c41467a15b2b53ca7e171d9bd684d8727e727ed8
services/Services-DNS.md
| ... | ... | @@ -1,39 +0,0 @@ |
| 1 | -# DNS |
|
| 2 | - |
|
| 3 | -*(tl;dr)* We have a TLD for dn42, which is `.dn42`. The anycast resolver for `.dn42` runs on `172.22.0.53`. |
|
| 4 | - |
|
| 5 | -**DNS is build from [[whois database|Services Whois]]. So please edit your DNS-records there.** |
|
| 6 | - |
|
| 7 | -## Using the DNS service |
|
| 8 | - |
|
| 9 | -Below are several ways to use the `dn42` DNS service, from easiest to more challenging. The recommended method is the second one. |
|
| 10 | - |
|
| 11 | -### Using the anycast resolver directly |
|
| 12 | - |
|
| 13 | -Please be aware that this method sends **all** your DNS queries (e.g. `google.com`) to a random DNS server inside dn42. The server could fake the result and point you towards the russian mafia. They probably won't, but think about what you are doing. At the end of the day, your ISP could be evil as well, so it always boils down to a question of trust. |
|
| 14 | - |
|
| 15 | -To do this, just use `172.22.0.53` as your resolver, for instance in `/etc/resolv.conf`. |
|
| 16 | - |
|
| 17 | -### Forwarding `.dn42` queries to the anycast resolver |
|
| 18 | - |
|
| 19 | -If you run your own resolver (`unbound`, `dnsmasq`, `bind`), you can configure it to forward dn42 queries to the anycast DNS resolver. See [[DNS forwarder configuration|Services DNS Configuration]]. |
|
| 20 | - |
|
| 21 | -### Recursive resolver |
|
| 22 | - |
|
| 23 | -You may also want to configure your resolver to recursively resolve dn42 domains. For this, you need to find authoritative DNS servers for the `dn42` zone (and for the reverse zones). See [[Recursive DNS resolver]]. |
|
| 24 | - |
|
| 25 | -### Building the dn42 zones from the registry |
|
| 26 | - |
|
| 27 | -Finally, you may want to host your own authoritative DNS server for the `dn42` zone and the reverse zones. The zone files are built from the monotone repository: scripts are provided in the repository itself. |
|
| 28 | - |
|
| 29 | -## Register a `.dn42` domain name |
|
| 30 | - |
|
| 31 | -The root zone for `dn42.` is built from the [[whois registry|Services Whois]]. If you want to register a domain name, you need to add it to the registry (of course, you also need one or two authoritative nameservers). |
|
| 32 | - |
|
| 33 | -## DNS services for other networks |
|
| 34 | - |
|
| 35 | -Other networks are interconnected with dn42 (ChaosVPN, Freifunk, etc). Some of them also provide DNS service, you can configure your resolver to use it. See [[External DNS]]. |
|
| 36 | - |
|
| 37 | -## Providing DNS service |
|
| 38 | - |
|
| 39 | -See [[Providing Anycast DNS]]. |
|
| ... | ... | \ No newline at end of file |
services/services/DNS.md
| ... | ... | @@ -0,0 +1,39 @@ |
| 1 | +# DNS |
|
| 2 | + |
|
| 3 | +*(tl;dr)* We have a TLD for dn42, which is `.dn42`. The anycast resolver for `.dn42` runs on `172.22.0.53`. |
|
| 4 | + |
|
| 5 | +**DNS is build from [[whois database|Services Whois]]. So please edit your DNS-records there.** |
|
| 6 | + |
|
| 7 | +## Using the DNS service |
|
| 8 | + |
|
| 9 | +Below are several ways to use the `dn42` DNS service, from easiest to more challenging. The recommended method is the second one. |
|
| 10 | + |
|
| 11 | +### Using the anycast resolver directly |
|
| 12 | + |
|
| 13 | +Please be aware that this method sends **all** your DNS queries (e.g. `google.com`) to a random DNS server inside dn42. The server could fake the result and point you towards the russian mafia. They probably won't, but think about what you are doing. At the end of the day, your ISP could be evil as well, so it always boils down to a question of trust. |
|
| 14 | + |
|
| 15 | +To do this, just use `172.22.0.53` as your resolver, for instance in `/etc/resolv.conf`. |
|
| 16 | + |
|
| 17 | +### Forwarding `.dn42` queries to the anycast resolver |
|
| 18 | + |
|
| 19 | +If you run your own resolver (`unbound`, `dnsmasq`, `bind`), you can configure it to forward dn42 queries to the anycast DNS resolver. See [[DNS forwarder configuration|Services DNS Configuration]]. |
|
| 20 | + |
|
| 21 | +### Recursive resolver |
|
| 22 | + |
|
| 23 | +You may also want to configure your resolver to recursively resolve dn42 domains. For this, you need to find authoritative DNS servers for the `dn42` zone (and for the reverse zones). See [[Recursive DNS resolver]]. |
|
| 24 | + |
|
| 25 | +### Building the dn42 zones from the registry |
|
| 26 | + |
|
| 27 | +Finally, you may want to host your own authoritative DNS server for the `dn42` zone and the reverse zones. The zone files are built from the monotone repository: scripts are provided in the repository itself. |
|
| 28 | + |
|
| 29 | +## Register a `.dn42` domain name |
|
| 30 | + |
|
| 31 | +The root zone for `dn42.` is built from the [[whois registry|Services Whois]]. If you want to register a domain name, you need to add it to the registry (of course, you also need one or two authoritative nameservers). |
|
| 32 | + |
|
| 33 | +## DNS services for other networks |
|
| 34 | + |
|
| 35 | +Other networks are interconnected with dn42 (ChaosVPN, Freifunk, etc). Some of them also provide DNS service, you can configure your resolver to use it. See [[External DNS]]. |
|
| 36 | + |
|
| 37 | +## Providing DNS service |
|
| 38 | + |
|
| 39 | +See [[Providing Anycast DNS]]. |
|
| ... | ... | \ No newline at end of file |