c4lab
server
I want to setup a DNS server for alias all the server in the internal networks.
It's possible to use ansible to update all /etc/hosts
in each server. However it is not a elegant way.
Thus, I setup the coredns and try to figure out the configuration for supporting all commonly used protocols (plain, https, tls) and test them one by one. Finally, I will set this DNS IP:port in our main router.
Github: https://github.com/coredns/coredns
Document: https://coredns.io/manual/toc/
How to setup:
Option 1. Running in Docker
Option 2. Compile and run the binary
https://github.com/ameshkov/dnslookup
I think this is the best tool, it cover all protocols and it is easy to use.
Example output
Corefile
You can custom your own alias in hosts blocks, it is the same format as /etc/hosts
.
You can also use alias of name i.e. taiwania1 will response the IP of clogin1.twnia.nchc.org.tw.
If the query not match in hosts, it will catch the query and redirect to the upstream 1.1.1.1 (with TLS).
docker run parameters
and test
And coredns will logs:
[INFO] 10.0.2.100:45241 - 24292 "A IN google.com. udp 51 false 4096" NOERROR qr,rd,ra 478 0.089646393s
Append the Corefile
with
Our fullchain.pem
and privkey.pem
are got from Let's Encrypt me. You can set your own certifications and key file.
All the query will redirect to the plain DNS internally.
docker run parameters
test
Append to Corefile
with
The same as DoT, almost.
docker parameters
test
Corefile
and
log
is removed in production
DoT https://datatracker.ietf.org/doc/rfc7858/
DoH https://datatracker.ietf.org/doc/rfc8484/
Example Output
output
The query sequence dns=...
and the output is base62 encoded sequences (I don't know either).
However, Cloudflare provided anthor way to make the query in json format.
But this method doesn't support by coredns. issue
output
doh is another tool that can query in json format.
Thus, It doesn't support to query to coredns.
output