diff --git a/articles/dnsvizor01.md b/articles/dnsvizor01.md new file mode 100644 index 0000000..2b6f003 --- /dev/null +++ b/articles/dnsvizor01.md @@ -0,0 +1,85 @@ +--- +date: 2024-10-25 +title: Meet DNSvizor: run your DHCP and DNS MirageOS unikernel +description: + The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP. +tags: + - OCaml + - MirageOS + - DNSvizor +author: + name: Hannes Mehnert + email: hannes@mehnert.org + link: https://hannes.robur.coop +--- + +TL;DR: We got [NGI0 Entrust (via NLnet)](https://nlnet.nl/entrust/) funding for developing +[DNSvizor](https://nlnet.nl/project/DNSvizor/) - a DNS resolver and +DHCP server. Please help us by [showing us your dnsmasq +configuration](https://github.com/robur-coop/dnsvizor/issues/new), so we can +prioritize the configuration options to support. + +## Introduction + +The [dynamic host configuration protocol (DHCP)](https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol) +is fundamental in today's Internet and local networks. It usually runs on your +router (or as a dedicated independent service) and automatically configures +computers that join your network (for example wireless laptops, smartphones) +with an IP address, routing information, a DNS resolver, etc. No manual +configuration is needed once your friends' smartphone got the password of your +wireless network \o/ + +The [domain name system (DNS)](https://en.wikipedia.org/wiki/Domain_Name_System) +is responsible for translating domain names (such as "robur.coop", "nlnet.nl") +to IP addresses (such as 193.30.40.138 or 2a0f:7cc7:7cc7:7c40::138) - used by +computers to talk to each other. Humans can remember domain names instead of +memorizing IP addresses. Computers than use DNS to translate these domain names +to IP addresses to communicate with. DNS is a hierarchic, distributed, +faul-tolerant service. + +These two protocols are fundamental to today's Internet: without them it would +be much harder for humans to use it. + +## DNSvizor + +We at [robur](https://robur.coop) got funding (from +[NGI0 Entrust via NLnet](https://nlnet.nl/project/DNSvizor/)) to continue our work on +[DNSvizor](https://github.com/robur-coop/dnsvizor) - a +[MirageOS unikernel](https://mirageos.org) that provides DNS resolution and +DHCP service for a network. This is fully implemented in +[OCaml](https://ocaml.org). + +Already at our [MirageOS retreats](https://retreat.mirageos.org) we deployed +such unikernel, to test our [DHCP implementation](https://github.com/mirage/charrua) +and our [DNS resolver](https://github.com/mirage/ocaml-dns) - and found and +fixed issues on-site. At the retreats we have a very limited Internet uplink, +thus caching DNS queries and answers is great for reducing the load on the +uplink. + +Thanks to the funding we received, we'll be able to work on improving the +performance, but also to finish our DNSSec implementation, provide DNS-over-TLS +and DNS-over-HTTPS services, and also a web interface. DNSvizor will use the +existing [dnsmasq](https://thekelleys.org.uk/dnsmasq/doc.html) configuration +syntax, and provide lots of features from dnsmasq, and also provide features +such as block lists from [pi-hole](https://pi-hole.net/). + +We are at a point where the [basic unikernel (our MVP)](https://github.com/robur-coop/dnsvizor) +- providing DNS and DHCP services - is ready, and we provide +[reproducible binary builds](https://builds.robur.coop/job/dnsvizor). Phew. This +means that the first step is done. + +We are now curious on concrete usages of dnsmasq and the configurations you use. +If you're interested in dnsvizor, please [open an issue at our repository](https://github.com/robur-coop/dnsvizor/issues/new) +with your dnsmasq configuration. This will help us to guide which parts of the configuration to prioritize. + +## Conclusion + +DNSvizor provides DNS resolution and DHCP service for your network, and already +exists :). Please report issues you encounter and questions you may have. Also, +if you use dnsmasq, please [show us your configuration](https://github.com/robur-coop/dnsvizor/issues/new). + +If you're interested in MirageOS and using it in your domain, don't hesitate +to reach out to us (via eMail: team@robur.coop) - we're keen to deploy MirageOS +and find more domains where it is useful. If you can spare a dime, we're a +registered non-profit in Germany - and can provide tax-deductable receipts for +donations ([more information](https://robur.coop/Donate)).