Nine DNS is a flexible DNS server that offers DNS resolution based on the question source.
NineDNS aims to provide a flexible way to resolve DNS records.
You can match different question source by cidr, port, protocol, and so on.
Clients can use different dns resolve based on their network environment.
For example, you can filter clients by cidr, and resolve different dns records for them.
Moreover, NineDNS supports retrieving DNS records from remote databases such as MySQL or PostgreSQL.
It's easy to manage DNS records in a centralized way.
NineDNS can integrate as part of cloud-native components. It supports cache sharing, load balancing, and log tracing.
The reason why we create NineDNS is to provide a flexible way to resolve DNS records according to the question source.
For example, you can match different question source by cidr, port, protocol, and so on.
Clients can use different dns resolve based on their network environment.
You have your server deployed intranet and exposed server port via a jump server or tunnel.
And you want to resolve server domain to intranet ip when clients are in intranet, and resolve to public ip when clients are outside.
This is a typical use case of NineDNS. You simply NS your domain to NineDNS server, and configure NineDNS to resolve domain based on client's network environment, cidr for example.
To be a full-featured DNS server, NineDNS supports retrieving DNS records from remote databases such as MySQL, files, lark, and so on.
Just like any Cloud DNS Providers, you can manage DNS records easily in a centralized way.
Define a config:
{
"addr": ":53", // listen address
"debug": true, // debug mode
"domains": { // dns resolve domain key-value pairs. domain <===> resolve config
"example.com": {
"authoritative": true, // authoritative mode
"recursion": false, // recursion mode
"upstream": "223.5.5.5:53", // upstream dns server, only works in recursion mode
"ttl": 600, // default ttl, attention: ttl is server level, not record level. server re-fetch record source ttl
"providers": { // record source providers. Read [Record Provider](#record-provider) for more details
"mysql": "root:123456@tcp(localhost:3306)/dns",
"sqlite": "dns.db"
},
"rules": { // dns resolve match rules. name <===> rule. Name is also used as table name in mysql record source
"all": {
"cidrs": [ // cidr match
"0.0.0.0/0"
],
"ports": [
"1-65535" // port match
]
}
}
}
},
"redis": { // redis config
"addr": "localhost:6379",
"db": 8
}
}When a dns question comes in,
NineDNSwill find a rule defined that both matches the domain name and the rules. Then look for records in the record source defined in the rule.
Read Record Provider for more details about providers.
And that's all! Run NineDNS with config file now:
$ ninedns -c config.json
NineDNSauto-loadsninedns.jsonin current directory if-cis not specified.
Download from releases page.
| Name | Description |
|---|---|
ninedns-mini |
NineDNS binary without most providers. |
ninedns |
NineDNS binary with mysql provider and file providers |
ninedns-full |
NineDNS binary with all providers. |
Special thanks to miekg's graceful and well-designed go dns library miekg/dns