Internal DNS TLD - do not forward



  • I run pfsense from home behind a cable modem and have about 6 devices behind it. I don't have any public dns registration entries for my use.

    I am trying to create a top level domain for INTERNAL ONLY and isn't used on the internet.  I (Gave up on all .com's like thishouse.com for example) and decided to go with just .myhouse as a top level domain name (or some other similar not registered tld).  I have configurd this as the dns domain for all the devices and am also using 'register via dhcp also… and use static reservations.  This all works.

    I use pfsense as my dns and have added .myhouse in the dns forwarder service at the bottom where it says 'Below you can override an entire domain by specifying an authoritative dns server to be queried for that domain.' using the ip of the lan interface.

    All internal devices resolve each other properly and I am very pleased with the dns resolution.  I can resolve my webserver.myhouse, hpprinter.myhouse etc... etc...

    Problem is, when I run packet captures at pfsense I see the .myhouse being forwarded out to the root name servers for other non existent devices  like thisdeviceforwards.myhouse.

    Two questions on this :

    1. Is this the way I should be going for internal dns only?  Using some 'random' TLD name that I know won't exist? as opposed to thishouse.com or some other tld that could exist?  I've read that possibly .site or .local is a better choice but I'd like some recommendations here.

    2. Is there some other way to terminate this TLD at the pfsense box and not have it fwd out to my ISP for resolution?  I thought that is what I did with the dns forwarder config above.

    I'm aware it's only 6 devices or so and it won't be much traffic outbound, it's really just something I am interested in resolving.  Thank you in advance


Locked