localhost entries in zones, was Re: Domain Not Resolving
Tony Finch
dot at dotat.at
Tue Nov 21 14:27:13 UTC 2017
Reindl Harald <h.reindl at thelounge.net> wrote:
> Am 21.11.2017 um 14:42 schrieb G.W. Haywood via bind-users:
> > The address for localhost (127.0.0.1) should be in /etc/hosts,
> > not in your zone file, and very probably it already is
>
> that part is not true
>
> https://tools.ietf.org/html/rfc1537 says:
> Note that all domains that contain hosts should have a "localhost" A record in
> them
That advice is no longer a good idea. "localhost" in the DNS can lead to
problems with the web browser same-origin security policy.
http://seclists.org/bugtraq/2008/Jan/270
> simply because /etc/hosts is not considered in case of a DNS lookup at all and
> a unqualified query for "localhost" with "search thelounge.net" in
> /etc/resolv.conf would be expanded to "localhost.thelounge.net."
I investigated this a few months ago when I was deleting the localhost
entries from our zones and I found that our recursive servers were
receiving almost no localhost queries, so there would be no performance
impact in deleting them.
There has been some discussion about localhost queries and the DNS in the
IETF dnsop working group recently. This thread was informative:
https://www.ietf.org/mail-archive/web/dnsop/current/msg20968.html
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/ - I xn--zr8h punycode
Shannon: Southwest 5 to 7, becoming variable 3, then cyclonic 6 to gale 8.
Rough or very rough. Rain. Moderate or poor.
More information about the bind-users
mailing list