Hi, > Quite frankly: a setup like this one isn't just very typical for home > router networks, but also in many companies, where ".lan" or > ".companyname" or something like that is frequently established in the > internal network. And you will make Fedora incompatible with all these > networks by default. Even if you don't grab some random name it still is a problem. /me runs home.kraxel.org zone for my home network (and, yes, kraxel.org is mine). That zone isn't visible outsize my home network, if you try to resolve that by walking down from the root zone you wouldn't find it, you have to use the local dns server propagated by dhcp. I actually have unbound running on my workstation (rhel-7.2), and it doesn't work out-of-the-box. Had to drop a file with stub zones into /etc/unbound/local.d to get things going. > I am pretty sure there are solutions possible that are simple and safe > enough to fix these problems. For example, after doing a proof of > non-existance on a top-level domain, permit it anyway, but only > those. That way, people won't be able to add in extra RRs below > microsoft.com, but they could define additional top-level domains such > as .box without this creating problems. That doesn't solve $internalsubdomain.$company.com ... cheers, Gerd -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
