ModularDNS is a highly flexible DNS resolving service designed to be easily extendable with new functionalities through a modular architecture. It provides a variety of basic DNS functionalities and allows developers to add new features as separate modules.
- DNS Query Forwarding: Supports DNS over HTTPS (DoH), DNS over TLS (DoT), and traditional UDP/TCP forwarding.
- Load Balancing: Distributes DNS queries across multiple remote servers.
- Query Routing: Routes DNS queries to different remote servers based on their question fields.
- Local DNS Cache and Lookup Table: Maintains a local cache and lookup table for DNS queries.
- Query Filtering: Filters unwanted DNS queries.
- Rate Limiting: Limits the number of DNS requests to prevent abuse.
- Modular Architecture: Easily extend the service by adding new modules.
ModularDNS is inspired by encrypted-dns, which provides similar functionalities but lacks the flexibility for adding new features due to its complex and inflexible architecture. ModularDNS addresses these issues by starting from scratch with a focus on modularity and simplicity.
Modules under the downstream category are responsible for handling incoming
DNS "question"s and returning the corresponding "answer"s.
There are 3 subcategories of modules under the downstream category:
Modules under the local category are responsible for resolving DNS queries
based on records stored locally.
- Hosts: maintains a lookup table for domain names and their corresponding
IP addresses, similar to the functionality provided by the
/etc/hostsfile. - Cache: caches DNS queries and answers to reduce latency and network traffic.
Modules under the remote category are mainly relying on remote services to
resolve DNS queries.
- HTTPS: forwards DNS queries over HTTPS using the DoH protocol.
- TLS: (work in progress) forwards DNS queries over TLS using the DoT protocol.
- UDP: forwards DNS queries over UDP.
- TCP: (work in progress) forwards DNS queries over TCP.
- ByProtocol: based on the
endpointobject giving to this module, it will pick the right module (i.e., one ofHTTPS,TLS,UDP, andTCP) to construct the instance.
Modules under the logical category will focus on logical operations on
incoming DNS queries, while the actual resolution will likely be delegated to
other modules.
- Failover: it will first try to query an
initialmodule, and if it fails, it will try to query afailovermodule. - LimitConcurrentReq: limits the maximum number of requests that the underlying module should handle concurrently.
- QuestionRuleSet: based on the question fields, it will route the query to various underlying modules.
- RaiseExcept: raises an exception for every incoming query.
- RandomChoice: randomly (can be weighted) picks one of the underlying modules to handle the query.
Modules under the server category are responsible for monitoring incoming
queries (e.g., opening a UDP socket and listening for incoming DNS queries,
in case of a UDP server module), forwarding them to the specified
downstream module,
and replying with the answer(s) received from the downstream module.
- UDP: (work in progress) listens for incoming DNS queries over UDP and forwards them to the specified downstream module.
- TCP: (work in progress) listens for incoming DNS queries over TCP and forwards them to the specified downstream module.
This project is licensed under the MIT License. See the LICENSE file for details.
- Inspired by encrypted-dns.
For any questions or suggestions, feel free to open an issue.