Domain with underscore (General Setup)

Airbag888

Hi,

I have a domain with an underscore and I'm unable to input it in the general setup because it's saying it's not an allowed character.
Pretty sure it's legal

Moreover I found that I could edit the config.xml ( /cf/conf/config.xml ) to add the domain manually. However, even after restarting dnsmasq from the (Status > Services ), I went back to general setup and it was still set to localdomain

Normally I wouldn't be too fussed but it seems computers that could find / share files with each other before using \computername\folder now cannot.
\ip_number\folder works (but we got dynamic ips). Is this the real source of the problem?

Last question, do you input the FQDN in the domain name field or just the domain name.

Thanks!

phil.davis

RFC1034 and RFC1035 do not seem to prohibit the use of underscore in domain names, but they certainly do at least recommend the hyphen is the only special character in names:

The following syntax will result in fewer problems with many
applications that use domain names (e.g., mail, TELNET).

<domain>::= <subdomain>| " "

<subdomain>::= <label>| <subdomain>"." <label><label>::= <letter>[ [ <ldh-str>] <let-dig>]

<ldh-str>::= <let-dig-hyp>| <let-dig-hyp><ldh-str><let-dig-hyp>::= <let-dig>| "-"

<let-dig>::= <letter>| <digit><letter>::= any one of the 52 alphabetic characters A through Z in
upper case and a through z in lower case

<digit>::= any one of the ten digits 0 through 9</digit></letter></digit></letter></let-dig></let-dig></let-dig-hyp></ldh-str></let-dig-hyp></let-dig-hyp></ldh-str></let-dig></ldh-str></letter></label></label></subdomain></label></subdomain></subdomain></domain>

So I guess some implementations of DNS may allow other characters, and certainly with internationalization of domain names there are schemes that encode the Unicode of other scripts to make domain names - RFC5890. But it does sem that it is still at least convention to as the hyphen in domain names rather than underscore.

The domain name you input is the FQDN, without trailing dot - example.com

Airbag888

@phil.davis:

RFC1034 and RFC1035 do not seem to prohibit the use of underscore in domain names, but they certainly do at least recommend the hyphen is the only special character in names:

The following syntax will result in fewer problems with many
applications that use domain names (e.g., mail, TELNET).

<domain>::= <subdomain>| " "

<subdomain>::= <label>| <subdomain>"." <label><label>::= <letter>[ [ <ldh-str>] <let-dig>]

<ldh-str>::= <let-dig-hyp>| <let-dig-hyp><ldh-str><let-dig-hyp>::= <let-dig>| "-"

<let-dig>::= <letter>| <digit><letter>::= any one of the 52 alphabetic characters A through Z in
upper case and a through z in lower case

<digit>::= any one of the ten digits 0 through 9</digit></letter></digit></letter></let-dig></let-dig></let-dig-hyp></ldh-str></let-dig-hyp></let-dig-hyp></ldh-str></let-dig></ldh-str></letter></label></label></subdomain></label></subdomain></subdomain></domain>

So I guess some implementations of DNS may allow other characters, and certainly with internationalization of domain names there are schemes that encode the Unicode of other scripts to make domain names - RFC5890. But it does sem that it is still at least convention to as the hyphen in domain names rather than underscore.

The domain name you input is the FQDN, without trailing dot - example.com

Hi and thanks for this reply.
Indeed it doesn't seem to be a violation of any RFC, moreover I do not have the option to change this domain name (more work than it's worth). So I'm still looking for a way to have pfsense accept or use my domain name that includes the underscore.

johnpoz

What RFC are you reading that a domain name can contain _ ??

http://tools.ietf.org/html/rfc952

1. A "name" (Net, Host, Gateway, or Domain name) is a text string up
  to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus
  sign (-), and period (.).  Note that periods are only allowed when
  they serve to delimit components of "domain style names"

Your going to have nothing but pain trying to use a domain name with underscore - change it!!

does your registrar allow you to register a domain name with _ in it?

http://www.register.com/policy/domain-extension-rules.rcmx
Use only letters, numbers, or hyphen ("-")
Cannot begin or end with a hyphen
Must have less than 63* characters, not including .COM, .NET and .ORG

Trying to use a domain name in it with _ is going to be nothing but pain..

Airbag888

Hi and thanks for this answer

Quoted from another post to reply faster:

standard, RFC 2181, section 11, "Name syntax":

The DNS itself places only one restriction on the particular labels that can be used to identify resource records. That one restriction relates to the length of the label and the full name. […] Implementations of the DNS protocols must not place any restrictions on the labels that can be used. In particular, DNS servers must not refuse to serve a zone because it contains labels that might not be acceptable to some DNS client programs.

See also the original DNS specification, RFC 1034, section 3.5 "Preferred name syntax" but read it carefully.

Domains with underscores are very common in the wild. Check _jabber._tcp.gmail.com or _sip._udp.apnic.net.

Other RFC mentioned here deal with different things. The original question was for domain names. If the question is for host names (or for URLs, which include a host name), then this is different, the relevant standard is RFC 1123, section 2.1 "Host Names and Numbers" which limits host names to letters-digits-hyphen.

That said this is an internal domain name. I just want the option to add the underscore. I can't change it anytime soon. I'd appreciate a solution towards the inclusion of the underscore.

Thanks

Airbag888

Guys I really need a way to even manually have pfsense use my domain with an underscore. Is there any config file that can be edited? DHCP is using localdomain instead of my domain when assigning dns suffixes :(

johnpoz

Dude a domain with a _ is not standard, not support - CHANGE IT!!

Make whoever came up with the bright idea to use a _ in a domain do the work ;)

Other option is use something else that supports _ in the name for name resolution and dhcp, etc.  Are you on a MS Active Directly domain?  If so none of your machines should be pointing to pfsene for dns or getting dhcp from pfsense in the first place.