I should clarify I wasn’t a upper level sys admin managing those servers, I just used them or maintained accounts being a rank and file technician
While I get the fundamental concept of DNS as a phonebook for your IPs. I am not sure why it is joked around if something goes haywire or someone breaks something.
Is it because if you get no DNS, people can’t log in through their AD accounts, browse the Internet?
Afaik DNS is a bit of a rabbit hole topic, maybe that’s why people joke about it due to DNS being this “No one really knows how this magic name matching box works”?
Please correct me, I’d genuinely like to know why this is prevalent from you guys.
The worst part isn’t even that they don’t understand it, but that they think they know everything about it after learning the basics. Suddenly you get people blocking port 53/udp “because DNS uses UDP” and people using .dev and .local as internal domain names.
Still not as misunderstood as NTP, though.
what’s wrong with .local?
It’s fine to use if you’re using it for Bonjour/mDNS (which is enabled by default on basically everything these days). If not, any computer in your network can take on a .local domain of their choosing and your computers will happily resolve it before hitting the DNS server, or you may end up in a race between normal DNS and mDNS. Or you can manually disable mDNS on every machine and hope nothing else causes conflicts, I guess.
If you need a TLD for fake internal domains, use .internal; that has recently been reserved for internal use and won’t end up in any standard protocols. There’s also a weaker blacklist list that’s part of the gTLD application process which includes .local, but that’s not necessarily set in stone.
If anyone you know claims to have expertise in the computer field and doesn’t know everything about DNS (there’s not much to know) then those people are clueless and by no means are they experts.
But there is. Between DNSSEC and EDNS you need to stay on top of stuff or your assumptions may be wrong. many supposed facts about DNS were assumptions by textbook authors that were invalidated years later, and that’s with the stuff that complies with the standards.
DNS from the 20th century was simple modern DNS really isn’t.