Skip to content
/ SND Public

Minimal authoritative PTR (rDNS, reverse DNS) resolver with automatic generation of records.

License

Notifications You must be signed in to change notification settings

Jamesits/SND

Repository files navigation

SND

Minimal authoritative PTR (rDNS, reverse DNS) resolver with automatic generation of records.

Build Status

Motivation

Say you have a large collection of IP addresses (thousands of IPv4 /24 blocks, or one IPv6 /32 block), and you want to have PTR records on all of your IPs. Writing a zonefile and hosting it using any traditional authoritative DNS server is unrealistic: the zonefile will be of multiple GBs and you need an enormous amount of memory to even load it.

SND provides you a simple alternative option: you name a base domain, and SND generates PTR records for you on the fly based on a set of pre-defined rules.

1.1.168.192.in-addr.arpa.                                                 1000 IN PTR 192.168.1.1.ptr.example.com.
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.0.0.d.f.ip6.arpa. 1000 IN PTR fd00.1.0.0.0.0.0.1.ptr.example.com.

Requirements

Hardware

SND can run on very little processing power (Raspberry Pis are fine) and a very small memory footprint (a few MBs) although the performance will be not optimal.

As of version 0.1.2, on a 4-core Intel E5-2670 VM with more than 2GiB memory, SND can process around 25K RPS.

Software

Officially supported OS:

  • Linux (kernel 4.19+ with glibc)
  • Windows (Windows Server 2016 or later, Windows 10 Desktop 1809 or later)

Other OSes are not currently tested because of the lack of resources available to me.

Usage

Configure SND

Copy over the self-documented example config and tweak it for your own need. Please do not leave any example.com things in your own config. Remove what you don't need.

Currently no strict config file format checking is implemented -- you might crash the program if some important keys are missing.

Set up SND

In most cases you are going to need 2 servers (or one server with 2 different IP addresses if you don't care about availability issues). Copy the exact same config file to both servers and launch SND on both of them:

Download the pre-compiled binary from releases to your server and run it:

chmod +x ./snd
./snd -config path/to/config.toml

Or, if you prefer Docker:

docker run --rm -p 53:53 -p 53:53/udp -v path/to/config.toml:/etc/snd/config.toml:ro snd:latest

Run a simple test using dig:

$ dig @localhost -x 192.0.2.1

; <<>> DiG 9.11.5-P4-5.1-Debian <<>> @localhost -x 192.0.2.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50924
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;1.2.0.192.in-addr.arpa.      IN      PTR

;; ANSWER SECTION:
1.2.0.192.in-addr.arpa. 3600  IN      PTR     192.0.2.1.example.com.

Set up DNS records

You need at least 2 A or AAAA records pointing to each of your SND servers. You might need to set them up as glue records based on your actual config.

ns1.example.com.	3600	IN	A	192.0.2.1
ns2.example.com.	3600	IN	A	192.0.2.2

Set up PTR record delegation

Set up a domain object at your RIR like this.

domain:   <zone name>
descr:    <description>
admin-c:  <nic-handle for administrative contact>
tech-c:   <nic-handle for technical contact>
zone-c:   <nic-handle for zone contact>
nserver:  ns1.example.com
nserver:  ns2.example.com
mnt-by:   <your maintainer>

Detailed instructions are provided per RIR:

Notes:

  • The smallest IP block sizes available for delegation differ
  • Only RIPE NCC is currently tested because I cannot afford IP blocks from the other RIRs

Compilation

Golang 1.22 or later is officially supported. Before starting, make sure the GOROOT and GOPATH environment variables are set correctly and there is a go binary is in your PATH.

git clone https://github.com/Jamesits/SND.git
cd SND
go build github.com/jamesits/snd/cmd/snd