I never thought about the search domain setting in my network settings. It was set to
(cause I use one of their routers) and I never knew why. It was just… there.
Because of a toot by Katze, I got a bit hooked what that thing called actually is.
What’s the search domain?
Basically, if you have a search domain set, like my router did it, you can resolve arbitrary, uh, subdomains. It’s useful for company networks and especially internal DNS systems.
For example: If you set the search domain to
acme.org, people can resolve
meow in their browser. The domain would be resolved like this:
- ooooh, you don’t have a top level domain on this request. Imma ask
acme.orgto resolve this.
- I can send my request to
10.0.13.12, yaay! :3
Can I use that for my own network?
Theoretically yes. Practically, it’s complicated. The reason for that is DNS rebinding, a method of DNS spoofing. The technical details are explained in the linked Wikipedia article.
However, as a safety precaution, certain routers, like my beloved (ahem) Fritz!Box do have a
filter for such DNS requests. Even if I’d set the A record for
192.168.178.100, the router would block such DNS requests.
With DNS over HTTPS (DoH) or DNS over TLS (DoT), I could easily circumvent such filters. But that’s something to explore on another day.