A good move!
I’m surprised they didn’t codify “.lan” though since that one is so prevalent.
ICANN proposes creating .INTERNAL domain
Submitted 9 months ago by eager_eagle@lemmy.world to selfhosted@lemmy.world
https://www.theregister.com/2024/01/29/icann_internal_tld/
Comments
conorab@lemmy.conorab.com 9 months ago
fishpen0@lemmy.world 9 months ago
Seconding the other comment, lots of orgs picked .lan and then over the last few years have moved things into the cloud and .lan has become a meaningless soup since half the shit isn’t even on local network. Now it just means “needs a vpn or ztn to talk to”
Luckily my last three orgs finally bought a second domain for private dns. It’s quickly becoming a pattern that myorg.com owns myorg.tech or whatever for private traffic. Domains are cheap as fuck compared to everything else a business spends money on, it’s really silly how many people are using hacks for this
sir_reginald@lemmy.world 9 months ago
I think needing a VPN to access the internal network is a good practice. And if you’re going to be used a VPN anyway, I don’t see why you wouldn’t use a “fake” TLD like .lan for internal stuff, after all it’s just simple DNS rules.
Atemu@lemmy.ml 9 months ago
It’s used in many cases where the machine may not be on the LAN and LAN is a technical term. “Internal” is not and to me signifies that it’s “not public” aswell as probably managed by someone, well, internally at the entity you’re with.
capnminus@lemmy.world 9 months ago
Certainly better than the awkward
.home.arpa.Corngood@lemmy.ml 9 months ago
Huh, I’ve seen .local used for this quite a bit and only just now realised that it’s meant for something else.
I’ve also seen .corp 🤮
perishthethought@lemm.ee 9 months ago
And .home.
Hopefully this .Internal domain takes off and becomes generally recognized as the only correct non-routable domain we all use. Otherwise it’s just the latest addition to the list of possible TLDs and confusion continues.
Bitrot@lemmy.sdf.org 9 months ago
It’s such a shitty situation. ICANN is not going to sell .home or .corp as they found a crapton of traffic when they checked for it, but IETF never finished an RFC for them - however people easily stumble into the draft RFC that lists what they were thinking of, and assume stuff like .lan is good to go too. They’re only safe by policy, but unsanctioned.
.home.arpa is safe, per RFC, but user unfriendly to normal people. There are a few others but none a corporation would realistically use. I’ve used . internal for lab testing stuff for ages, so this is extra good news for me I guess.
Really I wish they’d have just reserved the most common ones rather than getting caught in some bureaucratic black hole.
Moonrise2473@feddit.it 9 months ago
Too long to type, why it can’t be .lan
0xD@infosec.pub 9 months ago
Who is Ian?
jol@discuss.tchncs.de 9 months ago
I heard he threw parties all the time
Hexarei@programming.dev 9 months ago
Meanwhile, for my homelab I just use split DNS and a (properly registered+set up)
.housedomain - But that’s because I have services that I want to have working with one name both inside and outside of my networkdeadcatbounce@reddthat.com 9 months ago
Don’t follow. Help me out someone please.
The net runs on numbers. The numbers have to be translated into/from the DNS name to the numbers.
Nominating a DNS name as internal is doesn’t change the fact that we still have to, at some stage, find the (local) network mask that that it corresponds to.
What am I missing?
VelociCatTurd@lemmy.world 9 months ago
It’s for internal resources. You can really use whatever subdomain you want internally, but this decision would be to basically say to registrars, this TLD is reserved, we will never sell this TLD to anyone to use. That way you know that if you use it internally, there’s no way a whoopsie would happen where your DNS server finds a public record for this TLD.
BCsven@lemmy.ca 9 months ago
I assumed that was what .local was all about
JakenVeina@lemm.ee 9 months ago
A DNS Proxy/Forwarder server? That’s where you would configure how your .internal domain resolves to IPs on your internal network. Machines inside the network make their DNS queries to that server, which either serves them from cache, or from the local mappings, for forwards them off to a public/ISP server.
doctorn@r.nf 9 months ago
I just use *.loc.al a local dns entry in my own server with local addresses using devicename.loc.al and loc.al itself going to my gateway/routerpage. 😅
Decronym@lemmy.decronym.xyz 9 months ago
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System IP Internet Protocol VPN Virtual Private Network
[Thread #477 for this sub, first seen 2nd Feb 2024, 16:35] [FAQ] [Full list] [Contact] [Source code]
IphtashuFitz@lemmy.world 9 months ago
I use .home for my home network…
stewie410@programming.dev 9 months ago
I’m sure we’ll keep using
.intranetbecause why should we ever change?tagginator@utter.online [bot] 9 months ago
New Lemmy Post: ICANN proposes creating .INTERNAL domain (https://lemmy.world/post/11413132)
Tagging: #SelfHosted(Replying in the OP of this thread (NOT THIS BOT!) will appear as a comment in the lemmy discussion.)
I am a FOSS bot. Check my README: https://github.com/db0/lemmy-tagginator/blob/main/README.md
SnotFlickerman@lemmy.blahaj.zone 9 months ago
Looks like *.lair is still a great one for a local TLD.
Just rock your “Evil.subterranean.lair” people.
You could also go for “Wicked.volcano.lair”
Or even “morallywrong.commercialrealestate.lair”
Robert7301201@slrpnk.net 9 months ago
Very few as this ruling would reserve .internal for local DNS only and forbid it at the global level. This is ICANN’s solution to people picking random .lan .local .internal for internal uses. You’ll be able to safely use .internal and it will never resolve to an address outside your network.
KingThrillgore@lemmy.ml 9 months ago
.local is recommended for use with mDNS/Zeroconf
pipariturbiini@sopuli.xyz 9 months ago
I say 80% of them.