b35a3d6574
There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published.
38 lines
1.4 KiB
Markdown
38 lines
1.4 KiB
Markdown
# Using DNS
|
|
|
|
Every `cryptic-net daemon` process ships with a DNS server which runs
|
|
automatically. This server will listen on port 53 on the VPN IP of that
|
|
particular host.
|
|
|
|
The server will serve requests for `<hostname>.hosts.cryptic.io` hostnames,
|
|
where `<hostname>` is any host's name in the `bootstrap/nebula/hosts` directory.
|
|
The returned IP will be the corresponding IP for the host, as listed in the
|
|
host's `bootstrap/nebula/hosts` file.
|
|
|
|
If a request for a non `.cryptic.io` hostname is received then the server will
|
|
forward the request to a pre-configured public resolver. The set of public
|
|
resolvers used can be configured using the
|
|
[daemon.yml](creating-a-daemonyml-file.md) file.
|
|
|
|
This DNS server is an optional feature of cryptic-net, and not required in
|
|
general for making use of the network.
|
|
|
|
## Example
|
|
|
|
As an example of how to make use of this DNS server, let's say my host's IP on
|
|
the network is `10.10.1.1`. In order to configure the host to use the
|
|
cryptic-net DNS server for all DNS requests, I could do something like this:
|
|
|
|
```
|
|
sudo su
|
|
echo "nameserver 10.10.1.1" > /etc/resolv.conf
|
|
```
|
|
|
|
From that point, all DNS requests on my host would hit the cryptic-net DNS
|
|
server. If I request `my-host.cryptic.io`, it would respond with the appropriate
|
|
private IP.
|
|
|
|
NOTE that configuration of dns resolvers is very OS-specific, even amongst Linux
|
|
distributions, so ensure you know how your resolver configuration works before
|
|
doing this.
|