Spørgsmål

DNS won't resolve `localhost.direct` domain (or other localhost records)


Badge

Hi! My apologies - I don’t write Danish very well yet, I hope English is OK?

I have a question for the nice people who configure your DNS servers. :-)

I’m a software developer. For my work I run applications on my own laptop that need to be addressed over SSL, and since there is no such thing as an SSL certificate for the traditional `localhost` domain, I instead use the `localhost.direct` domain name and its certificate.

As of recently (in the last week or so?) I can no longer DNS-resolve the `localhost.direct` domain on my YouSee internet connection.

For example, on my MacOS machine, I might run the `dig` command and see the following:

```
$ dig localhost.direct

; <<>> DiG 9.10.6 <<>> localhost.direct
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31411
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;localhost.direct.        IN    A

;; Query time: 38 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Thu May 09 22:24:13 CEST 2024
;; MSG SIZE  rcvd: 45
```
Note that this does not contain an “;; ANSWER SECTION”; I can’t use this domain name!

That’s new - this used to work until very recently!

The sort of result I’d expect, and used to get (and still get if I activate a VPN) would look like:

```
$ dig localhost.direct

; <<>> DiG 9.10.6 <<>> localhost.direct
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51978
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;localhost.direct.        IN    A

;; ANSWER SECTION:
localhost.direct.    3600    IN    A    127.0.0.1

;; Query time: 13 msec
;; SERVER: 100.64.100.1#53(100.64.100.1)
;; WHEN: Thu May 09 22:23:08 CEST 2024
;; MSG SIZE  rcvd: 61

```

Until very recently, my YouSee router’s DNS would also return good results like this - but now it doesn’t.

I’m curious, why did this change? Should I change how I do local SSL development? If yes, why? :-D

Thank you!


5 Kommentarer

Omdømme 6
Badge +8

Stick with the vpn solution, maybe it’s the router’s sense security that tease you 🙂

Det lader ikke umiddelbart til at være Sense. Andre dnsresolvere returnerer 127.0.0.1. Det gælder for alle domæner, at routerens resolver returnerer et tomt ok-svar, når der peges på en privat ip.

Omdømme 7
Badge +9

Det lader ikke umiddelbart til at være Sense. Andre dnsresolvere returnerer 127.0.0.1. Det gælder for alle domæner, at routerens resolver returnerer et tomt ok-svar, når der peges på en privat ip.

Translation Service.

It doesn't appear to be Sense at first glance. Other dns resolvers return 127.0.0.1. It applies to all domains that the router's resolver returns an empty ok response when a private IP is pointed to.

Tilføjelse: Er der en teknisk grund til at gøre dette med vilje…

https://en.wikipedia.org/wiki/DNS_rebinding

Omdømme 6
Badge +7

Hi,

Try to take a look at your Hosts file on the Mac, here you can add all the DNS records you want, including “localhost.direct”. More to read here:

https://dreamithost.com.au/blogs/how-to-change-localhost-file-on-mac

or here:

https://kinsta.com/knowledgebase/edit-mac-hosts-file/

IF it is a Windows PC try take a look here:

https://dreamithost.com.au/blogs/how-to-change-localhost-file-on-windows

 

-Brian

Besvar