Rouge DNS entry



  • Just found this in a public DNS zone:

    localhost               3D IN A         127.0.0.1

    Why would anyone do that?

    (For those who don't know, it basically points (say) localhost.initech.com to your own computer, in case good old plain "localhost" isn't adequate.)


  • Trolleybus Mechanic

    @Daniel Beardsmore said:

    Why would anyone do that?

    (For those who don't know, it basically points (say) localhost.initech.com to your own computer, in case good old plain "localhost" isn't adequate.)

     

    I can think of two likely scenarios, both dealing with running a "local" copy of some website.

    The first is that there's something that requires the hostname to function. It may be "If hostname does not includes EXAMPLE.COM, hide debug message". Or it could be they have some third party plugin whose license key is hashed with the hostname. If you try to run it on localhost, it gives you a "not authorized for this domain" error, while localhost.example.com.

    Actually, a third likely scenario:

    User: I need to run a local copy of our AwesomeExample.Com website.

    Tech: Just copy it to c:\example, and access it with localhost

    User: It doesn't work. I used localhost.

    Tech: Just type localhost instead of the normal website.

    User: I did. 

    Tech: Spell it out for me

    User: l o c a l.. no space... h o s t...

    [insert fifty minutes of back and forth]

    User: I did. localhost.awesomeexample.com.

    Tech: Nonononon,ffs, just type localhost, nothing else,  and... you know what {dns change} never mind. I rebooted the name matrix or some crap like that. Try now.

    User: Yay, it works!

     

     



  • Maybe they thought the usual terminal-like green-on-black wasn't, dunno, stylish enough, and changed the DNS color pallete?



  • Here's my two guesses:

    1) Someone generated a zone file from a hosts file, forgot to ignore localhost?

    2) Somebody heard about malware that modifies host files to point to nasty places and decided they would "protect" all their users from a central location? (Yes, I know about the usual search precedence for DNS lookups, I'm assuming "they" don't).



  • @atipico said:

    Maybe they thought the usual terminal-like green-on-black wasn't, dunno, stylish enough, and changed the DNS color pallete?

    The code sample quoted seems to have no rouge at all. I'm confused.

    In other news, I find it really hard to get worked-up about this "WTF." So they want to call localhost something else. Who cares?



  • The "typo" of "rouge" was just me being frivolous.

    And I'm not angry about this DNS entry – I found it most amusing. I can understand someone pointing a different DNS entry to localhost as some sort of workaround, or "localhost" to a non-localhost machine, but not this.

    Blakey, if you don't lighten up we'll be forced to tie you down and force-inhale you nitrous oxide.



  • @Daniel Beardsmore said:

    The "typo" of "rouge" was just me being frivolous.

    Suuure. You did that on purpose. We all believe you.

    @Daniel Beardsmore said:

    Blakey, if you don't lighten up we'll be forced to tie you down and force-inhale you nitrous oxide.

    If you want funny shit on this board, then write it your damn self.



  • I don't think it's that huge of a WTF, my main web hosts adds it by default for a new domain and I've seen it at least at one other hoster .It has a number of practical uses:

    • Using a valid not-self signed certificate for your dev environment, or even the same as the main website (wildcard certificate or adding localhost.domain.com as an alias)
    • Better communication between dev and production e.g. browsers won't let xmlhttprequests go from localhost to x (and definitly not vice-versa) but subdomains are usually less restricted
    • Testing your DNS config (e.g. pinging localhost.x.com while the main x.com server isn't up yet)

    And surely one can think of more.



  • Oh, sorry, it might help to clarify – this is their public DNS for their websites etc. Local, Windows domain DNS is completely unrelated and isolated. Yes, if the two were the same, it might be different.



  • Yes, I was talking about public DNS too.

    It's never necessary, but it isn't really a WTF.



  • @blakeyrat said:

    If you want funny shit on this board, then write it your damn self.
    Q: What's the title of Sarah Palin's book of makeup tips?

    A: Going Rouge



  • For what it's worth, “rouge” was intentional (it took a moment to remember how to spell “rouge” as opposed to “rogue”). All other typos can be blamed on my absurdly expensive keyboard.



  • @cconroy said:

    @blakeyrat said:

    If you want funny shit on this board, then write it your damn self.
    Q: What's the title of Sarah Palin's book of makeup tips?

    A: Going Rouge

     

    Q: What do you call it when a spy begins an unofficial mission in a Paris strip club?

    A: Moulin Rogue.


     



  • @cconroy said:

    @blakeyrat said:

    If you want funny shit on this board, then write it your damn self.
    Q: What's the title of Sarah Palin's book of makeup tips?

    A: Going Rouge

     

    Hate to break this to you, but I've got a book called Going Rouge with a picture of Palin on the cover.  It's subtitled An American Nightmare and describes in detail what a disaster it would be to let her anywhere near a position of power.

     



  • @Daniel Beardsmore said:

    Just found this in a public DNS zone:

    localhost               3D IN A         127.0.0.1

    Why would anyone do that?

    Because the first result on Google for "example bind zone" has it?



  • Have seen this a couple of times. (I don't know why it's done, though. Guess some broken software that tries to add the global domain suffix everywhere...)

    Really WTFy is if you use that name as reverse DNS for the IP your outbound internet traffic uses.

    There are a few Webalizer-style apps (and of course lots of websites too) that break if reverse lookup followed by forward lookup results in 127.0.0.1. (Of course, you cannot send mail either afterwards, but maybe you route outgoing port 25 traffic over a different source IP anyway?)



  • @Buzer said:

    Because the first result on Google for "example bind zone" has it?

    There's a lot in there that's different – not just the practice of assigning public IP addresses to PCs (been a long time since I last saw that!) but also giving every PC its own MX record – I don't think that's remotely meaningful in an Outlook/Exchange environment. (Besides, even when I read examples, I do prefer to have some idea of what exactly the example is doing.)

    I guess the whole issue is contextual – in the context in which I found the entry (public DNS served by the ISP, since the domain was purchased through them, probably in the same package) it's completely nonsensical. It gave me a good laugh, even if it's dull as lead to everyone else.


  • Considered Harmful

    I'm pretty sure I know why this is because I have to manually edit my hosts file at work to have someapp.localhost.initech.com. The answer is: single sign on.

    I need to share authentication cookies with .initech.com, even while testing locally.



  • @Daniel Beardsmore said:

    Why would anyone do that?
    This used to be a requirement for .si zones (they used to do some basic checking on the DNS servers for domain before they added them to the top-level servers for .si, and one of the checks was that localhost subdomain was present and pointing to 127.0.0.1; this was when access to .si domains was limited to local companies, where the domain name had to match the official company name).



  • This thread is like the Raymond Chen of networking …


Log in to reply