5156b0923d6b81b4853f8aeffe6de56e982316c3
Services-DNS.md
| ... | ... | @@ -1,7 +1,21 @@ |
| 1 | 1 | # DNS |
| 2 | 2 | |
| 3 | -We have a TLD for the dn42, which is .dn42 and the Anycast-DNS-server for it runs on 172.22.0.53. |
|
| 4 | -**DNS is build from whois database. So please edit your DNS-records there.** |
|
| 3 | +*(tl;dr)* We have a TLD for dn42, which is `.dn42`. The anycast resolver for `.dn42` runs on `172.22.0.53`. |
|
| 4 | +**DNS is build from [[whois database|Services Whois]]. So please edit your DNS-records there.** |
|
| 5 | + |
|
| 6 | +## Using the DNS service |
|
| 7 | + |
|
| 8 | +You can either use the anycast resolver directly, or configure your local resolver to forward queries in the `.dn42` zone. |
|
| 9 | + |
|
| 10 | +### Using the anycast resolver directly |
|
| 11 | + |
|
| 12 | +Please be aware that this method sends **all** your DNS queries (e.g. `google.com`) to a random DNS server inside dn42. The server could fake the result and point you towards the russian mafia. They probably won't, but think about what you are doing. At the end of the day, your ISP could be evil as well, so it always boils down to a question of trust. |
|
| 13 | + |
|
| 14 | +To do this, just use `172.22.0.53` as your resolver, for instance in `/etc/resolv.conf`. |
|
| 15 | + |
|
| 16 | +### Forwarding `.dn42`queries |
|
| 17 | + |
|
| 18 | +If you run your own resolver (`unbound`, `dnsmasq`, `bind`), you can configure it to forward dn42 queries to the anycast DNS resolver. See [[DNS forwarder configuration|Services DNS Configuration]]. |
|
| 5 | 19 | |
| 6 | 20 | ## Anycast DNS |
| 7 | 21 |