Point *.local to 127.0.0.1 within network
Solution 1:
Like Michael Dillon pointed out, using .local
for an internal TLD is a Bad Thing -- it breaks RFC-specificed services (RFC 6762, if you're curious).
I would take his answer a step further and say that using any arbitrary top-level domain is a Bad Thing.
ICANN is now allowing the registration of arbitrary top-level domains. This means that you can use .secret
today and have no collisions, but tomorrow the NSA may acquire that TLD for publishing other people's dirty laundry, and you would then be in conflict with all their .secret
domains on the internet. That's a lousy situation to be in.
The best current practice for exposing "internal stuff" with a DNS name is to use a subdomain of a registered domain you control. For example if you own example.com
you might put your development sites under dev.example.com
.
From your question it sounds like what you want are "local" domain names that always point back to 127.0.0.1
, so for your situation I would recommend creating two records for local.example.com
on your internal DNS:
local.example.com. IN A 127.0.0.1
*.local.example.com. IN A 127.0.0.1
Developers could then access foo.local.example.com
and they'd be pointed to their local machine (127.0.0.1
). This requires more typing (which you can eliminate by changing your DNS suffix search order on the clients), but it guarantees your namespace is safe from collisions with arbitrary gTLDs and conforms with best practices.
If you need something to cite to convince other people in your organization that this is The Right Thing To Do I suggest MDMarra's excellent blog post on why you shouldn't use .local
for your Active Directory domain -- the reasons articulated there extend very well to anything DNS-related.
Solution 2:
In general it is a bad idea to use .local for internal domains. It gets mixed up with the use of .local by Bonjour/Rendezvous services. Better to pick another name like .secret
After that, you just treat the .secret the same way as you would treat .mycompany.com and you were hosting the DNS (master/slave) yourself. You set up a zone file for .secret and serve it up internally. Instead of SERVER1.EXAMPLE.COM in your example, you would have a SOA for SECRET.