Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Rust DNS Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
encrypted-dns-server
An easy to install, high-performance, zero maintenance proxy to run an encrypted DNS server.
-
doh-server
Fast, mature, secure DoH and ODoH server proxy written in Rust. Previously known as doh-proxy and rust-doh.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
agnos
Obtain (wildcard) certificates from let's encrypt using dns-01 without the need for API access to your DNS provider.
-
aardvark-dns
Authoritative dns server for A/AAAA container records. Forwards other request to host's /etc/resolv.conf
-
tunneler
Tunnel TCP or UDP traffic over TCP, (mutual) TLS or DNS (authoritative server or direct connection), implemented in Rust
-
dnsfun
DNS Server written in Rust for fun, see https://dev.to/xfbs/writing-a-dns-server-in-rust-1gpn
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Dog is cross platform and has some nice features, like json output.
https://dns.lookup.dog/
Project mention: Apnic: Cgnat is harming internet innovation (2022) | news.ycombinator.com | 2024-04-26[3] https://github.com/fujiapple852/trippy/issues/1104
Hello, Author of Pkarr here.
First I very much share your opinion of Mainline and IPFS. Mainline is a miracle.
As for the spec, I personally prefer working code first and at least won't allow for design by committee to turn a good thing to awful mess.
That being said, Pkarr is so simple that did-dht doesn't really rely on software, in fact they have their own Go implemntation.
I agree with you that Pkarr is better on its own without w3c complexity.
And I agree with you that stable simple ideas deserve spec, but the spec is simple so far (put DNS packet in BEP44 without salt), still, I owe everyone to write that down.
> The choice to sign an entire DNS packet seems very strange and probably hasn't been through through properly.
I did think about the encoding choice thoroughly, in fact the earliest version was just a JSON inside BEP44.
The reason why Pkarr signs the entire Packet, is because that is the most efficient way to pack the 1000 bytes limit in BEP44.
The reason we use DNS Packet is because I couldn't come up with any smart encoding that offers any non-marginal advantage vs using an old, tried and tested spec that would work great with plenty of encoder and parsers, and really fits the use case.
I understand that you think that leveraging DNS infrastructure doesn't make sense because they won't pass the signature, but so would be the case even if you sign individual RRs, in fact even if you try to use DNSSec, recursive resolvers have no way to verify these DNSSEC signatures because they don't understand that Pkarr TLD is the key and it doesn't need a certificate.
Using Pkarr through DNS infrastructure, is not trustless, but it is still good to have, 90% of DNS is not trustlees (doesn't use DNSSEC) and it is great to have.
If you want to use Pkarr in trustless way, then either use Mainline directly, or use the relays spec https://github.com/Nuhvi/pkarr/blob/main/design/relays.md
But if by a strike of luck we managed to convince 1.1.1.1 or 8.8.8.8 to resolve Pkarr TLDs, then sticking to DNS packet encoding will prove to be really useful, even if their answers are not trustless, at the very least, we are not forcing them to integrate with bespoke encoding for no reason at all.
If anyone thinks that this encoding is bad for their use case, they are welcome to use BEP0044 directly, but they won't benefit from the network of relays I and others will deploy for lowering latency with variant degrees of trustlessness, for that we need to agree on an encoding, and DNS Packet encoding is the choice that makes most sense, if only for the track record.
Finally, if you still have more questions, or arguments, please bring them to https://pkarr.org
Project mention: ClouDDNS: Turn your CloudFlare-powered site into a DDNS. | /r/selfhosted | 2023-05-19
Rust DNS related posts
-
DNS over Wikipedia
-
The Did DHT Method Specification 1.0
-
Public-Key Addressable Resource Records
-
Willow Protocol
-
DNS Toys
-
Dness: A Dynamic DNS Client
-
findomain VS amass - a user suggested alternative
2 projects | 24 Nov 2023 -
A note from our sponsor - InfluxDB
www.influxdata.com | 7 May 2024
Index
What are some of the best open-source DNS projects in Rust? This list will help you:
Project | Stars | |
---|---|---|
1 | dog | 5,793 |
2 | hickory-dns | 3,617 |
3 | trippy | 3,030 |
4 | dns-over-wikipedia | 1,127 |
5 | encrypted-dns-server | 901 |
6 | doh-server | 684 |
7 | edgedns | 498 |
8 | zeronsd | 470 |
9 | agnos | 290 |
10 | dcompass | 280 |
11 | aardvark-dns | 157 |
12 | dness | 114 |
13 | dingo | 113 |
14 | pkarr | 110 |
15 | tunneler | 62 |
16 | dnsfun | 41 |
17 | vodo | 23 |
18 | digs | 21 |
19 | faf-dns-proxy | 20 |
20 | cddns | 15 |
21 | domain-recon-rs | 12 |
22 | rsip-dns | 8 |
23 | gandi-live-dns-rust | 6 |
Sponsored