Ubuntu
avahi package

  1. Bug #80900
  2. Comment #25

Comment 25 for bug 80900

Revision history for this message
Loye Young (loyeyoung) wrote : Re: problems resolving fully qualified domain names in environments where .local is used as a TLD

My company has come up against this problem time and again. Our most reliable solution is to purge avahi-daemon, avahi-autoipd, and libnss-mdns, which allows networking to work automatically.

> on a large network avahi plays a large role in finding
> shares and printers

Printer recognition still works the right way, in part because CUPS depends on avahi client libraries that allow it to hear the printer. (It's rarely a problem anyway because the printer setup can scan for print servers listening on port 9100.)

The practice of using .local is problematic in every case because it's not a IANA TLD. (The current legal TLDs can be found at http://data.iana.org/TLD/tlds-alpha-by-domain.txt) Leakage from private networks causes a burden on the IANA servers and needlessly soaks up bandwidth on the Internet at large. (It is estimated that About 1/4 to 1/2 of the 206 traffic sent to the Root DNS Servers are related to the .local zone.) Several recommendations have been floated to solve the problem, but the problem persists. See, e.g., http://www.tools.ietf.org/html/draft-kato-dnsop-local-zones-00 (2003), http://www.isaserver.org/tutorials/2004illegaltldsplitdns.html (2005) (recommending split DNS zones and providing detailed implementation instructions), http://staff.science.uva.nl/~delaat/sne-2006-2007/p21/report.pdf (2007), http://ftp.kaist.ac.kr/pub/internet-drafts/draft-hardaker-dnsops-name-server-management-reqs-03.txt at Section A.1 (2008), http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-04.txt (2008).

From a best practices standpoint, we are recommending to business clients that networks using "example.local" networks (e.g., MS Active Directory networks) change to "local.example.com", and in the rare cases where avahi is useful, reconfigure avahi to broadcast on and listen for "mdns.example.com", "avahi.example.com", or other non-ambiguous FQDN. The public DNS server adds an A record for local.example.com mapping to the IP address of the public resource administering the local namespace, and the private DNS server would be configured like any other server for the namespace. Using this practice, any leakage to the public Internet is handled seamlessly by DNS. Further, in view of several proposals for .local to be recognized as a TLD, any future formalization to the .local namespace would not affect the local network.

Best practice for home users or other instances where the network does not have a registered FQDN would be to set the fallback avahi domain to local.avahi.org and add to the /etc/resolv.conf file "search local.avahi.org". Again, any leakage would fail without burden to the Internet (or at least only to the avahi.org domain and not the public IANA servers). Implementation is easily accomplished by editing the resolvconf scripts.

Happy Trails,

Loye Young
Isaac & Young Computer Company
Laredo, Texas
http://www.iycc.biz