Do you know the tool https://nip.io/, or the defunct xip.io ?
Those tools allow you to use a wildcard domain for any IP, notably local and private ones. They work by including the wanted IP destination in the domain, like a.subdomain.192.168.1.2.nip.io, which points to 192.168.1.2 !
This can come in handy when you want to use a reverse proxy on your local machine.
So yeah, I made my own, nip.dns.ribes.ovh
You can use it like so, foo.bar.127.0.0.1.nip.dns.ribes.ovh resolves to 127.0.0.1
$ nslookup foo.bar.subdomain.192.168.1.234.nip.dns.ribes.ovh
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: foo.bar.subdomain.192.168.1.234.nip.dns.ribes.ovh
Address: 192.168.1.234
You see, nip.io is very nice, but it's not exactly a profitable business even though it probably doesn't cost very much.
Furthermore, having such a service across Internet introduces an issue: DNS Rebinding protection. An attacker gaining access to a domain could modify it to point to a local address, potentially sending traffic to an unwanted destination.
Anyway this protection is often enabled on network equipments, it isn't always possible to disable it, and even works if you use alternative DNS server, like Cloudflare's 1.1.1.1 or Google's 8.8.8.8 !
So, running this DNS software on you workstation is a plausible use-case.
Introducing - my software
Available at https://github.com/JeanRibes/dns-go, it's a simple implementation that relies on miekg/dns
You can configure the address it listens on, and it doesn't depend on a preconfigured domain.
Setup
If you want to run that server on your domain, I don't recommend using it as your primary server. You should use it as a delegated subdomain.
For that, just setup an NS record
subdomain IN NS <that server's ip>
To run on your local machine, note that you will probably need to disable your dns cache/resolver ( systemd-resolvd on Linux) to run on port 53
dns.ribes.ovh, but I can't guarantee its uptime.Running the DNS server on your local machine is the only way to bypass DNS Rebinding Protection
Features
time over dns
the server will respond to TXT and A records on time.some.subdomain.domain.tld (has to begin with time)
Zone file
create a file zone.db in the workding directory. On startup, the file will be read, and upon sucessful parsing,
will echo back on the command-line.
You can reload the zone with a lookup on reload-zone.your.subdomain.your.domain.tld
$ORIGIN example.com. ; designates the start of this zone file in the namespace
$TTL 3600 ; default expiration time (in seconds) of all RRs without their own TTL value
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
;
@ IN NS localhost.
example.com. IN SOA ns.example.com. username.example.com. ( 2020091025 7200 3600 1209600 3600 )
example.com. IN NS ns ; ns.example.com is a nameserver for example.com
example.com. IN NS ns.somewhere.example. ; ns.somewhere.example is a backup nameserver for example.com
example.com. IN MX 10 mail.example.com. ; mail.example.com is the mailserver for example.com
@ IN MX 20 mail2.example.com. ; equivalent to above line, "@" represents zone origin
@ IN MX 50 mail3 ; equivalent to above line, but using a relative host name
example.com. IN A 192.0.2.1 ; IPv4 address for example.com
IN AAAA 2001:db8:10::1 ; IPv6 address for example.com
ns IN A 192.0.2.2 ; IPv4 address for ns.example.com
IN AAAA 2001:db8:10::2 ; IPv6 address for ns.example.com
www IN CNAME example.com. ; www.example.com is an alias for example.com
wwwtest IN CNAME www ; wwwtest.example.com is another alias for www.example.com
mail IN A 192.0.2.3 ; IPv4 address for mail.example.com
mail2 IN A 192.0.2.4 ; IPv4 address for mail2.example.com
mail3 IN A 192.0.2.5 ; IPv4 address for mail3.example.com