Skip to content

kamarya/dnsd

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DNSd

DNSd is a daemon a.k.a. service for Unix-like systems. It provides a local DNS backend complying (partially) with RFC 1035 in order to forward the queries/answers to/from Google Public DNS over HTTPS.

Google Public DNS offers DNSSEC-validating resolution over an encrypted HTTPS connection. DNS-over-HTTPS greatly enhances privacy and security between a client and a recursive resolver, and complements DNSSEC to provide end-to-end authenticated DNS lookups. -- Google Public DNS

Highlights

  • Ultra lightweight (disk and memory footage).
  • Full functionality behind the web proxy out of the box.
  • Minimalistic implementation approach.
  • Highly configurable through a simple config. file.
  • A Self contained package that depends only on libcurl.
  • Supported records are A,AAAA,CNAME,NS and MX.
  • Public key pinning

Build and Install

Build the software by running the following commands in the terminal.

make
make install

You may run the service in the background (as a daemon) by setting the config file path as follows.

dnsd -f /etc/dnsd.conf

After the daemon is successfully loaded, the local DNS service is available on the regular DNS port 53. If you are behind a web proxy server, you need to set its address and port in the configuration file.

If you would like to add DNSd as a service on your Linux machine, install the launcher (init and systemd) configuration files.

make linux-service
service dnsd start

For systemd you may need to run systemctl daemon-reload before starting the service.

For macOS systems install and launch the service as follows.

make macos-service
launchctl load -w /Library/LaunchDaemons/service.dnsd.plist

Obtain Public Key

openssl s_client -connect google.com:443 | openssl x509 -pubkey -noout

Verification

You can verify wether the service is accessible through

  • host -va github.com localhost
  • nslookup -port=5454 -query=mx github.com 127.0.0.1
Trying "github.com"
Using domain server:
Name: localhost
Address: 127.0.0.1#53
Aliases:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61907
;; flags: qr rd; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;github.com.			IN	ANY

;; ANSWER SECTION:
github.com.		299	IN	A	192.30.253.112
github.com.		299	IN	A	192.30.253.113
github.com.		899	IN	NS	ns-1283.awsdns-32.org.
github.com.		899	IN	NS	ns-1707.awsdns-21.co.uk.
github.com.		899	IN	NS	ns-421.awsdns-52.com.
github.com.		899	IN	NS	ns-520.awsdns-01.net.
github.com.		3599	IN	MX	1 aspmx.l.google.com.
github.com.		3599	IN	MX	10 alt3.aspmx.l.google.com.
github.com.		3599	IN	MX	10 alt4.aspmx.l.google.com.
github.com.		3599	IN	MX	5 alt1.aspmx.l.google.com.
github.com.		3599	IN	MX	5 alt2.aspmx.l.google.com.

Received 390 bytes from 127.0.0.1#53 in 178 ms

License

This software is licensed under the GNU GPLv3 license.

The user of this software (including the source code and the binary form) must read and accept the terms and conditions of Google Public DNS over HTTPS before usage.