dn42/wiki
1
Fork 0
mirror of https://git.dn42.dev/wiki/wiki.git synced 2025-02-16 05:14:27 +01:00
Code Releases Activity

Updated New DNS (markdown)

Browse Source
This commit is contained in:
DN42 Wiki (BURBLE-MNT) 2020-02-09 07:39:47 +00:00
parent 8b96541906
commit 7e6cdffc67
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
services/New-DNS.md
View File

@ -11,7 +11,9 @@ If running your own resolver is not possible or undesirable, you can choose one
You can also use the globally anycasted a.recursive-servers.dn42 but you won't have any control over which instance you get. This is a **very bad idea** from a security standpoint.
# Instances
The new DNS system has three different components: *.recursive-servers.dn42 and local resolvers responsible for handling queries from clients, validating DNSSEC and directing the queries at clearnet/dn42/ICVPN. *.delegation-servers.dn42 and *.master.delegation-servers.dn42 are a normal master-slave setup for providing the few official infrastructural zones.
The new DNS system has two different components:
* *.recursive-servers.dn42 and local resolvers responsible for handling queries from clients, validating DNSSEC and directing the queries at clearnet/dn42/ICVPN.
* *.delegation-servers.dn42 and *.master.delegation-servers.dn42 are a normal master-slave setup for providing the few official infrastructural zones.
## *.recursive-servers.dn42
These are simple resolvers capable of resolving dn42 domains. Every operator gets a single letter name pointing to addresses assigned from his own address space and is strongly encouraged to use anycasting across multiple nodes to improve reliability. There is also the global anycast a.recursive-servers.dn42 which includes some/all other instances. Whether an *.recursive-servers.dn42 can resolve clearnet queries or not is decided by its operator but all a.recursive-servers.dn42 instances MUST resolve clearnet queries correctly.