“.home.arpa” for A records.

I run my own CA and DNS, and can create vanity TLDs like: a.git, a.webmail, b.sync, etc for internal services. These are CNAMEs pointing to A records.

do not use .local, as tempting as it may be

use .home personally

RFC 6762 defines the TLDs you can use safely in a local-only context:

*.intranet
*.internal
*.private
*.corp
*.home
*.lan

Be a selfhosting rebel, but stick to the RFCs!

dot lan. I don’t need let’sencrypt. I just ceeate my own CA, my own (wildcard) certificates, and install the CA into all my boxes that I want or need to have certificate verification succeeding.

In home decided to use .dot because for some reason chrome and chromium based do not automatically redirect it to https ,(at least for now) when you just type in the address in address bar, and do not redirect to search. So much more comfortable… why?.. ok, it maybe break access to all .dot sites but I never see something for me in that zone so so don’t care

i made up a not real, non-standard TLD that i use lol (.null)

I have a self signed CA that all my devices trust. Getting a real domain and just using that, with LetsEncrypt, would not have required me to explicitly trust my own CA, but hey, my system works.

and i know i know, RFCs, but it works, and doesn’t break anything.

https://datatracker.ietf.org/doc/html/draft-chapin-rfc2606bis-00

I use .host because .internal is too long to type and .local is a pita, but mostly because the browser actually tries to go there instead of some stupid search engine that tracks that kind of info and I don’t have to remember to put a slash at the end.

I use `.home.arpa` as that is the “official” use of that domain.

My TLDs are:
.lan = management/wired vlan
.mobile = primary wifi
.iot = locked down for iot/home automation devices .guest = guest wifi

The domain for each is my public .io domain.

Being a bit of a rebel myself. I use ONLY a tld, and where subdomains would be used, I use domain.tld

This has lead me to discover quite a few projects out there that don’t parse domain names correctly, especially when you want to use an email like admin@tld and it cries because you have no dot.

I use .lan as it’s shorter and IMO nicer looking than .local

I have 2 registered tlds in .dev and .net. I split their use using .net for personal/selfhosted sites and .dev for public facing.

Everything at my house has a TLD named after the road I live on (a founding father last name). Everything at my offsite at my dads house uses TLD named after the road he lives on (a woman’s first name).

It’s both arbitrary and practical. A number systems exist at both such as proxmox. truenas. pihole. plex. So it’s a good way to tell them appart without having to differentiate them in the domain name.

I own a domain I purchased thru cloudflare.

public facing services are say xyz.mydomain.com

internal facing is xyz.local.mydomain.com

This was internal access pipes into pihole, DNS directs it to Traefik on my server, then to the internal service. Not internet dependent.

Managed to buy a really sweet domain so using that for both mail and local domain

currently I have names for my machines in my /etc/hosts files across some of my machines

A better way is to set the DHCP server to resolve local too via DNS.

So in my case proxmox.mydomain.com and proxmox both resolve to a local IP…without any need to configure IPs manually anywhere.

On opnsense it’s under Unbound >> Register DHCP Leases