StevenBlack list & localhost.localdomain

Help Community Help
1

Don't really know if this is a problem...

Years ago, when setting up my pfsense, I had to choose a domain name. The info near that field says:

Do not end the domain name with '.local' as the final part (Top Level Domain, TLD), The 'local' TLD is widely used by mDNS (e.g. Avahi, Bonjour, Rendezvous, Airprint, Airplay) and some Windows systems and networked devices. These will not network correctly if the router uses 'local' as its TLD. Alternative TLDs such as 'local.lan' or 'mylocal' are safe.

so I entered localdomain which, in my mind, is safe.

pihole comes only with one list, the StevenBlack list.

after looking at the gravity database all day (different problem), I noticed 'localhost.localdomain' is in gravity, not only as a result of the StevenBlack list entries, but, pihole -q:

 Match found in https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts:
   localhost.localdomain
 Match found in http://someonewhocares.org/hosts/:
   localhost.localdomain
 Match found in https://someonewhocares.org/hosts/zero/hosts:
   localhost.localdomain

I wonder if I should make a whitelist entry for this, since:

  • dig +short localhost returns 127.0.0.1
  • dig +short localhost.localdomain returns 0.0.0.0

additional info:
I have the following entry in my /etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "resolvectl status" to see details about the actual nameservers.

nameserver 127.0.0.1
search localdomain
2

There is a draft RFC that extends the RFC2606 reserved tld's to add .localdomain. But that list of tld's is defined as use for documentation or testing only.

I think the reason it is on the StevenBlack list is that it should not be resolvable by the public DNS so it should be blocked from going there.

If you extrapolate .localhost (which is defined to be 127.0.0.1) then .localdomain should be statically defined as local to each node only.

It would be better for long term if you did use one of the common local domains (like .lan and such) or move to the modern home.arpa. as defined by RFC8375

3

thanks for your reply

  1. It doesn't look like localdomain has already been added to /etc/dnsmasq.d/06-rfc6761.conf, should it be?

  2. changing the domainname on the pfsense has a massive impact on all devices. For now, I've whitelisted localhost.localdomain, thus allowing me to resolve this on all machines. To prevent the query from going to public DNS, I've added the domain to my unbound response policy zone (read here if you want to know more).

4

No, that's why I mentioned that the RFC update was in draft status.

5

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.