Do you know the tool https://nip.io/, or the defunct
Those tools allow you to use a wildcard domain for any IP, notably local and private ones. They work by including the wanted IP destination in the domain, like
a.subdomain.192.168.1.2.nip.io, which points to
This can come in handy when you want to use a reverse proxy on your local machine.
So yeah, I made my own, nip.dns.ribes.ovh
You can use it like so,
foo.bar.127.0.0.1.nip.dns.ribes.ovh resolves to
$ nslookup foo.bar.subdomain.192.168.1.234.nip.dns.ribes.ovh Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: Name: foo.bar.subdomain.192.168.1.234.nip.dns.ribes.ovh Address: 192.168.1.234
You see, nip.io is very nice, but it's not exactly a profitable business even though it probably doesn't cost very much.
Furthermore, having such a service across Internet introduces an issue: DNS Rebinding protection. An attacker gaining access to a domain could modify it to point to a local address, potentially sending traffic to an unwanted destination.
Anyway this protection is often enabled on network equipments, it isn't always possible to disable it, and even works if you use alternative DNS server, like Cloudflare's
18.104.22.168 or Google's
So, running this DNS software on you workstation is a plausible use-case.
Introducing - my software
Available at https://github.com/JeanRibes/dns-go, it's a simple implementation that relies on miekg/dns
You can configure the address it listens on, and it doesn't depend on a preconfigured domain.
If you want to run that server on your domain, I don't recommend using it as your primary server. You should use it as a delegated subdomain.
For that, just setup an NS record
subdomain IN NS <that server's ip>
To run on your local machine, note that you will probably need to disable your dns cache/resolver (
systemd-resolvd on Linux) to run on port 53
dns.ribes.ovh, but I can't guarantee its uptime.
Running the DNS server on your local machine is the only way to bypass DNS Rebinding Protection
time over dns
the server will respond to
A records on
time.some.subdomain.domain.tld (has to begin with
create a file
zone.db in the workding directory. On startup, the file will be read, and upon sucessful parsing,
will echo back on the command-line.
You can reload the zone with a lookup on
$ORIGIN example.com. ; designates the start of this zone file in the namespace $TTL 3600 ; default expiration time (in seconds) of all RRs without their own TTL value @ IN SOA localhost. root.localhost. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 86400 ) ; Negative Cache TTL ; @ IN NS localhost. example.com. IN SOA ns.example.com. username.example.com. ( 2020091025 7200 3600 1209600 3600 ) example.com. IN NS ns ; ns.example.com is a nameserver for example.com example.com. IN NS ns.somewhere.example. ; ns.somewhere.example is a backup nameserver for example.com example.com. IN MX 10 mail.example.com. ; mail.example.com is the mailserver for example.com @ IN MX 20 mail2.example.com. ; equivalent to above line, "@" represents zone origin @ IN MX 50 mail3 ; equivalent to above line, but using a relative host name example.com. IN A 192.0.2.1 ; IPv4 address for example.com IN AAAA 2001:db8:10::1 ; IPv6 address for example.com ns IN A 192.0.2.2 ; IPv4 address for ns.example.com IN AAAA 2001:db8:10::2 ; IPv6 address for ns.example.com www IN CNAME example.com. ; www.example.com is an alias for example.com wwwtest IN CNAME www ; wwwtest.example.com is another alias for www.example.com mail IN A 192.0.2.3 ; IPv4 address for mail.example.com mail2 IN A 192.0.2.4 ; IPv4 address for mail2.example.com mail3 IN A 192.0.2.5 ; IPv4 address for mail3.example.com