Resolve .local domains with DNS

Posted by Al Twohill on 5 February 2009 | 0 Comments

Tags: linux, zeroconf

Many Linux distros come pre-configured with zeroconf, which lets machines resolve each other in a peer-to-peer manner. This is fine, except they chose the .local domain, which will conflict with any .local domain you may have set up in DNS.

Zeroconf: designed for no setup

...unless you're already set up, in which case it is a real PITA.

It can't have been really that hard to choose something less likely to cause issues (.zeroconf maybe?), but we've got to live with it.

A bit of background

Any security expert knows that you're a lot better off having a private IP range for your local computers. Not only does this save on IPv4 addresses by 'hiding' them behind a router,  it also makes it much more difficult for attackers to access remotely. And if you're going to have local IPs it makes sense to have a private DNS server. And if you have a private DNS server you don't want the FQDN to conflict with anything on the net (ie it shouldn't end with .com, .co.nz etc). So you choose something friendly and close to home. .local even. Even Microsoft recommend your Active Directory domain ends with .local.

So, it is fairly reasonable to assume that when people create a local DNS server, they are going to give it a .local domain. And if you're already set up you don't want to have to change it. So here's how you don't have to.

Let me see the .local, dammit!

It's actually pretty simple. As root, edit 

/etc/nsswitch.conf 

Find the line that says

hosts:      files mdns4_minimal [NOTFOUND=return] dns 

and change it to :

hosts:      files dns mdns4_minimal [NOTFOUND=return]

Done!