On Fri, Aug 8, 2025, 13:20 William Herrin via NANOG <[email protected]> wrote:
> Can anyone recommend software for an authoritative DNS server where > the open source code is clean and well documented? I have an > anycast-related experiment I'd like to put together and I want to be > able to quickly shoehorn it into existing code. > > I looked at the source for ISC Bind but the code complexity is far > beyond anything I'd want to touch for a casual experiment. Please > don't use macros (#defines) to construct your C function > _definitions_. I realize C allows it but it turns your code into a > meta-language that no one else knows. > > Regards, > Bill Herrin > I know this is going to sound absolutely silly, but hear me out. For *simple labbing/POC*, dnsmasq. Yes, really. https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html See the --auth-server= option. I, in no way, recommend it for production authoritative (as it may have been guessed from the other thread, I'm proudly a PowerDNS fanboy and dnsmasq authoritative just feels wrong and dirty) but. *But.* For simple experiments, it may be ideal. Despite being arguably overloaded in functionality, its source[0] is quite clean and rather well-documented (for example, here's its implementation of DNSSEC[1] resolution) and fairly well organized. [0] https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=summary (or https://github.com/imp/dnsmasq if you prefer) > [1] https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=src/dnssec.c;h=0860daac6bb954819ba2db5f0e1d32335e692e5a;hb=HEAD _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/UT76ZD5LTGKAILHUJS24RGVVDGNUBAB5/
