6

We are using an ".intranet.local" domain for our internal network. For years the ".local" domain seemed to be a sane choice for local networks running on private (RFC 1918) IP addresses. Today we learned that ".local" is nowadays used for zeroconf network services. Our first software that breaks here is "Psi" (the Jabber client) which only sends multicast DNS (mDNS) queries to find the given Jabber server and fails because no service/server is listening on 224.0.0.251. It doesn't use a fallback to regular (unicast) DNS and thus fails.

It would be rather complicated to move our company network to another internal domain. Do we have another choice? Like running a network service that translates mDNS requests to unicast DNS requests on our local DNS server.

I tried "avahi-daemon" on our (Linux) gateway but couldn't find a configuration where mDNS would get forwarded/translated to unicast DNS. In addition the Avahi documentation warns:

"If you come across a network where .local is a unicast DNS domain, please contact the local administrator and ask him to move his DNS zone to a different domain. If this is not possible, we recommend not to use Avahi in such a network at all."

Next I hoped that our bind name server could answer mDNS requests but apparently it can't.

What is the best choice in our situation? Thanks in advance.

Signum
  • 1,228
  • 1
  • 12
  • 14

2 Answers2

6

Just for additional reference - don't know if it comes in handy with your setup: We're also running a .local network. On Ubuntu machines I've discovered that the mdns interferes with the setup unless you change /etc/nsswitch.conf:

By default this file contains the line

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4

You need to place the "dns" prior to the [NOTFOUND=return] section.

Took a while to hunt down - The ubuntu community support on launchpad was of great help with this. (See my question there for the nature of the problems we had with the setup prior to changing nsswitch.conf)

Olaf
  • 908
  • 5
  • 7
  • Thanks for your answer. Yes, I found that on the Wikipedia page describing "zeroconf", too. But it didn't solve it here. Psi (which is the main application causing trouble here) insists on doing mDNS queries. Perhaps it doesn't use the nsswitch.conf properly although I'd be surprised as every application is supposed to use system calls like gethostbyname() - which in turn uses the nsswitch.conf (formerly host.conf). – Signum Dec 11 '09 at 23:55
1

Actually, .local was never reserved for use for local domains, and its more recent (mis)appropriation for mDNS is somewhat controversial, although mDNS is (AIUI) likely to be approved by the IETF soon.

Some of our staff use Psi and we don't have an mDNS server.

Have you checked that Psi won't accept SRV records from unicast DNS instead:

$ORIGIN intranet.local.
_jabber._tcp       IN SRV   0 0 5269   server-hostname
_xmpp-server._tcp  IN SRV   0 0 5269   server-hostname
_xmpp-client._tcp  IN SRV   0 0 5222   server-hostname
Alnitak
  • 20,901
  • 3
  • 48
  • 81
  • I have set up records to forward _tcp.intranet.local to the Windows domain controller in our bind nameserver's "intranet.local" zone. Without it the Windows clients refused to join the Windows domain. (I'm not at all the Windows guy here. Just copied things from the Windows server that was previously in charge of DNS.) The queries I see in a tcpdump are: MDNS Standard query SRV _xmpp-client._tcp.jabber.intranet.local, "QM" question and MDNS Standard query A jabber.intranet.local, "QM" question But none of this get a response. I don't see Psi trying unicast DNS queries. – Signum Dec 11 '09 at 19:21