In previous posts we discussed considerations for building a Home Lab and for deciding on network ranges to use. Once we know the networks we will be using, its time to start thinking about services that will be required. For me the first service is always Domain Name Server (DNS). This is a foundational building block for many systems which expect forward and reverse lookups to be working before you deploy (like vCenter Server).
Its somewhat common to see folks use a name in the reserved top-level domain of .local suffix, like corp.local. I’m not a fan of this practice, as RFC 6762 spells out special considerations for this domain, and that it should be used for link-local names only.
I’ve also seen folks use domains with a common top-level domain, like bwuchlab.com. As of this writing that domain is available for sale, so there wouldn’t be any conflict or such if I started using it internally without registering the domain. I feel like this is a bad practice as someone else could buy that domain, I’d have no control over it, but may have some documentation or screenshots that include that name. I prefer to use a name that I own. For example my internal DNS domain is lab.enterpriseadmins.org. I already own the domain enterpriseadmins.org and have control over who would get to use the subdomain LAB. If I wanted to create an external DNS host name of something.lab.enterpriseadmins.org, I could do that no problem and could even get an SSL certificate issued for that name if needed. I wouldn’t be able to do this with a domain that I don’t own.
If you don’t need/want to own a domain name, another good option is to use a reserved name. For example, RFC 2606 reserves the names example.com, example.net, and example.org for documentation purposes. You could use them in your internal network without prior coordination with the Internet Assigned Numbers Authority (IANA). This works well as you can take screenshots and such for documentation where example names in screenshots work, for example:
Once we have selected the DNS names that we are going to use, we also need to figure out a way to get our clients to point at our DNS server for resolution. I don’t like pointing clients directly at my lab infrastructure for name resolution. Just like I mentioned in a previous post about Home Lab Networking, I don’t want a lab problem to prevent the TV from working. There are a couple of options in this space, I’ve included a few options below with links to more information.
- Pi-Hole — whole network ad-filtering and conditional DNS forwarding: https://enterpriseadmins.org/blog/lab-infrastructure/setting-up-pi-hole-dns/
- Mac etc/resolver: https://blog.scottlowe.org/2013/08/14/using-your-home-dns-servers-with-corporate-vpns/
- Windows Name Resolution Policy Table (NRPT): http://www.patrickkremer.com/per-zone-dns-resolution-for-homelabs/