Domain SearchList

Solution 1:

MTU and routing

Host names have nothing common with MTU and routing. You can do anything with DNS and name resolution, that won't generally affect routing or low-level network.

I can imagine a single kind of scenario when this wouldn't be entirely true, a VPN configured to connect to some server by DNS name, where messed name resolution could broke that VPN connection, and therefore it will broke routing associated with that VPN. But this is very untypical case, and you won't be affected with this.

Certificates

When you connect somewhere with TLS/SSL, your client checks if the name in the certificate presented by the remote side matches the name you were connecting to.

Let's assume there is a HTTPS server with the certificate valid for just server.foo.bar.fan.intra.net. Such service must be accessed only by the full name https://server.foo.bar.fan.intra.net/ and nothing else. If you set search foo.bar.fan.intra.net in your /etc/resolv.conf, you may successfully resolve the server IP address and connect to it, but when you try to access https://server/ with the browser, it will check if the certificate has exactly server in the subjectAltName or CN value, and since that's not true, your browser will complain the certificate is not valid for server.

However, nothing prevents you using full name for some services even while having set a search in the resolf.conf. So again, that's not a big problem.