Re: Speaking of DNS server software...

[brent saner via NANOG <nanog () lists nanog org>]

On Fri, Aug 8, 2025, 13:20 William Herrin via NANOG <nanog () lists nanog org>
wrote:

> Can anyone recommend software for an authoritative DNS server where
> the open source code is clean and well documented? I have an
> anycast-related experiment I'd like to put together and I want to be
> able to quickly shoehorn it into existing code.
>
> I looked at the source for ISC Bind but the code complexity is far
> beyond anything I'd want to touch for a casual experiment. Please
> don't use macros (#defines) to construct your C function
> _definitions_. I realize C allows it but it turns your code into a
> meta-language that no one else knows.
>
> Regards,
> Bill Herrin

I know this is going to sound absolutely silly, but hear me out.

For *simple labbing/POC*, dnsmasq. Yes, really.

https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

See the --auth-server= option.

I, in no way, recommend it for production authoritative (as it may have
been guessed from the other thread, I'm proudly a PowerDNS fanboy and
dnsmasq authoritative just feels wrong and dirty) but.
*But.*

For simple experiments, it may be ideal. Despite being arguably overloaded
in functionality, its source[0] is quite clean and rather well-documented
(for example, here's its implementation of DNSSEC[1] resolution) and fairly
well organized.


[0] https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=summary (or
https://github.com/imp/dnsmasq if you prefer)

> [1]
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=src/dnssec.c;h=0860daac6bb954819ba2db5f0e1d32335e692e5a;hb=HEAD
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/UT76ZD5LTGKAILHUJS24RGVVDGNUBAB5/