-
Notifications
You must be signed in to change notification settings - Fork 69
Expand file tree
/
Copy pathdoc.go
More file actions
77 lines (58 loc) · 2.31 KB
/
doc.go
File metadata and controls
77 lines (58 loc) · 2.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
/*
Package main implements SDNS - a high-performance, recursive DNS resolver server with DNSSEC support.
SDNS is a privacy-focused DNS server that provides:
- High-performance recursive DNS resolution with aggressive caching
- Full DNSSEC validation and verification support
- DNS-over-HTTPS (DoH) and DNS-over-QUIC (DoQ) protocols
- Privacy-preserving features including query minimization (RFC 7816)
- Flexible middleware architecture for extending functionality
- Built-in blocklist and allowlist support
- Rate limiting and access control
- Metrics and monitoring via Prometheus
- Automatic root trust anchor updates (RFC 5011)
Architecture:
SDNS uses a middleware-based architecture where each component processes DNS queries
in a chain. The middleware order is important and defined as:
1. Recovery - Panic recovery and error handling
2. Loop - Detection and prevention of query loops
3. Metrics - Prometheus metrics collection with optional per-domain tracking
4. Dnstap - Binary DNS message logging (dnstap format)
5. AccessList - IP-based access control
6. RateLimit - Query rate limiting per client
7. EDNS - EDNS0 support and processing
8. AccessLog - Query logging
9. Chaos - Chaos TXT query responses
10. HostsFile - Local hosts file resolution
11. BlockList - Domain blocking with pattern matching
12. AS112 - RFC 7534 AS112 redirection
13. Cache - High-performance query caching
14. Failover - Upstream server failover
15. Resolver - Recursive DNS resolution with DNSSEC
16. Forwarder - Forward queries to upstream servers
Configuration:
SDNS uses a configuration file (default: sdns.conf) that supports:
- Server binding addresses for DNS, DoH, and DoQ
- TLS certificate configuration
- Middleware-specific settings
- Upstream resolver configuration
- Cache size and TTL settings
- Logging levels and output
Usage:
sdns [flags]
sdns [command]
Available Commands:
help Help about any command
version Print version information
Flags:
-c, --config string Location of config file (default "sdns.conf")
-h, --help Help for sdns
Example:
# Start with default config
sdns
# Start with custom config
sdns -c /etc/sdns/sdns.conf
# Show version
sdns version
For more information, visit https://sdns.dev
*/
package main // import "github.com/semihalev/sdns"