coredns/README.md

# CoreDNS

CoreDNS is DNS server that started as a fork of [Caddy](https://github.com/mholt/caddy/). It has the
same model: it chains middleware.

## Status

I'm using CoreDNS is my primary, authoritative, nameserver for my domains (`miek.nl`, `atoom.net`
and a few others). CoreDNS should be stable enough to provide you with a good DNS service.

Currently CoreDNS is able to:

* Serve zone data from a file, both DNSSEC (NSEC only) and DNS is supported.
* Retrieve zone data from primaries, i.e. act as a secondary server.
* Loadbalancing of responses.
* Allow for zone transfers, i.e. act as a primary server.
* Caching
* Use etcd as a backend, i.e. a 98.5% replacement for
  [SkyDNS](https://github.com/skynetservices/skydns).
* Serve as a proxy to forward queries to some other (recursive) nameserver.
* Rewrite queries (both qtype, qclass and qname).
* Provide metrics (by using Prometheus).
* Provide Logging.
* Provide load-balancing (A/AAAA shuffling) of returned responses.
* Has support for the CH class: `version.bind` and friends.

There are still few [issues](https://github.com/miekg/coredns/issues), and work is ongoing on making
things fast and reduce the memory usage.

All in all, CoreDNS should be able to provide you with enough functionality to replace parts of
BIND9, Knot, NSD or PowerDNS.
Most documentation is in the source and some blog articles can be [found
here](https://miek.nl/tags/coredns/). If you do want to use CoreDNS in production, please let us
know and how we can help.

<https://caddyserver.com/> is also full of examples on how to structure a Corefile (renamed from
Caddyfile when I forked it).

## Examples

Start a simple proxy:

`Corefile` contains:

~~~ txt
.:1053 {
    proxy . 8.8.8.8:53
}
~~~

Just start CoreDNS: `./coredns`.
And then just query on that port (1053), the query should be forwarded to 8.8.8.8 and the response
will be returned.

Serve the (NSEC) DNSSEC signed `miek.nl` on port 1053, errors and logging to stdout. Allow zone
transfers to everybody.

~~~ txt
miek.nl:1053 {
    file /var/lib/bind/miek.nl.signed {
        transfer to *
    }
    errors stdout
    log stdout
}
~~~

Serve `miek.nl` on port 1053, but forward everything that does *not* match `miek.nl` to a recursive
nameserver *and* rewrite ANY queries to HINFO.

~~~ txt
.:1053 {
    rewrite ANY HINFO
    proxy . 8.8.8.8:53

    file /var/lib/bind/miek.nl.signed miek.nl {
        transfer to *
    }
    errors stdout
    log stdout
}
~~~

All the above examples are possible with the *current* CoreDNS.

## What remains to be done

* Website?
* Logo?
* Optimizations.
* Load testing.
* The [issues](https://github.com/miekg/coredns/issues).

## Blog

<https://miek.nl/tags/coredns/>
Gut the readme as it is mostly Caddy 2016-03-18 21:25:47 +00:00			`# CoreDNS`
Slightly more text in the README for the time being 2016-03-18 21:31:55 +00:00
			`CoreDNS is DNS server that started as a fork of [Caddy](https://github.com/mholt/caddy/). It has the`
			`same model: it chains middleware.`

Better README 2016-04-03 19:05:49 +01:00			`## Status`

Use IsDomainName (#119) Liberal as it as it still has its use. Reject invalid domain names in the config. Unrelated: clear up the README as well. And fix travis script. 2016-04-13 23:23:35 +01:00			I'm using CoreDNS is my primary, authoritative, nameserver for my domains (`miek.nl`, `atoom.net`
			`and a few others). CoreDNS should be stable enough to provide you with a good DNS service.`

Better README 2016-04-03 19:05:49 +01:00			`Currently CoreDNS is able to:`

middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well. 2016-04-16 16:16:52 +01:00			`* Serve zone data from a file, both DNSSEC (NSEC only) and DNS is supported.`
Better README 2016-04-03 19:05:49 +01:00			`* Retrieve zone data from primaries, i.e. act as a secondary server.`
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well. 2016-04-16 16:16:52 +01:00			`* Loadbalancing of responses.`
Better README 2016-04-03 19:05:49 +01:00			`* Allow for zone transfers, i.e. act as a primary server.`
Updates to README 2016-04-19 10:26:29 +00:00			`* Caching`
			`* Use etcd as a backend, i.e. a 98.5% replacement for`
Better README 2016-04-03 19:05:49 +01:00			`[SkyDNS](https://github.com/skynetservices/skydns).`
			`* Serve as a proxy to forward queries to some other (recursive) nameserver.`
Update README 2016-04-08 07:04:23 +01:00			`* Rewrite queries (both qtype, qclass and qname).`
Use IsDomainName (#119) Liberal as it as it still has its use. Reject invalid domain names in the config. Unrelated: clear up the README as well. And fix travis script. 2016-04-13 23:23:35 +01:00			`* Provide metrics (by using Prometheus).`
Better README 2016-04-03 19:05:49 +01:00			`* Provide Logging.`
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well. 2016-04-16 16:16:52 +01:00			`* Provide load-balancing (A/AAAA shuffling) of returned responses.`
Use IsDomainName (#119) Liberal as it as it still has its use. Reject invalid domain names in the config. Unrelated: clear up the README as well. And fix travis script. 2016-04-13 23:23:35 +01:00			* Has support for the CH class: `version.bind` and friends.
Better README 2016-04-03 19:05:49 +01:00
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well. 2016-04-16 16:16:52 +01:00			`There are still few [issues](https://github.com/miekg/coredns/issues), and work is ongoing on making`
			`things fast and reduce the memory usage.`
Add text about the test server 2016-04-03 20:13:33 +01:00
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well. 2016-04-16 16:16:52 +01:00			`All in all, CoreDNS should be able to provide you with enough functionality to replace parts of`
			`BIND9, Knot, NSD or PowerDNS.`
			`Most documentation is in the source and some blog articles can be [found`
			`here](https://miek.nl/tags/coredns/). If you do want to use CoreDNS in production, please let us`
			`know and how we can help.`
Slightly more text in the README for the time being 2016-03-18 21:31:55 +00:00
			`<https://caddyserver.com/> is also full of examples on how to structure a Corefile (renamed from`
			`Caddyfile when I forked it).`
An example 2016-03-18 21:36:42 +00:00
beef up some examples 2016-04-03 20:30:37 +01:00			`## Examples`
An example 2016-03-18 21:36:42 +00:00
Better README 2016-04-03 19:05:49 +01:00			`Start a simple proxy:`
An example 2016-03-18 21:36:42 +00:00
			`Corefile` contains:

beef up some examples 2016-04-03 20:30:37 +01:00			`~~~ txt`
An example 2016-03-18 21:36:42 +00:00			`.:1053 {`
			`proxy . 8.8.8.8:53`
			`}`
			`~~~`

			Just start CoreDNS: `./coredns`.
			`And then just query on that port (1053), the query should be forwarded to 8.8.8.8 and the response`
			`will be returned.`
Add blog link 2016-03-20 08:45:21 +00:00
beef up some examples 2016-04-03 20:30:37 +01:00			Serve the (NSEC) DNSSEC signed `miek.nl` on port 1053, errors and logging to stdout. Allow zone
			`transfers to everybody.`

			`~~~ txt`
			`miek.nl:1053 {`
			`file /var/lib/bind/miek.nl.signed {`
			`transfer to *`
			`}`
			`errors stdout`
			`log stdout`
			`}`
			`~~~`

			Serve `miek.nl` on port 1053, but forward everything that does not match `miek.nl` to a recursive
			`nameserver and rewrite ANY queries to HINFO.`

			`~~~ txt`
			`.:1053 {`
			`rewrite ANY HINFO`
			`proxy . 8.8.8.8:53`

			`file /var/lib/bind/miek.nl.signed miek.nl {`
			`transfer to *`
			`}`
			`errors stdout`
			`log stdout`
			`}`
			`~~~`

			`All the above examples are possible with the current CoreDNS.`

			`## What remains to be done`

			`* Website?`
			`* Logo?`
			`* Optimizations.`
			`* Load testing.`
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well. 2016-04-16 16:16:52 +01:00			`* The [issues](https://github.com/miekg/coredns/issues).`
beef up some examples 2016-04-03 20:30:37 +01:00
			`## Blog`
Add blog link 2016-03-20 08:45:21 +00:00
			`<https://miek.nl/tags/coredns/>`