What should a nameserver return in the authority section for queries to hosts on the .local domain?

callegar

3/10/23, 9:39 PM

I see that querying hosts in the local domain foo.local some nameservers (e.g. knot resolver) return an authority section containing things like

foo.local.     10800   IN      SOA     foo.local. nobody.invalid. 1 3600 1200 604800 10800

Others (e.g. google) return things like

.                       86389   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2021111002 1800 900 604800 86400

What is the correct one? The question is relevant, because in the first case further caching nameservers happily seems to convert the authority section into a soa record (systemd-resolved does) as in

host -t foo.local
foo.local has SOA record foo.local. nobody.invalid. 1 3600 1200 604800 10800

that does not look right and that confuses nss-mdns into thinking that .local is used as a DNS managed domain rather than for mDNS.

0 + 0

domain-name-system

mdns

Patrick Mevzek

3/10/23, 10:32 PM

`local.` is reserved for mDNS and shouldn't leak outside of local networks. See §22 if RFC 6762. It is not a global TLD in the IANA root.

callegar

3/11/23, 6:09 AM

The fact is that local. goes to dns all the time, at least in linux, because of how mDNS resolution is done there. In fact, the very first thing that the mDNS resolver does in the nss-mdns implementation is to query DNS to verify if local. is by any chance under DNS authority. This is so that neither nss-mdns nor Avahi need to be disabled to allow .local queries to be served from unicast DNS in case one has a local network with this specific setup. See https://github.com/lathiat/nss-mdns. The question was directed at identifying a potential bug confusing the linux mDNS client.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: What should a nameserver return in the authority section for queries to hosts on the .local domain?

TH: เนมเซิร์ฟเวอร์ควรส่งคืนอะไรในส่วนการให้สิทธิ์สำหรับการค้นหาโฮสต์บนโดเมน .local

RO: Ce ar trebui să returneze un server de nume în secțiunea de autoritate pentru interogări către gazdele de pe domeniul .local?

RU: Что должен возвращать сервер имен в разделе полномочий для запросов к хостам в домене .local?

VI: Máy chủ định danh nên trả lại gì trong phần thẩm quyền cho các truy vấn tới máy chủ lưu trữ trên miền .local?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.