forked from robur/blog.robur.coop
dnsvizor, first article
This commit is contained in:
parent
06b0b673c6
commit
52d6ce6b67
1 changed files with 85 additions and 0 deletions
85
articles/dnsvizor01.md
Normal file
85
articles/dnsvizor01.md
Normal file
|
@ -0,0 +1,85 @@
|
|||
---
|
||||
date: 2024-10-25
|
||||
title: Meet DNSvizor: run your DHCP and DNS MirageOS unikernel
|
||||
description:
|
||||
The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP.
|
||||
tags:
|
||||
- OCaml
|
||||
- MirageOS
|
||||
- DNSvizor
|
||||
author:
|
||||
name: Hannes Mehnert
|
||||
email: hannes@mehnert.org
|
||||
link: https://hannes.robur.coop
|
||||
---
|
||||
|
||||
TL;DR: We got [NGI0 Entrust (via NLnet)](https://nlnet.nl/entrust/) funding for developing
|
||||
[DNSvizor](https://nlnet.nl/project/DNSvizor/) - a DNS resolver and
|
||||
DHCP server. Please help us by [showing us your dnsmasq
|
||||
configuration](https://github.com/robur-coop/dnsvizor/issues/new), so we can
|
||||
prioritize the configuration options to support.
|
||||
|
||||
## Introduction
|
||||
|
||||
The [dynamic host configuration protocol (DHCP)](https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol)
|
||||
is fundamental in today's Internet and local networks. It usually runs on your
|
||||
router (or as a dedicated independent service) and automatically configures
|
||||
computers that join your network (for example wireless laptops, smartphones)
|
||||
with an IP address, routing information, a DNS resolver, etc. No manual
|
||||
configuration is needed once your friends' smartphone got the password of your
|
||||
wireless network \o/
|
||||
|
||||
The [domain name system (DNS)](https://en.wikipedia.org/wiki/Domain_Name_System)
|
||||
is responsible for translating domain names (such as "robur.coop", "nlnet.nl")
|
||||
to IP addresses (such as 193.30.40.138 or 2a0f:7cc7:7cc7:7c40::138) - used by
|
||||
computers to talk to each other. Humans can remember domain names instead of
|
||||
memorizing IP addresses. Computers than use DNS to translate these domain names
|
||||
to IP addresses to communicate with. DNS is a hierarchic, distributed,
|
||||
faul-tolerant service.
|
||||
|
||||
These two protocols are fundamental to today's Internet: without them it would
|
||||
be much harder for humans to use it.
|
||||
|
||||
## DNSvizor
|
||||
|
||||
We at [robur](https://robur.coop) got funding (from
|
||||
[NGI0 Entrust via NLnet](https://nlnet.nl/project/DNSvizor/)) to continue our work on
|
||||
[DNSvizor](https://github.com/robur-coop/dnsvizor) - a
|
||||
[MirageOS unikernel](https://mirageos.org) that provides DNS resolution and
|
||||
DHCP service for a network. This is fully implemented in
|
||||
[OCaml](https://ocaml.org).
|
||||
|
||||
Already at our [MirageOS retreats](https://retreat.mirageos.org) we deployed
|
||||
such unikernel, to test our [DHCP implementation](https://github.com/mirage/charrua)
|
||||
and our [DNS resolver](https://github.com/mirage/ocaml-dns) - and found and
|
||||
fixed issues on-site. At the retreats we have a very limited Internet uplink,
|
||||
thus caching DNS queries and answers is great for reducing the load on the
|
||||
uplink.
|
||||
|
||||
Thanks to the funding we received, we'll be able to work on improving the
|
||||
performance, but also to finish our DNSSec implementation, provide DNS-over-TLS
|
||||
and DNS-over-HTTPS services, and also a web interface. DNSvizor will use the
|
||||
existing [dnsmasq](https://thekelleys.org.uk/dnsmasq/doc.html) configuration
|
||||
syntax, and provide lots of features from dnsmasq, and also provide features
|
||||
such as block lists from [pi-hole](https://pi-hole.net/).
|
||||
|
||||
We are at a point where the [basic unikernel (our MVP)](https://github.com/robur-coop/dnsvizor)
|
||||
- providing DNS and DHCP services - is ready, and we provide
|
||||
[reproducible binary builds](https://builds.robur.coop/job/dnsvizor). Phew. This
|
||||
means that the first step is done.
|
||||
|
||||
We are now curious on concrete usages of dnsmasq and the configurations you use.
|
||||
If you're interested in dnsvizor, please [open an issue at our repository](https://github.com/robur-coop/dnsvizor/issues/new)
|
||||
with your dnsmasq configuration. This will help us to guide which parts of the configuration to prioritize.
|
||||
|
||||
## Conclusion
|
||||
|
||||
DNSvizor provides DNS resolution and DHCP service for your network, and already
|
||||
exists :). Please report issues you encounter and questions you may have. Also,
|
||||
if you use dnsmasq, please [show us your configuration](https://github.com/robur-coop/dnsvizor/issues/new).
|
||||
|
||||
If you're interested in MirageOS and using it in your domain, don't hesitate
|
||||
to reach out to us (via eMail: team@robur.coop) - we're keen to deploy MirageOS
|
||||
and find more domains where it is useful. If you can spare a dime, we're a
|
||||
registered non-profit in Germany - and can provide tax-deductable receipts for
|
||||
donations ([more information](https://robur.coop/Donate)).
|
Loading…
Reference in a new issue