0

My company uses PowerDNS with a PowerAdmin front end to manage both internal and external DNS. I would like to be able to set up a short TLD so that for instance test1.lcl resolves to the internal ip address 10.0.5.124. I have tried creating a new master zone name .lcl and adding some entries but they do not work. We have both Macs and PCs in the office and I don't want to step on .local which Macs seem to use, I'd like to keep it to a 2 or 3 letter TLD if possible, and I certainly do not want use a valid internet TLD.

I have access to root access to the server and administrator access to PowerAdmin.

Is this possible, and if so, exactly how is it accomplished?

Scott
  • 394
  • 2
  • 7
  • 18
  • What you have described is exactly how I did it with our PowerDNS setup. I don't have it available at the moment to check anything but it certainly does support arbitrary TLDs. – Ladadadada Oct 25 '12 at 17:02
  • @Ladadadada If you can provide any specifics I'd be grateful – Scott Oct 25 '12 at 20:06
  • What machine/software do your Macs and PCs talk to to resolve DNS? – Habbie Oct 27 '12 at 07:26
  • PowerDNS running on an Ubuntu Server. All macs and pcs have the server's ip address as their primary dns. – Scott Oct 27 '12 at 14:59
  • It's not a direct response to your question but do note that using a "non-standard TLD" is very dangerous, specially since ICANN opened the gates to thousands of new gTLDs. There is a fair chance of collision between your pseudo-TLD and a future real one. A better practice would be to use a sub-domain of a domain you have. – bortzmeyer Oct 28 '12 at 21:34
  • I am aware of the risks, but the reward is worth it IMO. – Scott Oct 29 '12 at 15:04

1 Answers1

1

Technically you can add any domain names that you like to the PowerDNS authoritative server and it will serve those records.

However as non-standard TLDs are not delegated in DNS by the root nameservers you would need to instruct your caching nameserver to forward queries for this specific non-standard TLD to your authoritative server directly. This can be done in BIND via the forwarders statement and in PowerDNS recursor via a forward-zones configuration.

In addition to what bortzmeyer wrote here is also why it is best to keep authoritative and recursive DNS separated from each other: http://cr.yp.to/djbdns/separation.html

ZaphodB
  • 653
  • 3
  • 9
  • You can do it other way around; have PowerDNS auth server answer requests from client and forward it to recursor if they are not in DB; just not use that as outside-facing DNS – XANi Jan 14 '16 at 19:10