search

boxen / puppet-dnsmasq

Install the dnsmasq DNS forwarder.
http://boxen.github.com
MIT License
9 stars 29 forks source link

Change default TLD to stop conflicting with the real internet #16

Closed indirect closed 6 years ago

indirect commented 9 years ago

So .dev has been sold by ICANN, and has a registry and root name servers. This means that Boxen is now (potentially) blocking legitimate sites by using .dev for local development. Are there plans to update the default domain to something that isn't actually part of the real internet?

celkins commented 9 years ago

Previously: https://github.com/boxen/puppet-dnsmasq/issues/4#issuecomment-55502419

spacepants commented 7 years ago

FYI: An update to Chrome forces .dev domains to HTTPS via preloaded HSTS which would effectively break the default TLD for local dev without SSL.

jacobbednarz commented 7 years ago

17 allows the ability for this to be configured for now. I cut the 2.0.3 release a few days ago and before changing the default, I'm allowing cut over time for everyone to gradually roll it out to their teams (since chrome is the only browser doing this for now).

EugenMayer commented 6 years ago

It does not work for me, switched to .local, seen the changes to the config and also see them in /opt/boxen/config/dnsmasq/dnsmasq.conf ... but still .dev resolves to 127.0.0.1 - .local ist not able to be resolved at all

EugenMayer commented 6 years ago

did some digging

so that is there, removed /etc/resolver/dev and also dev.dnsmasq.plist -0 ensured all launchd of dnsmasq are down, and the used this to start it again

sudo launchctl load /Library/LaunchDaemons/local.dnsmasq.plist

while dig @127.0.0.1 d.local works and resolves to 127.0.0.1

dig d.local will not work. The scoped DNS setting seems to be there 

resolver #8
  domain   : local
  nameserver[0] : 127.0.0.1
  flags    : Request A records, Request AAAA records
  reach    : Reachable, Local Address, Directly Reachable Address

Any clues?

EugenMayer commented 6 years ago

Interesting, found

resolver #2
  domain   : local
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : Not Reachable
  order    : 300000

could that be the cause?

If i add local to the search domains, it starts working. I am connected to a gateway which sets a search domain to something.ourcomp.com - is that the root of the issue?

EugenMayer commented 6 years ago

Well, that is an issue and expected https://support.apple.com/en-us/HT203136 .. not sure it was a good idea to go for .local here.

confiming that switching to lan, pkill dnsmasq ( since unload does not work ) and then start again with sudo launchctl load /Library/LaunchDaemons/dev.dnsmasq.plist will work.

We also might have a something fishy here, a /Library/LaunchDaemons/local.dnsmasq.plist is created without any use

also one needs to remove /etc/resolver/dev and /etc/resolver/local to cleanup

jacobbednarz commented 6 years ago

Well, that is an issue and expected https://support.apple.com/en-us/HT203136 .. not sure it was a good idea to go for .local here.

We've moved to test internally for that exact reason.

also one needs to remove /etc/resolver/dev and /etc/resolver/local to cleanup

This was a bug I introduced in #17 however was fixed in #24 a few days back and a new release cut for it. Are you able to update to 2.0.5 and let me know if this fixes the issue for you?