diff --git a/man/coredns-acl.7 b/man/coredns-acl.7 new file mode 100644 index 000000000..9a2ded0dd --- /dev/null +++ b/man/coredns-acl.7 @@ -0,0 +1,105 @@ +.\" Generated by Mmark Markdown Processer - mmark.miek.nl +.TH "COREDNS-ACL" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" + +.PP +\fIacl\fP - enforces access control policies on source ip and prevents unauthorized access to DNS servers. + +.SH "DESCRIPTION" +.PP +With \fB\fCacl\fR enabled, users are able to block suspicous DNS queries by configuring IP filter rule sets, i.e. allowing authorized queries to recurse or blocking unauthorized queries. + +.PP +This plugin can be used multiple times per Server Block. + +.SH "SYNTAX" +.PP +.RS + +.nf +acl [ZONES...] { + ACTION [type QTYPE...] [net SOURCE...] +} + +.fi +.RE + +.IP \(bu 4 +\fBZONES\fP zones it should be authoritative for. If empty, the zones from the configuration block are used. +.IP \(bu 4 +\fBACTION\fP (\fIallow\fP or \fIblock\fP) defines the way to deal with DNS queries matched by this rule. The default action is \fIallow\fP, which means a DNS query not matched by any rules will be allowed to recurse. +.IP \(bu 4 +\fBQTYPE\fP is the query type to match for the requests to be allowed or blocked. Common resource record types are supported. \fB\fC*\fR stands for all record types. The default behavior for an omitted \fB\fCtype QTYPE...\fR is to match all kinds of DNS queries (same as \fB\fCtype *\fR). +.IP \(bu 4 +\fBSOURCE\fP is the source IP address to match for the requests to be allowed or blocked. Typical CIDR notation and single IP address are supported. \fB\fC*\fR stands for all possible source IP addresses. + + +.SH "EXAMPLES" +.PP +To demonstrate the usage of plugin acl, here we provide some typical examples. + +.PP +Block all DNS queries with record type A from 192.168.0.0/16: + +.PP +.RS + +.nf +\&. { + acl { + block type A net 192.168.0.0/16 + } +} + +.fi +.RE + +.PP +Block all DNS queries from 192.168.0.0/16 except for 192.168.1.0/24: + +.PP +.RS + +.nf +\&. { + acl { + allow net 192.168.1.0/24 + block net 192.168.0.0/16 + } +} + +.fi +.RE + +.PP +Allow only DNS queries from 192.168.0.0/24 and 192.168.1.0/24: + +.PP +.RS + +.nf +\&. { + acl { + allow net 192.168.0.0/16 192.168.1.0/24 + block + } +} + +.fi +.RE + +.PP +Block all DNS queries from 192.168.1.0/24 towards a.example.org: + +.PP +.RS + +.nf +example.org { + acl a.example.org { + block net 192.168.1.0/24 + } +} + +.fi +.RE + diff --git a/man/coredns-any.7 b/man/coredns-any.7 index 2fc03ec09..d79953bc2 100644 --- a/man/coredns-any.7 +++ b/man/coredns-any.7 @@ -1,9 +1,9 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-ANY" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-ANY" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIany\fP - give a minimal response to ANY queries. +\fIany\fP - gives a minimal response to ANY queries. .SH "DESCRIPTION" .PP @@ -41,7 +41,7 @@ A \fB\fCdig +nocmd ANY example.org +noall +answer\fR now returns: .RS .nf -example.org. 8482 IN HINFO "ANY obsoleted" "See RFC 8482" +example.org. 8482 IN HINFO "ANY obsoleted" "See RFC 8482" .fi .RE diff --git a/man/coredns-auto.7 b/man/coredns-auto.7 index fcd673175..22d4555bc 100644 --- a/man/coredns-auto.7 +++ b/man/coredns-auto.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-AUTO" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-AUTO" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -77,8 +77,8 @@ notifies to 10.240.1.1 .RS .nf -\&. { - auto org { +org { + auto { directory /etc/coredns/zones/org transfer to * transfer to 10.240.1.1 diff --git a/man/coredns-autopath.7 b/man/coredns-autopath.7 index e96540e65..4c3304b29 100644 --- a/man/coredns-autopath.7 +++ b/man/coredns-autopath.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-AUTOPATH" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-AUTOPATH" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-azure.7 b/man/coredns-azure.7 index 2a4bdcd01..42527ae20 100644 --- a/man/coredns-azure.7 +++ b/man/coredns-azure.7 @@ -1,5 +1,5 @@ -.\" Generated by Mmark Markdown Processer - mmark.nl -.TH "COREDNS-AZURE" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.\" Generated by Mmark Markdown Processer - mmark.miek.nl +.TH "COREDNS-AZURE" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-cache.7 b/man/coredns-cache.7 index a229de73b..1707f65b6 100644 --- a/man/coredns-cache.7 +++ b/man/coredns-cache.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-CACHE" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-CACHE" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -133,18 +133,18 @@ Proxy to Google Public DNS and only cache responses for example.org (or below). .RE .PP -Enable caching for all zones, keep a positive cache size of 5000 and a negative cache size of 2500: +Enable caching for \fB\fCexample.org\fR, keep a positive cache size of 5000 and a negative cache size of 2500: .PP .RS .nf - . { - cache { - success 5000 - denial 2500 +example.org { + cache { + success 5000 + denial 2500 } - } +} .fi .RE diff --git a/man/coredns-cancel.7 b/man/coredns-cancel.7 index 29480a933..a628d9ad0 100644 --- a/man/coredns-cancel.7 +++ b/man/coredns-cancel.7 @@ -1,9 +1,9 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-CANCEL" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-CANCEL" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIcancel\fP - a plugin that cancels a request's context after 5001 milliseconds. +\fIcancel\fP - cancels a request's context after 5001 milliseconds. .SH "DESCRIPTION" .PP @@ -11,7 +11,7 @@ The \fIcancel\fP plugin creates a canceling context for each request. It adds a triggered after 5001 milliseconds. .PP -The 5001 number is chosen because the default timeout for DNS clients is 5 seconds, after that they +The 5001 number was chosen because the default timeout for DNS clients is 5 seconds, after that they give up. .PP @@ -37,7 +37,7 @@ cancel [TIMEOUT] .RS .nf -\&. { +example.org { cancel whoami } @@ -52,7 +52,7 @@ Or with a custom timeout: .RS .nf -\&. { +example.org { cancel 1s whoami } diff --git a/man/coredns-chaos.7 b/man/coredns-chaos.7 index 72bb0b2f1..1769f3d2d 100644 --- a/man/coredns-chaos.7 +++ b/man/coredns-chaos.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-CHAOS" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-CHAOS" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -70,7 +70,7 @@ And test with \fB\fCdig\fR: % dig @localhost CH TXT version.bind \&... ;; ANSWER SECTION: -version.bind. 0 CH TXT "CoreDNS\-001" +version.bind. 0 CH TXT "CoreDNS\-001" \&... .fi diff --git a/man/coredns-clouddns.7 b/man/coredns-clouddns.7 index 625af666a..c09af441e 100644 --- a/man/coredns-clouddns.7 +++ b/man/coredns-clouddns.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-CLOUDDNS" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-CLOUDDNS" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -60,7 +60,7 @@ Enable clouddns with implicit GCP credentials and resolve CNAMEs via 10.0.0.1: .RS .nf -\&. { +example.org { clouddns example.org.:gcp\-example\-project:example\-zone forward . 10.0.0.1 } @@ -75,7 +75,7 @@ Enable clouddns with fallthrough: .RS .nf -\&. { +example.org { clouddns example.org.:gcp\-example\-project:example\-zone clouddns example.com.:gcp\-example\-project:example\-zone\-2 { fallthrough example.gov. } diff --git a/man/coredns-debug.7 b/man/coredns-debug.7 index b4f857a6e..a9eb04511 100644 --- a/man/coredns-debug.7 +++ b/man/coredns-debug.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-DEBUG" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-DEBUG" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-dnssec.7 b/man/coredns-dnssec.7 index 373923a09..df17d2826 100644 --- a/man/coredns-dnssec.7 +++ b/man/coredns-dnssec.7 @@ -1,13 +1,13 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-DNSSEC" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-DNSSEC" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIdnssec\fP - enable on-the-fly DNSSEC signing of served data. +\fIdnssec\fP - enables on-the-fly DNSSEC signing of served data. .SH "DESCRIPTION" .PP -With \fIdnssec\fP any reply that doesn't (or can't) do DNSSEC will get signed on the fly. Authenticated +With \fIdnssec\fP, any reply that doesn't (or can't) do DNSSEC will get signed on the fly. Authenticated denial of existence is implemented with NSEC black lies. Using ECDSA as an algorithm is preferred as this leads to smaller signatures (compared to RSA). NSEC3 is \fInot\fP supported. diff --git a/man/coredns-dnstap.7 b/man/coredns-dnstap.7 index c0e95412e..60fa63a49 100644 --- a/man/coredns-dnstap.7 +++ b/man/coredns-dnstap.7 @@ -1,13 +1,13 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-DNSTAP" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-DNSTAP" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIdnstap\fP - enable logging to dnstap. +\fIdnstap\fP - enables logging to dnstap. .SH "DESCRIPTION" .PP -dnstap is a flexible, structured binary log format for DNS software: http://dnstap.info +dnstap is a flexible, structured binary log format for DNS software; see http://dnstap.info \[la]http://dnstap.info\[ra]. With this plugin you make CoreDNS output dnstap logging. diff --git a/man/coredns-erratic.7 b/man/coredns-erratic.7 index 782a976fa..61688ef9d 100644 --- a/man/coredns-erratic.7 +++ b/man/coredns-erratic.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-ERRATIC" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-ERRATIC" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -55,7 +55,7 @@ This plugin reports readiness to the ready plugin. .RS .nf -\&. { +example.org { erratic { drop 3 } @@ -71,7 +71,7 @@ Or even shorter if the defaults suits you. Note this only drops queries, it does .RS .nf -\&. { +example.org { erratic } @@ -85,7 +85,7 @@ Delay 1 in 3 queries for 50ms .RS .nf -\&. { +example.org { erratic { delay 3 50ms } @@ -101,7 +101,7 @@ Delay 1 in 3 and truncate 1 in 5. .RS .nf -\&. { +example.org { erratic { delay 3 5ms truncate 5 @@ -118,7 +118,7 @@ Drop every second query. .RS .nf -\&. { +example.org { erratic { drop 2 truncate 2 @@ -131,7 +131,6 @@ Drop every second query. .SH "ALSO SEE" .PP RFC 3849 -\[la]https://tools.ietf.org/html/rfc3849\[ra] and -RFC 5737 +\[la]https://tools.ietf.org/html/rfc3849\[ra] and RFC 5737 \[la]https://tools.ietf.org/html/rfc5737\[ra]. diff --git a/man/coredns-errors.7 b/man/coredns-errors.7 index 8a159468c..072f1c3ba 100644 --- a/man/coredns-errors.7 +++ b/man/coredns-errors.7 @@ -1,9 +1,9 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-ERRORS" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-ERRORS" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIerrors\fP - enable error logging. +\fIerrors\fP - enables error logging. .SH "DESCRIPTION" .PP @@ -33,7 +33,7 @@ Extra knobs are available with an expanded syntax: .nf errors { - consolidate DURATION REGEXP + consolidate DURATION REGEXP } .fi @@ -59,13 +59,13 @@ For better performance, it's recommended to use the \fB\fC^\fR or \fB\fC$\fR met .SH "EXAMPLES" .PP -Use the \fIwhoami\fP to respond to queries and Log errors to standard output. +Use the \fIwhoami\fP to respond to queries in the example.org domain and Log errors to standard output. .PP .RS .nf -\&. { +example.org { whoami errors } diff --git a/man/coredns-etcd.7 b/man/coredns-etcd.7 index 57d8a2e5c..8221ed63e 100644 --- a/man/coredns-etcd.7 +++ b/man/coredns-etcd.7 @@ -1,9 +1,9 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-ETCD" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-ETCD" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIetcd\fP - enable SkyDNS service discovery from etcd. +\fIetcd\fP - enables SkyDNS service discovery from etcd. .SH "DESCRIPTION" .PP @@ -12,7 +12,7 @@ a generic DNS zone data plugin. Only a subset of DNS record types are implemente and delegations are not handled at all. .PP -The data in etcd instance has to be encoded as +The data in the etcd instance has to be encoded as a message \[la]https://github.com/skynetservices/skydns/blob/2fcff74cdc9f9a7dd64189a447ef27ac354b725f/msg/service.go#L26\[ra] like SkyDNS @@ -116,15 +116,19 @@ This is the default SkyDNS setup, with everything specified in full: .RS .nf -\&. { - etcd skydns.local { +skydns.local { + etcd { path /skydns endpoint http://localhost:2379 } prometheus - cache 160 skydns.local + cache loadbalance +} + +\&. { forward . 8.8.8.8:53 8.8.4.4:53 + cache } .fi @@ -138,12 +142,16 @@ when resolving external pointing CNAMEs. .RS .nf -\&. { - etcd skydns.local { +skydns.local { + etcd { path /skydns } - cache 160 skydns.local + cache +} + +\&. { forward . /etc/resolv.conf + cache } .fi diff --git a/man/coredns-file.7 b/man/coredns-file.7 index 193cb6d8b..bacd63c7c 100644 --- a/man/coredns-file.7 +++ b/man/coredns-file.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-FILE" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-FILE" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-forward.7 b/man/coredns-forward.7 index 52bb9c4f8..8efabc22e 100644 --- a/man/coredns-forward.7 +++ b/man/coredns-forward.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-FORWARD" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-FORWARD" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -160,9 +160,8 @@ and we are randomly (this always uses the \fB\fCrandom\fR policy) spraying to an .PP -Where \fB\fCto\fR is one of the upstream servers (\fBTO\fP from the config), \fB\fCproto\fR is the protocol used by -the incoming query ("tcp" or "udp"), and family the transport family ("1" for IPv4, and "2" for -IPv6). +Where \fB\fCto\fR is one of the upstream servers (\fBTO\fP from the config), \fB\fCrcode\fR is the returned RCODE +from the upstream. .SH "EXAMPLES" .PP diff --git a/man/coredns-grpc.7 b/man/coredns-grpc.7 index 3068c0043..bcf3b469b 100644 --- a/man/coredns-grpc.7 +++ b/man/coredns-grpc.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-GRPC" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-GRPC" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-health.7 b/man/coredns-health.7 index 78d957208..ecae0d7e2 100644 --- a/man/coredns-health.7 +++ b/man/coredns-health.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-HEALTH" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-HEALTH" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-hosts.7 b/man/coredns-hosts.7 index 0bb289438..c9cf7e657 100644 --- a/man/coredns-hosts.7 +++ b/man/coredns-hosts.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-HOSTS" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-HOSTS" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -93,6 +93,16 @@ is authoritative. If specific zones are listed (for example \fB\fCin-addr.arpa\f queries for those zones will be subject to fallthrough. +.SH "METRICS" +.PP +If monitoring is enabled (via the \fIprometheus\fP directive) then the following metrics are exported: + +.IP \(bu 4 +\fB\fCcoredns_hosts_entries_count{}\fR - The combined number of entries in hosts and Corefile. +.IP \(bu 4 +\fB\fCcoredns_hosts_reload_timestamp_seconds{}\fR - The timestamp of the last reload of hosts file. + + .SH "EXAMPLES" .PP Load \fB\fC/etc/hosts\fR file. @@ -146,11 +156,12 @@ Load hosts file inlined in Corefile. .RS .nf -\&. { - hosts example.hosts example.org { +example.hosts example.org { + hosts { 10.0.0.1 example.org fallthrough } + whoami } .fi diff --git a/man/coredns-import.7 b/man/coredns-import.7 index 757e2a348..918e4a2cd 100644 --- a/man/coredns-import.7 +++ b/man/coredns-import.7 @@ -1,13 +1,13 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-IMPORT" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-IMPORT" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIimport\fP - include files or reference snippets from a Corefile. +\fIimport\fP - includes files or references snippets from a Corefile. .SH "DESCRIPTION" .PP -The \fIimport\fP plugin can be used to include files into the main configuration. Another use it to +The \fIimport\fP plugin can be used to include files into the main configuration. Another use is to reference predefined snippets. Both can help to avoid some duplication. .PP @@ -45,7 +45,7 @@ label surrounded by parentheses: .nf (mysnippet) { - ... + ... } .fi diff --git a/man/coredns-k8s_external.7 b/man/coredns-k8s_external.7 index 4293fff1c..1cabc3e7f 100644 --- a/man/coredns-k8s_external.7 +++ b/man/coredns-k8s_external.7 @@ -1,9 +1,9 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-K8S_EXTERNAL" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-K8S_EXTERNAL" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIk8s_external\fP - resolve load balancer and external IPs from outside kubernetes clusters. +\fIk8s_external\fP - resolves load balancer and external IPs from outside Kubernetes clusters. .SH "DESCRIPTION" .PP @@ -22,14 +22,14 @@ By default the apex of the zone will look like the following (assuming the zone .RS .nf -example.org. 5 IN SOA ns1.dns.example.org. hostmaster.example.org. ( - 12345 ; serial - 14400 ; refresh (4 hours) - 3600 ; retry (1 hour) - 604800 ; expire (1 week) - 5 ; minimum (4 hours) - ) -example.org 5 IN NS ns1.dns.example.org. +example.org. 5 IN SOA ns1.dns.example.org. hostmaster.example.org. ( + 12345 ; serial + 14400 ; refresh (4 hours) + 3600 ; retry (1 hour) + 604800 ; expire (1 week) + 5 ; minimum (4 hours) + ) +example.org 5 IN NS ns1.dns.example.org. ns1.dns.example.org. 5 IN A .... ns1.dns.example.org. 5 IN AAAA .... diff --git a/man/coredns-kubernetes.7 b/man/coredns-kubernetes.7 index ddc7cb021..2c7baf8c3 100644 --- a/man/coredns-kubernetes.7 +++ b/man/coredns-kubernetes.7 @@ -1,9 +1,9 @@ -.\" Generated by Mmark Markdown Processer - mmark.nl -.TH "COREDNS-KUBERNETES" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.\" Generated by Mmark Markdown Processer - mmark.miek.nl +.TH "COREDNS-KUBERNETES" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIkubernetes\fP - enables the reading zone data from a Kubernetes cluster. +\fIkubernetes\fP - enables reading zone data from a Kubernetes cluster. .SH "DESCRIPTION" .PP @@ -302,8 +302,8 @@ For example, wildcards can be used to resolve all Endpoints for a Service as \fB .RS .nf -*.service.default.svc.cluster.local. 5 IN A 192.168.10.10 -*.service.default.svc.cluster.local. 5 IN A 192.168.25.15 +*.service.default.svc.cluster.local. 5 IN A 192.168.10.10 +*.service.default.svc.cluster.local. 5 IN A 192.168.25.15 .fi .RE diff --git a/man/coredns-loadbalance.7 b/man/coredns-loadbalance.7 index 0b5109a9a..230421f76 100644 --- a/man/coredns-loadbalance.7 +++ b/man/coredns-loadbalance.7 @@ -1,18 +1,18 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-LOADBALANCE" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-LOADBALANCE" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIloadbalance\fP - randomize the order of A, AAAA and MX records. +\fIloadbalance\fP - randomizes the order of A, AAAA and MX records. .SH "DESCRIPTION" .PP -The \fIloadbalance\fP will act as a round-robin DNS loadbalancer by randomizing the order of A, AAAA, +The \fIloadbalance\fP will act as a round-robin DNS load balancer by randomizing the order of A, AAAA, and MX records in the answer. .PP See Wikipedia -\[la]https://en.wikipedia.org/wiki/Round-robin_DNS\[ra] about the pros and cons on this +\[la]https://en.wikipedia.org/wiki/Round-robin_DNS\[ra] about the pros and cons of this setup. It will take care to sort any CNAMEs before any address records, because some stub resolver implementations (like glibc) are particular about that. @@ -27,7 +27,7 @@ loadbalance [POLICY] .RE .IP \(bu 4 -\fBPOLICY\fP is how to balance, the default, and only option, is "round_robin". +\fBPOLICY\fP is how to balance. The default, and only option, is "round_robin". .SH "EXAMPLES" diff --git a/man/coredns-log.7 b/man/coredns-log.7 index c8e48de19..d9d7f30fb 100644 --- a/man/coredns-log.7 +++ b/man/coredns-log.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-LOG" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-LOG" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -155,7 +155,7 @@ Each of these logs will be outputted with \fB\fClog.Infof\fR, so a typical examp .RS .nf -2018\-10\-30T19:10:07.547Z [INFO] [::1]:50759 \- 29008 "A IN example.org. udp 41 false 4096" NOERROR qr,rd,ra,ad 68 0.037990251s +[INFO] [::1]:50759 \- 29008 "A IN example.org. udp 41 false 4096" NOERROR qr,rd,ra,ad 68 0.037990251s ~~~~ ## Examples diff --git a/man/coredns-loop.7 b/man/coredns-loop.7 index 27ba8901e..636d46ed6 100644 --- a/man/coredns-loop.7 +++ b/man/coredns-loop.7 @@ -1,9 +1,9 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-LOOP" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-LOOP" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIloop\fP - detect simple forwarding loops and halt the server. +\fIloop\fP - detects simple forwarding loops and halts the server. .SH "DESCRIPTION" .PP diff --git a/man/coredns-metadata.7 b/man/coredns-metadata.7 index e3598282e..63af5a066 100644 --- a/man/coredns-metadata.7 +++ b/man/coredns-metadata.7 @@ -1,31 +1,31 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-METADATA" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-METADATA" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fImetadata\fP - enable a meta data collector. +\fImetadata\fP - enables a metadata collector. .SH "DESCRIPTION" .PP By enabling \fImetadata\fP any plugin that implements metadata.Provider interface \[la]https://godoc.org/github.com/coredns/coredns/plugin/metadata#Provider\[ra] will be called for -each DNS query, at beginning of the process for that query, in order to add its own meta data to +each DNS query, at the beginning of the process for that query, in order to add its own metadata to context. .PP -The meta data collected will be available for all plugins, via the Context parameter provided in the +The metadata collected will be available for all plugins, via the Context parameter provided in the ServeDNS function. The package (code) documentation has examples on how to inspect and retrieve metadata a plugin might be interested in. .PP -The meta data is added by setting a label with a value in the context. These labels should be named +The metadata is added by setting a label with a value in the context. These labels should be named \fB\fCplugin/NAME\fR, where \fBNAME\fP is something descriptive. The only hard requirement the \fImetadata\fP -plugin enforces is that the labels contains a slash. See the documentation for +plugin enforces is that the labels contain a slash. See the documentation for \fB\fCmetadata.SetValueFunc\fR. .PP -The value stored is a string. The empty string signals "no meta data". See the documentation for +The value stored is a string. The empty string signals "no metadata". See the documentation for \fB\fCmetadata.ValueFunc\fR on how to retrieve this. .SH "SYNTAX" diff --git a/man/coredns-metrics.7 b/man/coredns-metrics.7 index 8e9863423..6fd2f6215 100644 --- a/man/coredns-metrics.7 +++ b/man/coredns-metrics.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-METRICS" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-METRICS" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-nsid.7 b/man/coredns-nsid.7 index df678afb6..765c5b7ed 100644 --- a/man/coredns-nsid.7 +++ b/man/coredns-nsid.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-NSID" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-NSID" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -39,7 +39,7 @@ Enable nsid: .RS .nf -\&. { +example.org { whoami nsid Use The Force } @@ -66,7 +66,7 @@ And now a client with NSID support will see an OPT record with the NSID option: ; EDNS: version: 0, flags:; udp: 4096 ; NSID: 55 73 65 20 54 68 65 20 46 6f 72 63 65 ("Use The Force") ;; QUESTION SECTION: -;whoami.example.org. IN A +;whoami.example.org. IN A .fi .RE diff --git a/man/coredns-pprof.7 b/man/coredns-pprof.7 index 21556dead..8a9741445 100644 --- a/man/coredns-pprof.7 +++ b/man/coredns-pprof.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-PPROF" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-PPROF" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-ready.7 b/man/coredns-ready.7 index cc0c370d5..f97a10323 100644 --- a/man/coredns-ready.7 +++ b/man/coredns-ready.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-READY" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-READY" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-reload.7 b/man/coredns-reload.7 index f78d55bf6..2ff687df9 100644 --- a/man/coredns-reload.7 +++ b/man/coredns-reload.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-RELOAD" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-RELOAD" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -48,17 +48,15 @@ reload [INTERVAL] [JITTER] .fi .RE -.IP \(bu 4 -The plugin will check for changes every \fBINTERVAL\fP, subject to +/- the \fBJITTER\fP duration +.PP +The plugin will check for changes every \fBINTERVAL\fP, subject to +/- the \fBJITTER\fP duration. + .IP \(bu 4 \fBINTERVAL\fP and \fBJITTER\fP are Golang (durations)[https://golang.org/pkg/time/#ParseDuration -\[la]https://golang.org/pkg/time/#ParseDuration\[ra]] -.IP \(bu 4 -Default \fBINTERVAL\fP is 30s, default \fBJITTER\fP is 15s -.IP \(bu 4 -Minimal value for \fBINTERVAL\fP is 2s, and for \fBJITTER\fP is 1s -.IP \(bu 4 -If \fBJITTER\fP is more than half of \fBINTERVAL\fP, it will be set to half of \fBINTERVAL\fP +\[la]https://golang.org/pkg/time/#ParseDuration\[ra]]. +The default \fBINTERVAL\fP is 30s, default \fBJITTER\fP is 15s, the minimal value for \fBINTERVAL\fP +is 2s, and for \fBJITTER\fP it is 1s. If \fBJITTER\fP is more than half of \fBINTERVAL\fP, it will be +set to half of \fBINTERVAL\fP .SH "EXAMPLES" @@ -102,8 +100,8 @@ where the reload fails, and you loose functionality. Consider the following Core .nf \&. { - health :8080 - whoami + health :8080 + whoami } .fi diff --git a/man/coredns-rewrite.7 b/man/coredns-rewrite.7 index 4cd0022b0..898f7509d 100644 --- a/man/coredns-rewrite.7 +++ b/man/coredns-rewrite.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-REWRITE" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-REWRITE" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-route53.7 b/man/coredns-route53.7 index e28a92f42..8aa1badcd 100644 --- a/man/coredns-route53.7 +++ b/man/coredns-route53.7 @@ -1,5 +1,5 @@ -.\" Generated by Mmark Markdown Processer - mmark.nl -.TH "COREDNS-ROUTE53" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.\" Generated by Mmark Markdown Processer - mmark.miek.nl +.TH "COREDNS-ROUTE53" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -73,8 +73,11 @@ Enable route53 with implicit AWS credentials and resolve CNAMEs via 10.0.0.1: .RS .nf +example.org { + route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 +} + \&. { - route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 forward . 10.0.0.1 } @@ -88,7 +91,7 @@ Enable route53 with explicit AWS credentials: .RS .nf -\&. { +example.org { route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 { aws\_access\_key AWS\_ACCESS\_KEY\_ID AWS\_SECRET\_ACCESS\_KEY } @@ -120,7 +123,7 @@ Enable route53 with multiple hosted zones with the same domain: .RS .nf -\&. { +example.org { route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 example.org.:Z93A52145678156 } @@ -134,7 +137,7 @@ Enable route53 and refresh records every 3 minutes .RS .nf -\&. { +example.org { route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 { refresh 3m } diff --git a/man/coredns-secondary.7 b/man/coredns-secondary.7 index 45d5e257c..9ca520eaa 100644 --- a/man/coredns-secondary.7 +++ b/man/coredns-secondary.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-SECONDARY" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-SECONDARY" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-sign.7 b/man/coredns-sign.7 index 773e930ab..06cdf68a7 100644 --- a/man/coredns-sign.7 +++ b/man/coredns-sign.7 @@ -1,9 +1,9 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-SIGN" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-SIGN" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP -\fIsign\fP - add DNSSEC records to zone files. +\fIsign\fP - adds DNSSEC records to zone files. .SH "DESCRIPTION" .PP diff --git a/man/coredns-template.7 b/man/coredns-template.7 index 54aa9fda6..948f11f44 100644 --- a/man/coredns-template.7 +++ b/man/coredns-template.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-TEMPLATE" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-TEMPLATE" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP diff --git a/man/coredns-tls.7 b/man/coredns-tls.7 index db0022d20..016c09c2d 100644 --- a/man/coredns-tls.7 +++ b/man/coredns-tls.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-TLS" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-TLS" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -60,8 +60,8 @@ nameservers defined in \fB\fC/etc/resolv.conf\fR to resolve the query. This prox .nf tls://.:5553 { - tls cert.pem key.pem ca.pem - forward . /etc/resolv.conf + tls cert.pem key.pem ca.pem + forward . /etc/resolv.conf } .fi @@ -76,8 +76,8 @@ incoming queries. .nf grpc://. { - tls cert.pem key.pem ca.pem - forward . /etc/resolv.conf + tls cert.pem key.pem ca.pem + forward . /etc/resolv.conf } .fi diff --git a/man/coredns-whoami.7 b/man/coredns-whoami.7 index 906527920..f71cd891f 100644 --- a/man/coredns-whoami.7 +++ b/man/coredns-whoami.7 @@ -1,5 +1,5 @@ .\" Generated by Mmark Markdown Processer - mmark.miek.nl -.TH "COREDNS-WHOAMI" 7 "August 2019" "CoreDNS" "CoreDNS Plugins" +.TH "COREDNS-WHOAMI" 7 "September 2019" "CoreDNS" "CoreDNS Plugins" .SH "NAME" .PP @@ -50,7 +50,7 @@ Start a server on the default port and load the \fIwhoami\fP plugin. .RS .nf -\&. { +example.org { whoami }