Self hosted DNS, DHCP, and local domain

greedence · June 23, 2023, 10:56pm

Hi!

I am currently trying to setup my home network properly and I am little stuck with local domains.
Setup:

1 Pi, 1 Fedora 38 Workstation, 1 Fedora 38 Server
Pi is hosting Pihole with unbound
Unbound has a record for the server
DHCP on the router is setup to provide the IP of the pi for DNS

Checking on the pi with dig, I will get a proper IP for the custom local domain for both querying unbound and pihole

My workstation can resolve public addresses, e.g. google.com, and pihole logs confirm the proper communication. Using dig to resolve the local domain without specifying a server fails with SERVFAIL, using the IP explicitly returns the correct IP for the local domain and logs on the pi are also populated.

I didn’t change any components regarding networking and resolving, thus it should be still be system-resolved and NetworkManager (?). After some googling it came to my attention that this behavior is actually not a misconfiguration but the designed default for local domains (sic!)

More googling pointed to LLMNR and that it has to be deactivated - How can I disable LLMNR in systemd-resolved? - Ask Ubuntu , but

To be frank I am quite lost on that topic and a little bit frustrated that so much plumbing seems to be needed to use a DNS server defined via DHCP. Could someone guide me or at least give me directions in how to solve that mess? Thx.

vgaetera · June 24, 2023, 2:30am

You’d best refrain from rebinding reserved domains to avoid unnecessary complications.
Since you decided to serve DNS by Fedora, consider serving DHCP as well.
Dnsmasq is probably the most simple DHCP+DNS server.

vekruse · June 24, 2023, 5:59am

LLMNR or mDNS may be even simpler of you have only one network.

greedence · June 24, 2023, 9:41am

Thx for your replies. Sleeping over this topic, I have taken a look into the domain name schema of things and as it turns out .local is not the appropriate choice for my setup.

Following .local - Wikipedia a manual setup for each device would be necessary. Nevertheless, .home should be fine - Special-use domain name - Wikipedia

Since I don’t have special preference and .home works “out-of-the-box” with my DNS/DHCP setup I will stick to that.

Thx again

pemensik · July 30, 2023, 4:07pm

Use home.arpa domain. That has been allocated for that purpose and will work even with DNSSEC validating resolvers. Unfortunately systemd-resolved does not work with names like router. served by the local router, unless LLMNR is disabled, which are otherwise valid names.