dnsvizor, first article

articles/dnsvizor01.md

@@ -0,0 +1,85 @@
+---
+date: 2024-10-25
+title: Meet DNSvizor: run your DHCP and DNS MirageOS unikernel
+description:
+  The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP.
+tags:
+  - OCaml
+  - MirageOS
+  - DNSvizor
+author:
+  name: Hannes Mehnert
+  email: hannes@mehnert.org
+  link: https://hannes.robur.coop
+---
+
+TL;DR: We got [NGI0 Entrust (via NLnet)](https://nlnet.nl/entrust/) funding for developing
+[DNSvizor](https://nlnet.nl/project/DNSvizor/) - a DNS resolver and
+DHCP server. Please help us by [showing us your dnsmasq
+configuration](https://github.com/robur-coop/dnsvizor/issues/new), so we can
+prioritize the configuration options to support.
+
+## Introduction
+
+The [dynamic host configuration protocol (DHCP)](https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol)
+is fundamental in today's Internet and local networks. It usually runs on your
+router (or as a dedicated independent service) and automatically configures
+computers that join your network (for example wireless laptops, smartphones)
+with an IP address, routing information, a DNS resolver, etc. No manual
+configuration is needed once your friends' smartphone got the password of your
+wireless network \o/
+
+The [domain name system (DNS)](https://en.wikipedia.org/wiki/Domain_Name_System)
+is responsible for translating domain names (such as "robur.coop", "nlnet.nl")
+to IP addresses (such as 193.30.40.138 or 2a0f:7cc7:7cc7:7c40::138) - used by
+computers to talk to each other. Humans can remember domain names instead of
+memorizing IP addresses. Computers than use DNS to translate these domain names
+to IP addresses to communicate with. DNS is a hierarchic, distributed,
+faul-tolerant service.
+
+These two protocols are fundamental to today's Internet: without them it would
+be much harder for humans to use it.
+
+## DNSvizor
+
+We at [robur](https://robur.coop) got funding (from
+[NGI0 Entrust via NLnet](https://nlnet.nl/project/DNSvizor/)) to continue our work on
+[DNSvizor](https://github.com/robur-coop/dnsvizor) - a
+[MirageOS unikernel](https://mirageos.org) that provides DNS resolution and
+DHCP service for a network. This is fully implemented in
+[OCaml](https://ocaml.org).
+
+Already at our [MirageOS retreats](https://retreat.mirageos.org) we deployed
+such unikernel, to test our [DHCP implementation](https://github.com/mirage/charrua)
+and our [DNS resolver](https://github.com/mirage/ocaml-dns) - and found and
+fixed issues on-site. At the retreats we have a very limited Internet uplink,
+thus caching DNS queries and answers is great for reducing the load on the
+uplink.
+
+Thanks to the funding we received, we'll be able to work on improving the
+performance, but also to finish our DNSSec implementation, provide DNS-over-TLS
+and DNS-over-HTTPS services, and also a web interface. DNSvizor will use the
+existing [dnsmasq](https://thekelleys.org.uk/dnsmasq/doc.html) configuration
+syntax, and provide lots of features from dnsmasq, and also provide features
+such as block lists from [pi-hole](https://pi-hole.net/).
+
+We are at a point where the [basic unikernel (our MVP)](https://github.com/robur-coop/dnsvizor)
+- providing DNS and DHCP services - is ready, and we provide
+[reproducible binary builds](https://builds.robur.coop/job/dnsvizor). Phew. This
+means that the first step is done.
+
+We are now curious on concrete usages of dnsmasq and the configurations you use.
+If you're interested in dnsvizor, please [open an issue at our repository](https://github.com/robur-coop/dnsvizor/issues/new)
+with your dnsmasq configuration. This will help us to guide which parts of the configuration to prioritize.
+
+## Conclusion
+
+DNSvizor provides DNS resolution and DHCP service for your network, and already
+exists :). Please report issues you encounter and questions you may have. Also,
+if you use dnsmasq, please [show us your configuration](https://github.com/robur-coop/dnsvizor/issues/new).
+
+If you're interested in MirageOS and using it in your domain, don't hesitate
+to reach out to us (via eMail: team@robur.coop) - we're keen to deploy MirageOS
+and find more domains where it is useful. If you can spare a dime, we're a
+registered non-profit in Germany - and can provide tax-deductable receipts for
+donations ([more information](https://robur.coop/Donate)).