Difference between Search Domain & Local Domain

Follow

Comments

6 comments

  • Avatar
    Sukumar Patel

    Glad that you clarified this. I was always confused between the two. Also glad that it's going away in the future

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    This says to create a file under /home/pi/.firewalla/config/dnsmasq_local but the code says to echo to a folder.... Which is it?

    echo "local=/lan/127.0.0.2" >> /home/pi/.firewalla/config/dnsmasq_local 

    Or should it be:

    echo "local=/lan/127.0.0.2" >> /home/pi/.firewalla/config/dnsmasq_local/new_file

    Does this allow multiple search domains?

    0
    Comment actions Permalink
  • Avatar
    Matt Niswonger

    @James - you can create any file in /home/pi/.firewalla/config/dnsmsaq_local.  You have to add one line per search domain you want to filter.

    Example of /home/pi/.firewalla/config/dnsmsaq_local/staylocal

    local=/lan/127.0.0.2
    local=/local/127.0.0.2
    local=/guest/127.0.0.2

    @Firewalla - another related issue is that the Firewalla uses upstream DNS for reverse lookups of local addresses.  Any suggestions on how to stop this as well?

    0
    Comment actions Permalink
  • Avatar
    Alak

    I think that it is important to point out that in order for for search and local domain names for devices to be resolved, DNS Booster must be enabled to allow Firewalla to intercept DNS requests and resolve those names.

    An example scenario that can come up is if you decide to use Pi-hole as your DNS server and you turn off DNS Booster because you want Pi-hole to log DNS requests from individual clients on your network.   This will break the resolution of <device>.lan names.  With DNS Booster enabled, all DNS requests go first to Firewalla and Pi-hole only sees one client, Firewalla.  You have to choose between those 2 configurations.

    0
    Comment actions Permalink
  • Avatar
    Alak

    I just wanted to let people know that adding this Firewalla DNS configuration setting broke my ecobee4 Alexa voice service functionality.

    local=/lan/127.0.0.2

    ecobee4 seems to be making DNS queries to eva.ecobee.com.lan for some reason and they might need to go through to a real DNS server even though the DNS response is NXDOMAIN (invalid domain).  Not sure if someone has an explanation about this?

    0
    Comment actions Permalink
  • Avatar
    Matt Niswonger

    @Alak,

    It sounds like you have a DNS problem if your Ecobee is trying to resolve domains with .lan appended as the TLD.  I'll have to test this with my Ecobee thermostat, I didn't both creating dnsmasq entries for search domains after I upgraded to 20.04.  You should probably open a ticket with support so they can review.

    0
    Comment actions Permalink

Please sign in to leave a comment.