 25110 and fb16 are the same number.) A domain name ending in .local may be resolved concurrently via other mechanisms, for example, unicast DNS.

mDNS implementations

RFC 6762 was authored by Apple Inc. employees Stuart Cheshire and Marc Krochmal, and Apple's Bonjour zeroconf networking software implements mDNS. [3] That service will automatically resolve the private IP addresses of link-local Macintosh computers running macOS and mobile devices running iOS if .local is appended to their hostnames. In addition, Bonjour devices will use those .local hostnames when advertising services to DNS Service Discovery clients.

Most Linux distributions also incorporate and are configured to use zeroconf. By default, each computer's Avahi daemon will respond to mDNS hostname.local queries, and most shell commands and application program calls that attempt to resolve such names are routed to that daemon by the default hosts: line in the Name Service Switch configuration file. It is also possible to configure the nss-mdns modules and Avahi to resolve hostnames with other pseudo-TLDs.

Windows has some support for mDNS, [4] which can be improved by installing zeroconf software available from Apple and other third parties.

Finally, many printers and other peripheral devices also implement the mDNS protocol in order to provide simplified connections to them from computers that implement zeroconf.

Microsoft recommendations

The connection of Macintosh and Linux computers or zeroconf peripherals to Windows networks can be problematic if those networks include name servers that use .local as a search domain for internal devices. Microsoft recommends against using unregistered suffixes, such as .local.

At one time, Microsoft at least suggested the use of .local as a pseudo-TLD for small private networks with internal DNS servers. For example, support article 296250 [5] included the following option:

Make the name a private domain name that is used for name resolution on the internal Small Business Server network. This name is usually configured with the first-level domain of .local. At the present time, the .local domain name is not registered on the Internet.

However, more recent articles have cautioned or advised against such use of the .local TLD. Support article 300684 [6] listed contoso.local as an example of a "best-practice Active Directory domain name", but then added:

We recommend that you register DNS names for the top-most internal and external DNS namespaces with an Internet registrar.

which would of course preclude using that or any other domain ending with .local.

Microsoft TechNet article 708159 [7] suggested .local for the exact opposite reason:

Using the .local label for the full DNS name for the internal domain is a more secure configuration because the .local label is not registered for use on the Internet. This separates your internal domain from your public Internet domain name.

but later recommended against it:

If you have Macintosh client computers that are running the Macintosh OS X version 10.3 operating system or later, ... it is recommended that you do not use the .local label for the full DNS name of your internal domain. If you must use the .local label, then you must also configure settings on the Macintosh computers so they can discover other computers on the network. For more information about how to configure client computers running Macintosh OS X version 10.3 or later, see "Connecting Macintosh Computers to a Windows Small Business Server 2003 Network" on the Microsoft Web site at .

The Microsoft Learn article "Selecting the Forest Root Domain" [8] cautioned against using .local:

...we do not recommend using unregistered suffixes, such as .local.

By default, a freshly installed Windows Server 2016 Essentials also adds .local as the default dns-prefix when a user doesn't select the advanced option, resulting in a domain with .local extension.[ citation needed ]

Linux

Linux distributions use the Name Service Switch configuration file /etc/nsswitch.conf [9] in which mDNS name resolution was added via the mdns4_minimal plugin to nsswitch. In this configuration, where mdns4_minimal precedes the standard dns option, which uses /etc/resolv.conf, the mDNS resolution will block subsequent DNS resolution on the local network.

hosts:    files mdns_minimal [NOTFOUND=return] dns # for ipv4 and ipv6

or

hosts:    files mdns4_minimal [NOTFOUND=return] dns # for ipv4 only

This is a configuration choice made by distributions such as Ubuntu/Debian and SuSE and Red Hat, each of which have their own package configuration script that will install the mdns_minimal module as above.

In this way .local requests are being prevented from leaking to the internet, but also block legitimate .local requests for configured DNS servers.

Global DNS queries

As local is an officially reserved special-use domain name [10] [11] host names with this top-level label are not resolvable in the global Domain Name System.

Related Research Articles

The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.

<span class="mw-page-title-main">IPv6</span> Version 6 of the Internet Protocol

Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion, and was intended to replace IPv4. In December 1998, IPv6 became a Draft Standard for the IETF, which subsequently ratified it as an Internet Standard on 14 July 2017.

Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

<span class="mw-page-title-main">Bonjour (software)</span> Computer networking technology

Bonjour is Apple's implementation of zero-configuration networking (zeroconf), a group of technologies that includes service discovery, address assignment, and hostname resolution. Bonjour locates devices such as printers, other computers, and the services that those devices offer on a local network using multicast Domain Name System (mDNS) service records.

Zero-configuration networking (zeroconf) is a set of technologies that automatically creates a usable computer network based on the Internet Protocol Suite (TCP/IP) when computers or network peripherals are interconnected. It does not require manual operator intervention or special configuration servers. Without zeroconf, a network administrator must set up network services, such as Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), or configure each computer's network settings manually.

In computer networking, localhost is a hostname that refers to the current computer used to access it. The name localhost is reserved for loopback purposes. It is used to access the network services that are running on the host via the loopback network interface. Using the loopback interface bypasses any local network interface hardware.

In computer networking, a hostname is a label that is assigned to a device connected to a computer network and that is used to identify the device in various forms of electronic communication, such as the World Wide Web. Hostnames may be simple names consisting of a single word or phrase, or they may be structured. Each hostname usually has at least one numeric network address associated with it for routing packets for performance and other reasons.

The computer file hosts is an operating system file that maps hostnames to IP addresses. It is a plain text file. Originally a file named HOSTS.TXT was manually maintained and made available via file sharing by Stanford Research Institute for the ARPANET membership, containing the hostnames and address of hosts as contributed for inclusion by member organizations. The Domain Name System, first described in 1983 and implemented in 1984, automated the publication process and provided instantaneous and dynamic hostname resolution in the rapidly growing network. In modern operating systems, the hosts file remains an alternative name resolution mechanism, configurable often as part of facilities such as the Name Service Switch as either the primary method or as a fallback method.

ipconfig Console application program

ipconfig is a console application program of some computer operating systems that displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings.

The Web Proxy Auto-Discovery (WPAD) Protocol is a method used by clients to locate the URL of a configuration file using DHCP and/or DNS discovery methods. Once detection and download of the configuration file is complete, it can be executed to determine the proxy for a specified URL.

example.com Domain name reserved for documentation purposes and as an example of the use of domain names

The domain names example.com, example.net, example.org, and example.edu are second-level domain names in the Domain Name System of the Internet. They are reserved by the Internet Assigned Numbers Authority (IANA) at the direction of the Internet Engineering Task Force (IETF) as special-use domain names for documentation purposes. The domain names are used widely in books, tutorials, sample network configurations, and generally as examples for the use of domain names. The Internet Corporation for Assigned Names and Numbers (ICANN) operates web sites for these domains with content that reflects their purpose.

In computer networks, a reverse DNS lookup or reverse DNS resolution (rDNS) is the querying technique of the Domain Name System (DNS) to determine the domain name associated with an IP address – the reverse of the usual "forward" DNS lookup of an IP address from a domain name. The process of reverse resolving of an IP address uses PTR records. rDNS involves searching domain name registry and registrar tables. The reverse DNS database of the Internet is rooted in the .arpa top-level domain.

The name localhost is reserved by the Internet Engineering Task Force (IETF) as a domain name label that may not be installed as a top-level domain in the Domain Name System (DNS) of the Internet.

In computer networking, the multicast DNS (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server. It is a zero-configuration service, using essentially the same programming interfaces, packet formats and operating semantics as unicast Domain Name System (DNS). It was designed to work as either a stand-alone protocol or compatibly with standard DNS servers. It uses IP multicast User Datagram Protocol (UDP) packets and is implemented by the Apple Bonjour and open-source Avahi software packages, included in most Linux distributions. Although the Windows 10 implementation was limited to discovering networked printers, subsequent releases resolved hostnames as well. mDNS can work in conjunction with DNS Service Discovery (DNS-SD), a companion zero-configuration networking technique specified separately in RFC 6763.

The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link. It is included in Windows Vista, Windows Server 2008, Windows 7, Windows 8, Windows 10. It is also implemented by systemd-resolved on Linux. LLMNR is defined in RFC 4795 but was not adopted as an IETF standard.

Blackhole DNS servers are Domain Name System (DNS) servers that return a "nonexistent address" answer to reverse DNS lookups for addresses reserved for private use.

Apple's Bonjour Sleep Proxy service is an open source component of zero-configuration networking, designed to assist in reducing power consumption of networked electronic devices.

<span class="mw-page-title-main">IPv6 address</span> Label to identify a network interface of a computer or other network node

An Internet Protocol version 6 address is a numeric label that is used to identify and locate a network interface of a computer or a network node participating in a computer network using IPv6. IP addresses are included in the packet header to indicate the source and the destination of each packet. The IP address of the destination is used to make decisions about routing IP packets to other networks.

A search domain is a domain used as part of a domain search list. The search list, as well as the local domain name, is used by a resolver to create a fully qualified domain name (FQDN) from a relative name. For this purpose, the local domain name functions as a single-item search list.

In computer systems, name resolution refers to the retrieval of the underlying numeric values corresponding to computer hostnames, account user names, group names, and other named entities.

References

  1. D. Eastlake; A. Panitz (June 1999). Reserved Top Level DNS Names. Network Working Group. doi: 10.17487/RFC2606 . BCP 32. RFC 2606.
  2. 1 2 S. Cheshire; M. Krochmal (February 2013). Multicast DNS. IETF. doi: 10.17487/RFC6762 . RFC 6762.
  3. "Apple Bonjour: Let's Talk!". 25 May 2012.
  4. Aleksandersen, Daniel (26 March 2018). "mDNS and DNS-SD slowly making their way into Windows 10". www.ctrl.blog. Retrieved 2022-04-18.
  5. "Domain Name System name recommendations for Small Business Server 2000 and Windows Small Business Server 2003". support.microsoft.com. 2007-12-03. Archived from the original on 2007-12-27. Three practical methods to name the DNS domain are: [1/3] [...] private domain name that is used for name resolution on the internal Small Business Server network. [...] usually [...] first-level domain of .local. [...] [2/3] Make the name a sub-domain of a publicly registered domain name. For example, if the publicly registered domain name is Contoso.com, a sub-domain of Corp.contoso.com can be used. [3/3] Make the name the same as a publicly registered domain name. [...] Most Small Business Server customers should use the first method.
  6. "Information about configuring Active Directory domains by using single-label DNS names". support.microsoft.com. Archived from the original on 2013-04-10.
  7. "Internal Domain Information (OEM)". Windows Small Business Server 2003 product documentation. technet.microsoft.com. 15 July 2008. Archived from the original on 2017-07-07. Retrieved 2023-01-03. [...] it is strongly recommended that you use the .local label for the extension. [...] If your Windows Small Business Server network contains client computers running Mac OS X 10.2 or later, change the .local label for the default domain name to a label other than .local. For example, use .lan or .office as the label.
  8. "Selecting the Forest Root Domain". learn.microsoft.com. 2021-07-21. Archived from the original on 2023-01-03. Retrieved 2023-01-03. To select a suffix for the forest root domain: [...] We recommend that you use DNS names that are registered with an Internet authority in the Active Directory namespace. Only registered names are guaranteed to be globally unique. [...] Caution [...] Do not use single-label DNS names. [...] Also, we do not recommend using unregistered suffixes, such as .local.
  9. "Ubuntu Manpage: nsswitch.conf - Name Service Switch configuration file". manpages.ubuntu.com. Retrieved 2021-02-22.
  10. "Special-Use Domain Names". Internet Assigned Numbers Authority.
  11. Cheshire, Stuart; Krochmal, Marc (2013-02-20). Multicast DNS. IETF. RFC   6762 .
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.