https://coredns.io/ Recent content on CoreDNS: DNS and Service Discovery Hugo -- gohugo.io en-us CoreDNS - All Rights Reserved Fri, 06 Mar 2026 16:27:00 +0000 https://coredns.io/plugins/acl/ Tue, 07 Feb 2023 20:00:01 +0000 https://coredns.io/plugins/acl/ Description With acl enabled, users are able to block or filter suspicious DNS queries by configuring IP filter rule sets, i.e. allowing authorized queries or blocking unauthorized queries. When evaluating the rule sets, acl uses the source IP of the TCP/UDP headers of the DNS query received by CoreDNS. This source IP will be different than the IP of the client originating the request in cases where the source IP of the request is changed in transit. https://coredns.io/plugins/any/ Wed, 28 Oct 2020 18:26:48 +0000 https://coredns.io/plugins/any/ Description any basically blocks ANY queries by responding to them with a short HINFO reply. See RFC 8482 for details. Syntax any Examples example.org { whoami any } A dig +nocmd ANY example.org +noall +answer now returns: example.org. 8482 IN HINFO "ANY obsoleted" "See RFC 8482" See Also RFC 8482. https://coredns.io/plugins/auto/ Thu, 11 Dec 2025 04:36:33 +0000 https://coredns.io/plugins/auto/ Description The auto plugin is used for an “old-style” DNS server. It serves from a preloaded file that exists on disk. If the zone file contains signatures (i.e. is signed, i.e. using DNSSEC) correct DNSSEC answers are returned. Only NSEC is supported! If you use this setup you are responsible for re-signing the zonefile. New or changed zones are automatically picked up from disk only when SOA’s serial changes. If the zones are not updated via a zone transfer, the serial must be manually changed. https://coredns.io/plugins/autopath/ Fri, 22 Nov 2024 08:09:54 +0000 https://coredns.io/plugins/autopath/ Description If the autopath plugin sees a query that matches the first element of the configured search path, it will follow the chain of search path elements and return the first reply that is not NXDOMAIN. On any failures, the original reply is returned. Because autopath returns a reply for a name that wasn’t the original question, it will add a CNAME that points from the original name (with the search path element in it) to the name of this answer. https://coredns.io/plugins/azure/ Mon, 11 Jan 2021 23:17:55 +0000 https://coredns.io/plugins/azure/ Description The azure plugin is useful for serving zones from Microsoft Azure DNS. The azure plugin supports all the DNS records supported by Azure, viz. A, AAAA, CNAME, MX, NS, PTR, SOA, SRV, and TXT record types. NS record type is not supported by azure private DNS. Syntax azure RESOURCE_GROUP:ZONE... { tenant TENANT_ID client CLIENT_ID secret CLIENT_SECRET subscription SUBSCRIPTION_ID environment ENVIRONMENT fallthrough [ZONES...] access private } RESOURCE_GROUP:ZONE is the resource group to which the hosted zones belongs on Azure, and ZONE the zone that contains data. https://coredns.io/plugins/bind/ Fri, 08 Aug 2025 17:41:04 +0000 https://coredns.io/plugins/bind/ Description Normally, the listener binds to the wildcard host. However, you may want the listener to bind to another IP instead. If several addresses are provided, a listener will be open on each of the IP provided. Each address has to be an IP or name of one of the interfaces of the host. Bind by interface name, binds to the IPs on that interface at the time of startup or reload (reload will happen with a SIGHUP or if the config file changes). https://coredns.io/plugins/bufsize/ Tue, 15 Aug 2023 20:06:20 +0000 https://coredns.io/plugins/bufsize/ Description bufsize limits a requester’s UDP payload size to within a maximum value. If a request with an OPT RR has a bufsize greater than the limit, the bufsize of the request will be reduced. Otherwise the request is unaffected. It prevents IP fragmentation, mitigating certain DNS vulnerabilities. It cannot increase UDP size requested by the client, it can be reduced only. This will only affect queries that have an OPT RR (EDNS(0)). https://coredns.io/plugins/cache/ Tue, 07 Feb 2023 20:00:01 +0000 https://coredns.io/plugins/cache/ Description With cache enabled, all records except zone transfers and metadata records will be cached for up to 3600s. Caching is mostly useful in a scenario when fetching data from the backend (upstream, database, etc.) is expensive. Cache will pass DNSSEC (DNSSEC OK; DO) options through the plugin for upstream queries. This plugin can only be used once per Server Block. Syntax cache [TTL] [ZONES...] TTL max TTL in seconds. If not specified, the maximum TTL will be used, which is 3600 for NOERROR responses and 1800 for denial of existence ones. https://coredns.io/plugins/cancel/ Wed, 28 Oct 2020 18:26:48 +0000 https://coredns.io/plugins/cancel/ Description The cancel plugin creates a canceling context for each request. It adds a timeout that gets triggered after 5001 milliseconds. The 5001 number was chosen because the default timeout for DNS clients is 5 seconds, after that they give up. A plugin interested in the cancellation status should call plugin.Done() on the context. If the context was canceled due to a timeout the plugin should not write anything back to the client and return a value indicating CoreDNS should not either; a zero return value should suffice for that. https://coredns.io/explugins/kubeforward/ Fri, 04 Apr 2025 17:15:00 +0000 https://coredns.io/explugins/kubeforward/ Description The kubeforward plugin enables CoreDNS to dynamically update its list of DNS forwarders by monitoring changes to a specified Kubernetes Service. It observes EndpointSlices associated with the Service and adjusts the DNS forwarding configuration in real-time as endpoints are added, removed, or updated. This functionality enhances the reliability and resilience of DNS services within Kubernetes clusters. Syntax kubeforward { namespace <namespace> service_name <service_name> port_name <port_name> expire <duration> health_check <duration> force_tcp prefer_udp } Configuration Parameters namespace (required): Specifies the Kubernetes namespace where the target Service resides. https://coredns.io/explugins/json/ Wed, 05 Mar 2025 15:51:45 -0800 https://coredns.io/explugins/json/ Name json - query a JSON-formatted DNS server Description The json plugin queries a JSON-formatted DNS server and returns the result as a DNS response. Syntax json <URI> URI (required): The URI of the JSON-formatted DNS server. Example . { json https://your-json-dns-server.com/api/v1/dns } Supported record types The json plugin supports the following DNS record types: A AAAA CNAME MX TXT https://coredns.io/explugins/gslb/ Sun, 09 Feb 2025 17:00:00 +0200 https://coredns.io/explugins/gslb/ Description This plugin provides support for GSLB, enabling advanced load balancing and failover mechanisms based on backend health checks and policies. It is particularly useful for managing geographically distributed services or for ensuring high availability and resilience. Features: IPv4 and IPv6 support Health Checks: HTTPS TCP ICMP Selection Modes: Failover: Routes traffic to the highest-priority available backend. Random: Distributes traffic randomly across backends. Round Robin: Cycles through backends in sequence. Syntax gslb DB_YAML_FILE [ZONES. https://coredns.io/explugins/fanout/ Tue, 03 Sep 2024 22:00:00 +0800 https://coredns.io/explugins/fanout/ Description Each incoming DNS query that hits the CoreDNS fanout plugin will be replicated in parallel to each listed IP (i.e. the DNS servers). The first non-negative response from any of the queried DNS Servers will be forwarded as a response to the application’s DNS request. Syntax tls CERT KEY CA define the TLS properties for TLS connection. From 0 to 3 arguments can be provided with the meaning as described below https://coredns.io/explugins/k8s_cache/ Wed, 24 Apr 2024 15:20:00 +0200 https://coredns.io/explugins/k8s_cache/ Description This is a fork of cache. It adds an option to send a refreshed positive cache item first to pods with the label k8s-cache.coredns.io/early-refresh=true. Other pods get it only after a specified duration. This makes it possible to implement stable NetworkPolicy whitelists on the basis of domain names that are resolved with DNS, using Stable FQDNNetworkPolicies. The implementation uses an additional cache store called the “late cache”, which is shifted a number of seconds. https://coredns.io/explugins/gathersrv/ Sun, 02 Jul 2023 12:00:00 +0000 https://coredns.io/explugins/gathersrv/ Description This plugin could be helpful for services that are logically distributed over several k8s clusters and use headless service to expose themselves. The aim of this plugin is to provide a method to discover all service instances through a single service domain. The result of querying distributed service domain contains masqueraded results gathered from multiple clusters. In contrast to multicluster plugin it does not require that k8s clusters have to share the same cluster zone. https://coredns.io/explugins/meship/ Mon, 15 May 2023 12:00:00 +0000 https://coredns.io/explugins/meship/ Background Currently, a strict hierarchy is followed when resolving DNS names. It is centrally designed. To address the problem of centrality, there are several approaches. One of these approaches is Meshname. With a meship domain, the address to which the domain is to be resolved is encoded in the domain name. Thus, when a meship domain is to be resolved, the domain name is decoded first and then returned as a AAAA record. https://coredns.io/explugins/meshname/ Mon, 15 May 2023 12:00:00 +0000 https://coredns.io/explugins/meshname/ Background Currently, a strict hierarchy is followed when resolving DNS names. It is centrally designed. To address the problem of centrality, there are several approaches. One of these approaches is Meshname. With meshname, the IPv6 address of the authoritative name server responsible for the meshname domain is already encoded in the domain name. Thus, when a meshname domain is to be resolved, the first thing that is done is to decode the encoded authoritative DNS server from the domain. https://coredns.io/explugins/multicluster/ Fri, 03 Mar 2023 03:51:43 +0000 https://coredns.io/explugins/multicluster/ Description The multicluster plugin implements the Kubernetes DNS-Based Multicluster Service Discovery Specification. Syntax multicluster [ZONES...] { kubeconfig KUBECONFIG [CONTEXT] noendpoints fallthrough [ZONES...] } kubeconfig KUBECONFIG [CONTEXT] authenticates the connection to a remote k8s cluster using a kubeconfig file. [CONTEXT] is optional, if not set, then the current context specified in kubeconfig will be used. It supports TLS, username and password, or token-based authentication. This option is ignored if connecting in-cluster (i. https://coredns.io/explugins/recursor/ Mon, 30 Jan 2023 16:15:00 +0200 https://coredns.io/explugins/recursor/ Description The recursor resolves domains using defined IP addresses or resolving other mapped domains using defined resolvers. Syntax recursor { [external-yaml config-file-path] [external-json config-file-path] [verbose 0..2] zone: zone.name [resolver non-default { urls udp://ip-1:port udp://ip-n:port [timeout_ms 500] }] [alias alias-name | * { [hosts domain-1 domain-n] [ips ip-1 ip-n] [resolver_name non-default] [ttl custom-ttl] }] } The recursor definition: zone - DNS zone for the recursor verbose - stdout logs level: 0 - minimal 1 - middle 2 - talkative resolvers - other DNS servers: map-key/id: name of resolver, default overrides system default resolver urls: list of URL addresses, example: udp://127. https://coredns.io/explugins/k8s_event/ Tue, 23 Aug 2022 10:57:00 +0800 https://coredns.io/explugins/k8s_event/ Description k8s_event listens for log printings, and reports them as Events to Kubernetes APIServer. This plugin requires … the kubeapi plugin to create a connection to the Kubernetes API. create/patch/update permission to the Events API. Enabling this plugin is process-wide: enabling k8s_event in at least one server block enables it globally. Syntax k8s_event { level LEVELS... rate [QPS] [Burst] [CacheSize] } levels selects what level of logs should be reported as Kubernetes events. https://coredns.io/explugins/redis/ Mon, 27 Jun 2022 18:00:00 -0400 https://coredns.io/explugins/redis/ Description redis enables reading zone data from redis database. this plugin should be located right next to etcd in plugins.cfg Syntax redis redis loads authoritative zones from redis server address will default to local redis server (localhost:6379) redis { address ADDR password PWD prefix PREFIX suffix SUFFIX connect_timeout TIMEOUT read_timeout TIMEOUT ttl TTL } address is redis server address to connect in the form of host:port or ip:port. password is redis server auth key connect_timeout time in ms to wait for redis server to connect read_timeout time in ms to wait for redis server to respond ttl default ttl for dns records, 300 if not provided prefix add PREFIX to all redis keys suffix add SUFFIX to all redis keys Examples . https://coredns.io/explugins/finalize/ Thu, 23 Dec 2021 09:00:00 +0100 https://coredns.io/explugins/finalize/ Description The plugin will try to resolve CNAMEs and only return the resulting A or AAAA address. If no A or AAAA record can be resolved the original (first) answer will be returned to the client. Circular dependencies are detected and an error will be logged accordingly. In that case the original (first) answer will be returned to the client as well. Syntax finalize [max_depth MAX] max_depth MAX to limit the maximum calls to resolve a CNAME chain to the final A or AAAA record, a value > 0 can be specified. https://coredns.io/explugins/kubenodes/ Fri, 17 Dec 2021 00:00:00 +0000 https://coredns.io/explugins/kubenodes/ Description kubenodes watches the Kubernetes API and synthesizes A, AAAA, and PTR records for Node addresses. This plugin requires … the kubeapi plugin to create a connection to the Kubernetes API. (http://github.com/coredns/kubeapi) list/watch permission to the Nodes API. This plugin can only be used once per Server Block. Syntax kubenodes [ZONES...] { external ttl TTL fallthrough [ZONES...] } external will build records using Nodes’ external addresses. If omitted, kubenodes will build records using Nodes’ internal addresses. https://coredns.io/explugins/ebpf/ Thu, 14 Oct 2021 00:00:00 +0000 https://coredns.io/explugins/ebpf/ Description This experimental plugin allows you to use an eBPF XDP program to analyze and filter traffic before it reaches CoreDNS, and report very basic Prometheus metrics. When CoreDNS exits, the program will be detached from the interface. This generic solution serves in part as an example of how you can integrate an eBPF XDP program with CoreDNS with a custom plugin. But due to the generic nature, map entry is somewhat cryptic and metrics must be defined in the Corefile, limiting their scope. https://coredns.io/explugins/rrl/ Thu, 07 Oct 2021 00:00:00 +0000 https://coredns.io/explugins/rrl/ Description The rrl plugin tracks response rates per category of response. The category of a given response consists of the following: Prefix of the client IP (per the ipv4/6-prefix-length) Requested name (qname) excluding response type of error (see response type below) Requested type (qtype) excluding response type of error (see response type below) Response type (each corresponding to the configurable per-second allowances) response - for positive responses that contain answers nodata - for NODATA responses nxdomain - for NXDOMAIN responses referrals - for referrals or delegations error - for all DNS errors (except NXDOMAIN) To better protect against attacks using invalid requests, requested name and type are not categorized separately for error type requests. https://coredns.io/explugins/mysql/ Mon, 07 Jun 2021 01:01:00 +0000 https://coredns.io/explugins/mysql/ Description This plugin uses MySQL as a backend to store DNS records. These will then can served by CoreDNS. The backend uses a simple, single table data structure that can be shared by other systems to add and remove records from the DNS server. As there is no state stored in the plugin, the service can be scaled out by spinning multiple instances of CoreDNS backed by the same database. https://coredns.io/explugins/warnlist/ Thu, 03 Jun 2021 16:00:00 +0100 https://coredns.io/explugins/warnlist/ Description The warnlist plugin accepts a list of malicious or otherwise undesirable domains and emits a log entry and Prometheus metrics when a domain (or subdomain) is requested. Prohibited domains can be loaded from a local file or a URL and can be automatically reloaded after a specified period. warnlist can be thought of as a non-blocking blacklist/blocklist/denylist/badlist. When used with a curated data source, the plugin can surface simplistic low-noise alerts without the need to ship and inspect DNS logs. https://coredns.io/explugins/git/ Thu, 07 Jan 2021 00:12:00 +0800 https://coredns.io/explugins/git/ Description git clones a git repository into the site. This makes it possible to deploy your zones with a simple git push. The git plugin starts a service routine that runs during the lifetime of the server. When the service starts, it clones the repository. While the server is still up, it pulls the latest every so often. You can also set up a webhook to pull immediately after a push. https://coredns.io/explugins/alternate/ Mon, 28 Sep 2020 00:00:00 -0500 https://coredns.io/explugins/alternate/ Description The alternate plugin is able to selectively forward queries to another upstream server, depending the error result provided by the initial resolver. It allows an alternate set of upstreams be specified which will be used if the plugin chain returns specific error messages. The alternate plugin utilizes the forward plugin (https://coredns.io/plugins/forward) to query the specified upstreams. The alternate plugin supports only DNS protocol and random policy w/o additional forward parameters, so following directives will fail: https://coredns.io/explugins/k8s_dns_chaos/ Tue, 22 Sep 2020 21:57:00 +0800 https://coredns.io/explugins/k8s_dns_chaos/ Description This plugin implements the Kubernetes DNS-Based Service Discovery Specification. CoreDNS running with the k8s_dns_chaos plugin can be used to do chaos tests on DNS. This plugin can only be used once per Server Block. Syntax k8s_dns_chaos [ZONES...] The k8s_dns_chaos supports all options in plugin kubernetes, besides, it also supports other configuration items for chaos. kubernetes [ZONES...] { endpoint URL tls CERT KEY CACERT kubeconfig KUBECONFIG CONTEXT namespaces NAMESPACE... labels EXPRESSION pods POD-MODE endpoint_pod_names ttl TTL noendpoints transfer to ADDRESS. https://coredns.io/explugins/records/ Tue, 22 Sep 2020 07:53:19 +0100 https://coredns.io/explugins/records/ Description The records plugin is useful for serving zone data that is specified inline in the configuration file. As opposed to the hosts plugin, this plugin supports all record types. Records need to be specified in text representation as specified in RFC 1035. If no TTL is specified in the records, a default TTL of 3600s is assumed. For negative responses a SOA record should be included in the response, this will only be done when a SOA record is included in the data. https://coredns.io/explugins/k8s_gateway/ Sat, 19 Sep 2020 12:00:00 -0800 https://coredns.io/explugins/k8s_gateway/ Description This plugin is very similar to k8s_external but supporting all types of Kubernetes external resources - Ingress, Service of type LoadBalancer and networking.x-k8s.io/Gateway (when it becomes available). This plugin relies on it’s own connection to the k8s API server and doesn’t share any code with the existing kubernetes plugin. The assumption is that this plugin can now be deployed as a separate instance (alongside the internal kube-dns) and act as a single external DNS interface into your Kubernetes cluster(s). https://coredns.io/explugins/netbox/ Sun, 28 Jun 2020 15:01:20 +0100 https://coredns.io/explugins/netbox/ Description netbox enables reading zone data from a netbox instance. Syntax netbox { url http://10.0.0.2:9000/api/ipam/ip-addresses token youSekretAPITokenForNetbox } The plugin will delegate search to the next plugin if a record isn’t found. If a record is found a record is sent and the query processing is stopped. https://coredns.io/explugins/mdns/ Wed, 17 Jun 2020 11:07:00 +1200 https://coredns.io/explugins/mdns/ Description This plugin reads mDNS records from the local network and responds to queries based on those records. Useful for providing mDNS records to non-mDNS-aware applications by making them accessible through a standard DNS server. Syntax mdns example.com [minimum SRV records] [filter text] [bind address] Examples As a prerequisite to using this plugin, there must be systems on the local network broadcasting mDNS records. Note that the .local domain will be replaced with the configured domain. https://coredns.io/explugins/wgsd/ Wed, 27 May 2020 17:05:00 -0800 https://coredns.io/explugins/wgsd/ Description wgsd serves WireGuard peer information via DNS-SD (RFC6763) semantics. This enables dynamic discovery of WireGuard endpoint addressing (both IP address and port number) with the added benefit of NAT-to-NAT WireGuard connectivity where UDP hole punching is supported. Following RFC6763 this plugin provides a listing of peers via PTR records at the namespace _wireguard._udp.<zone>. The target for the PTR records is <base32PubKey>._wireguard._udp.<zone> which corresponds to SRV records. SRV targets are of the format <base32PubKey>. https://coredns.io/explugins/alias/ Sat, 25 Apr 2020 19:12:00 +0800 https://coredns.io/explugins/alias/ Description The alias plugin eliminates CNAME records from zone apex by making the subsequent resolved records look like they belong to the zone apex. This behaves similarily to CloudFlare’s Zone Flattening. This plugin works only with plugins that produce A or AAAA records alongside the CNAME record. Examples include auto and file. However, you might need to adjust the order of this plugin to use it with other plugins. Preferrably, this should not be used in favour of the RFC drafts for the new ANAME records, but the DNS library used by CoreDNS does not support ANAME records yet. https://coredns.io/plugins/chaos/ Thu, 06 Feb 2020 12:07:03 +0000 https://coredns.io/plugins/chaos/ Description This is useful for retrieving version or author information from the server by querying a TXT record for a special domain name in the CH class. Syntax chaos [VERSION] [AUTHORS...] VERSION is the version to return. Defaults to CoreDNS-<version>, if not set. AUTHORS is what authors to return. This defaults to all GitHub handles in the OWNERS files. Note that you have to make sure that this plugin will get actual queries for the following zones: version. https://coredns.io/explugins/lighthouse/ Thu, 21 Nov 2019 10:00:00 +0800 https://coredns.io/explugins/lighthouse/ Description Lighthouse plugin allows Cross Cluster Service Discovery between Kubernetes clusters connected by Submariner. If the default Kubernetes plugin fails to resolve a DNS request, the lighthouse plugin will try to resolve it using the information it gathered from other clusters that have joined the submariner control plane. On a successful resolution, lighthouse plugin returns the cluster IP of the service in the remote cluster. Submariner ensures that this IP is reachable. https://coredns.io/explugins/idetcd/ Mon, 13 Aug 2018 18:54:20 +0100 https://coredns.io/explugins/idetcd/ Description idetcd is used for identifying nodes in a cluster without domain name collision.The basic idea is quite simple: Set up CoreDNS server on every node when you going to start a cluster, and node exposes itself by taking the free domain name in etcd. Syntax idetcd { endpoint ENDPOINT... limit LIMIT pattern PATTERN } endpoint defines the etcd endpoints. Defaults to “http://localhost:2379”. limit defines the maximum limit of the node number in the cluster, if some nodes is going to expose itself after the node number in the cluster hits this limit, it will fail. https://coredns.io/explugins/gravwell/ Wed, 04 Jul 2018 20:25:00 +0000 https://coredns.io/explugins/gravwell/ Description This plugin allows for directly integrating DNS auditing into Gravwell. The plugin acts as an integrated ingester and ships DNS requests and responses directly to a Gravwell instance. DNS Requests and responses can be encoded as text, JSON, or as a packed binary format. Syntax gravwell { Ingest-Secret IngestSecretToken Cleartext-Target 192.168.1.1:4023 Tag dns Encoding json Log-Level INFO #Cleartext-Target 192.168.1.2:4023 #second indexer #Ciphertext-Target 192.168.1.1:4024 #Insecure-Novalidate-TLS true #disable TLS certificate validation #Ingest-Cache-Path /tmp/coredns_ingest. https://coredns.io/explugins/amazondns/ Tue, 06 Mar 2018 20:32:00 +0900 https://coredns.io/explugins/amazondns/ Description The amazondns plugin behaves Authoritative name server using Amazon DNS Server as the backend. The Amazon DNS server is used to resolve the DNS domain names that you specify in a private hosted zone in Route 53. However, the server acts as Caching name server. Although CoreDNS has proxy plugin and we can configure Amazon DNS server as the backend, it can’t be Authoritative name server. In my case, Authoritative name server is required to handle delegated responsibility for the subdomain. https://coredns.io/explugins/kubernetai/ Mon, 05 Mar 2018 21:57:00 +0800 https://coredns.io/explugins/kubernetai/ Description Kubernetai (koo-ber-NET-eye) is the plural form of Kubernetes. In a nutshell, Kubernetai is an external plugin for CoreDNS that holds multiple kubernetes plugin configurations. It allows one CoreDNS server to connect to more than one Kubernetes server at a time. With kubernetai, you can define multiple kubernetes blocks in your Corefile. All options are exactly the same as the built in kubernetes plugin, you just name them kubernetai instead of kubernetes. https://coredns.io/explugins/redisc/ Sat, 17 Feb 2018 19:36:00 +0000 https://coredns.io/explugins/redisc/ Description With redisc responses can be cached for up to 3600s. Caching in Redis is mostly useful in a setup where multiple CoreDNS instances share a VIP. E.g. multiple CoreDNS pods in a Kubernetes cluster. If Redis is not reacheable this plugin will be a noop. The cache and redisc plugin can be used together, where cache is the L1 and redisc is the L2 level cache. If multiple CoreDNS instances get a cache miss for the same item, they will all be fetching the same information from an upstream and updating the cache, i. https://coredns.io/explugins/unbound/ Thu, 25 Jan 2018 11:25:00 +0000 https://coredns.io/explugins/unbound/ Description Via unbound you can perform recursive queries. Unbound uses DNSSEC by default when resolving and it returns those records (DNSKEY, RRSIG, NSEC and NSEC3) back to the clients. The unbound plugin will remove those records when a client didn’t ask for it. The internal (RR) answer cache of Unbound is disabled, so you may want to use the cache plugin. Libunbound can be configured via (a subset of) options, currently the following are set, by default: https://coredns.io/explugins/on/ Mon, 22 Jan 2018 07:53:19 +0100 https://coredns.io/explugins/on/ Description on executes a command when a specified event is triggered. This can be useful for preparing to serve a site by running a script or starting a background process when the server starts, or for stopping it when the server exits. Each command that is executed is blocking, unless you suffix the command with a space and &, which will cause the command to be run in the background. (Do not do this when the server is exiting, or the command may not finish before its parent process exits. https://coredns.io/explugins/dump/ Wed, 17 Jan 2018 21:57:00 +0800 https://coredns.io/explugins/dump/ Description dump uses the synax from the log plugin, and defaults to this format: {remote} - [{when}] {>id} {type} {class} {name} {proto} {port} So a query will show up as: :1 - [17/Jan/2018:20:02:19 +0000] 3644 MX IN example.net. udp 46481 Note that this is shorter than the default for log so you can distinguish between the two outputs. log only logs queries that have seen a response, so this plugin can be used as a debugging aid to just dump all incoming queries. https://coredns.io/explugins/pdsql/ Sat, 09 Dec 2017 10:26:00 +0800 https://coredns.io/explugins/pdsql/ Description pdsql uses PowerDNS generic sql as backend. Use jinzhu/gorm database drivers, supports as many databases as Gorm does. Syntax pdsql <dialect> <arg> { // enable debug mode debug [db] // create table for test auto-migrate } Install Driver pdsql needs db drivers for dialect, to install a driver you need to add an import in plugin.cfg, like pdsql_mysql:github.com/jinzhu/gorm/dialects/mysql pdsql_sqlite:github.com/jinzhu/gorm/dialects/sqlite pdsql_mysql and pdsql_sqlite are meaningless, specified to prevent duplicates. Examples Start a server on port 1053, use test. https://coredns.io/explugins/ipin/ Sat, 09 Dec 2017 02:00:00 +0800 https://coredns.io/explugins/ipin/ Description ipin returns IP address and port based on you domain name. Your IP address is returned in the answer section, currently only support ipv4, so A record only. The optional port are included in the additional section as a SRV record. ._port.qname. 0 IN SRV 0 0 <port> . Syntax ipin Examples Start a server on the default port and load the ipin plugin. . { ipin } When queried for “192-168-1-1. https://coredns.io/explugins/demo/ Tue, 25 Jul 2017 21:57:00 +0800 https://coredns.io/explugins/demo/ Description This demo plugin showcases the implementation of source IP based service discovery. It is intended as a boilerplate code, so that anyone that is interested in coredns implementation could build their plugin on top of this demo plugin. This demo plugin and its full code has been walked through in past KubeCon talks Note: In order to add a new plugin, an additional step of make gen is needed. Therefore, to build the coredns with demo plugin the following should be used: https://coredns.io/explugins/example/ Tue, 25 Jul 2017 21:57:00 +0800 https://coredns.io/explugins/example/ Description The example plugin prints “example” on every query received. It serves as documentation for writing CoreDNS plugins. Syntax example Metrics If monitoring is enabled (via the prometheus directive) the following metric is exported: coredns_example_request_count_total{server} - query count to the example plugin. The server label indicated which server handled the request, see the metrics plugin for details. Health This plugin implements dynamic health checking. It will always return healthy though. https://coredns.io/plugins/clouddns/ Thu, 08 Jan 2026 11:42:04 +0000 https://coredns.io/plugins/clouddns/ Description The clouddns plugin is useful for serving zones from resource record sets in GCP Cloud DNS. This plugin supports all Google Cloud DNS records. This plugin can be used when CoreDNS is deployed on GCP or elsewhere. Note that this plugin accesses the resource records through the Google Cloud API. For records in a privately hosted zone, it is not necessary to place CoreDNS and this plugin in the associated VPC network. https://coredns.io/explugins/ens/ Fri, 13 Sep 2019 09:00:00 +0100 https://coredns.io/explugins/ens/ Description The ens plugin serves DNS records from the Ethereum Name Service. Ethereum provides an authoritative source of DNS records for relevant domains, allowing authoritative data to be served by any nameserver without it having write-access to the DNS records themselves. It is recommended that this comes after rewrite in the plugins.cfg file. Syntax ens { # connection is the connection to an Ethereum node. It is *highly* # recommended that a local node is used, as remote connections can # cause DNS requests to time out. https://coredns.io/plugins/debug/ Wed, 28 Oct 2020 18:26:48 +0000 https://coredns.io/plugins/debug/ Description Normally CoreDNS will recover from panics; using debug inhibits this. The main use of debug is to help in testing. A side effect of using debug is that log.Debug and log.Debugf messages will be printed to standard output. Note that the errors plugin (if loaded) will also set a recover, negating this setting. Enabling this plugin is process-wide: enabling debug in at least one server block enables debug mode globally. https://coredns.io/plugins/dns64/ Mon, 24 Jan 2022 14:51:48 +0000 https://coredns.io/plugins/dns64/ Description The dns64 plugin will when asked for a domain’s AAAA records, but only finds A records, synthesizes the AAAA records from the A records. The synthesis is only performed if the query came in via IPv6. This translation is for IPv6-only networks that have NAT64. Syntax dns64 [PREFIX] PREFIX defines a custom prefix instead of the default 64:ff9b::/96. Or use this slightly longer form with more options: dns64 [PREFIX] { [translate_all] prefix PREFIX [allow_ipv4] } prefix specifies any local IPv6 prefix to use, instead of the well known prefix (64:ff9b::/96) translate_all translates all queries, including responses that have AAAA results. https://coredns.io/plugins/dnssec/ Fri, 22 Nov 2024 08:09:54 +0000 https://coredns.io/plugins/dnssec/ Description With dnssec, any reply that doesn’t (or can’t) do DNSSEC will get signed on the fly. Authenticated denial of existence is implemented with NSEC black lies. Using ECDSA as an algorithm is preferred as this leads to smaller signatures (compared to RSA). NSEC3 is not supported. This plugin can only be used once per Server Block. Syntax dnssec [ZONES... ] { key file|aws_secretsmanager KEY... cache_capacity CAPACITY } The signing behavior depends on the keys specified. https://coredns.io/plugins/dnstap/ Mon, 13 Oct 2025 05:58:44 +0000 https://coredns.io/plugins/dnstap/ Description dnstap is a flexible, structured binary log format for DNS software; see https://dnstap.info. With this plugin you make CoreDNS output dnstap logging. Every message is sent to the socket as soon as it comes in, the dnstap plugin has a buffer of 10000 messages, above that number dnstap messages will be dropped (this is logged). Syntax dnstap SOCKET [full] [writebuffer] [queue] { [identity IDENTITY] [version VERSION] [extra EXTRA] [skipverify] } SOCKET is the socket (path) supplied to the dnstap command line tool. https://coredns.io/plugins/erratic/ Wed, 28 Oct 2020 18:26:48 +0000 https://coredns.io/plugins/erratic/ Description erratic returns a static response to all queries, but the responses can be delayed, dropped or truncated. The erratic plugin will respond to every A or AAAA query. For any other type it will return a SERVFAIL response (except AXFR). The reply for A will return 192.0.2.53 (RFC 5737), for AAAA it returns 2001:DB8::53 (RFC 3849). For an AXFR request it will respond with a small zone transfer. Syntax erratic { drop [AMOUNT] truncate [AMOUNT] delay [AMOUNT [DURATION]] } drop: drop 1 per AMOUNT of queries, the default is 2. https://coredns.io/plugins/errors/ Thu, 08 Jan 2026 11:42:04 +0000 https://coredns.io/plugins/errors/ Description Any errors encountered during the query processing will be printed to standard output. The errors of particular type can be consolidated and printed once per some period of time. This plugin can only be used once per Server Block. Syntax The basic syntax is: errors Extra knobs are available with an expanded syntax: errors { stacktrace consolidate DURATION REGEXP [LEVEL] [show_first] } Option stacktrace will log a stacktrace during panic recovery. https://coredns.io/plugins/etcd/ Tue, 09 Sep 2025 18:54:52 +0000 https://coredns.io/plugins/etcd/ Description The etcd plugin implements the (older) SkyDNS service discovery service. It is not suitable as a generic DNS zone data plugin. Only a subset of DNS record types are implemented, and subdomains and delegations are not handled at all. The plugin will also recursively descend the tree and return all records found, see “Special Behavior” below for details. The data in the etcd instance has to be encoded as a message like SkyDNS. https://coredns.io/plugins/file/ Fri, 13 Jun 2025 10:26:16 +0000 https://coredns.io/plugins/file/ Description The file plugin is used for an “old-style” DNS server. It serves from a preloaded file that exists on disk contained RFC 1035 styled data. If the zone file contains signatures (i.e., is signed using DNSSEC), correct DNSSEC answers are returned. Only NSEC is supported! If you use this setup you are responsible for re-signing the zonefile. Syntax file DBFILE [ZONES...] DBFILE the database file to read and parse. If the path is relative, the path from the root plugin will be prepended to it. https://coredns.io/plugins/forward/ Sat, 17 Jan 2026 06:17:00 +0000 https://coredns.io/plugins/forward/ Description The forward plugin re-uses already opened sockets to the upstreams. It supports UDP, TCP and DNS-over-TLS and uses in band health checking. When it detects an error a health check is performed. This checks runs in a loop, performing each check at a 0.5s interval for as long as the upstream reports unhealthy. Once healthy we stop health checking (until the next error). The health checks use a recursive DNS query (. https://coredns.io/plugins/geoip/ Thu, 11 Dec 2025 04:36:33 +0000 https://coredns.io/plugins/geoip/ Description The geoip plugin allows you to enrich the data associated with Client IP addresses, e.g. geoip information like City, Country, and Network ASN. GeoIP data is commonly available in the .mmdb format, a database format that maps IPv4 and IPv6 addresses to data records using a binary search tree. The data is added leveraging the metadata plugin, values can then be retrieved using it as well. Longitude example: import ( "strconv" "github. https://coredns.io/plugins/grpc/ Fri, 08 Aug 2025 17:41:04 +0000 https://coredns.io/plugins/grpc/ Description The grpc plugin supports gRPC and TLS. This plugin can only be used once per Server Block. Syntax In its most basic form: grpc FROM TO... FROM is the base domain to match for the request to be proxied. TO… are the destination endpoints to proxy to. The number of upstreams is limited to 15. Multiple upstreams are randomized (see policy) on first use. When a proxy returns an error the next upstream in the list is tried. https://coredns.io/plugins/grpc_server/ Thu, 08 Jan 2026 11:42:04 +0000 https://coredns.io/plugins/grpc_server/ Description The grpc_server plugin allows you to configure parameters for the DNS-over-gRPC server to fine-tune the security posture and performance of the server. This plugin can only be used once per gRPC listener block. Syntax grpc_server { max_streams POSITIVE_INTEGER max_connections POSITIVE_INTEGER } max_streams limits the number of concurrent gRPC streams per connection. This helps prevent unbounded streams on a single connection, exhausting server resources. The default value is 256 if not specified. https://coredns.io/plugins/header/ Tue, 09 Sep 2025 18:54:52 +0000 https://coredns.io/plugins/header/ Description header ensures that the flags are in the desired state for queries and responses. The modifications are made transparently for the client and subsequent plugins. Syntax header { SELECTOR ACTION FLAGS... SELECTOR ACTION FLAGS... } SELECTOR defines if the action should be applied on query or response. ACTION defines the state for DNS message header flags. Actions are evaluated in the order they are defined so last one has the most precedence. https://coredns.io/plugins/hosts/ Fri, 18 Sep 2020 09:42:40 +0000 https://coredns.io/plugins/hosts/ Description The hosts plugin is useful for serving zones from a /etc/hosts file. It serves from a preloaded file that exists on disk. It checks the file for changes and updates the zones accordingly. This plugin only supports A, AAAA, and PTR records. The hosts plugin can be used with readily available hosts files that block access to advertising servers. The plugin reloads the content of the hosts file every 5 seconds. https://coredns.io/plugins/health/ Thu, 08 Sep 2022 18:42:54 +0000 https://coredns.io/plugins/health/ Description Enabled process wide health endpoint. When CoreDNS is up and running this returns a 200 OK HTTP status code. The health is exported, by default, on port 8080/health. Syntax health [ADDRESS] Optionally takes an address; the default is :8080. The health path is fixed to /health. The health endpoint returns a 200 response code and the word “OK” when this server is healthy. An extra option can be set with this extended syntax: https://coredns.io/plugins/import/ Mon, 13 Oct 2025 05:58:44 +0000 https://coredns.io/plugins/import/ Description The import plugin can be used to include files into the main configuration. Another use is to reference predefined snippets. Both can help to avoid some duplication. This is a unique plugin in that import can appear outside of a server block. In other words, it can appear at the top of a Corefile where an address would normally be. Syntax import PATTERN PATTERN is the file, glob pattern (*) or snippet to include. https://coredns.io/plugins/https/ Thu, 08 Jan 2026 11:42:04 +0000 https://coredns.io/plugins/https/ Description The https plugin allows you to configure parameters for the DNS-over-HTTPS (DoH) server to fine-tune the security posture and performance of the server. This plugin can only be used once per HTTPS listener block. Syntax https { max_connections POSITIVE_INTEGER } max_connections limits the number of concurrent TCP connections to the HTTPS server. The default value is 200 if not specified. Set to 0 for unbounded. Examples Set custom limits for maximum connections: https://coredns.io/plugins/k8s_external/ Tue, 15 Aug 2023 20:06:20 +0000 https://coredns.io/plugins/k8s_external/ Description This plugin allows an additional zone to resolve the external IP address(es) of a Kubernetes service and headless services. This plugin is only useful if the kubernetes plugin is also loaded. The plugin uses an external zone to resolve in-cluster IP addresses. It only handles queries for A, AAAA, SRV, and PTR records; To make it a proper DNS zone, it handles SOA and NS queries for the apex of the zone. https://coredns.io/plugins/https3/ Thu, 08 Jan 2026 11:42:04 +0000 https://coredns.io/plugins/https3/ Description The https3 plugin allows you to configure parameters for the DNS-over-HTTPS/3 (DoH3) server to fine-tune the security posture and performance of the server. HTTPS/3 uses QUIC as the underlying transport. This plugin can only be used once per HTTPS3 listener block. Syntax https3 { max_streams POSITIVE_INTEGER } max_streams limits the number of concurrent QUIC streams per connection. This helps prevent unbounded streams on a single connection, exhausting server resources. The default value is 256 if not specified. https://coredns.io/plugins/local/ Thu, 05 Nov 2020 14:17:09 +0000 https://coredns.io/plugins/local/ Description local will respond with a basic reply to a “local request”. Local request are defined to be names in the following zones: localhost, 0.in-addr.arpa, 127.in-addr.arpa and 255.in-addr.arpa and any query asking for localhost.<domain>. When seeing the latter a metric counter is increased and if debug is enabled a debug log is emitted. With local enabled any query falling under these zones will get a reply. The prevents the query from “escaping” to the internet and putting strain on external infrastructure. https://coredns.io/plugins/loadbalance/ Tue, 09 Sep 2025 18:54:52 +0000 https://coredns.io/plugins/loadbalance/ Description The loadbalance will act as a round-robin DNS load balancer by randomizing the order of A, AAAA, and MX records in the answer. See Wikipedia about the pros and cons of this setup. It will take care to sort any CNAMEs before any address records, because some stub resolver implementations (like glibc) are particular about that. Syntax loadbalance [round_robin | weighted WEIGHTFILE] { reload DURATION prefer CIDR [CIDR...] } round_robin policy randomizes the order of A, AAAA, and MX records applying a uniform probability distribution. https://coredns.io/plugins/loop/ Mon, 17 May 2021 20:28:52 +0000 https://coredns.io/plugins/loop/ Description The loop plugin will send a random probe query to ourselves and will then keep track of how many times we see it. If we see it more than twice, we assume CoreDNS has seen a forwarding loop and we halt the process. The plugin will try to send the query for up to 30 seconds. This is done to give CoreDNS enough time to start up. Once a query has been successfully sent, loop disables itself to prevent a query of death. https://coredns.io/plugins/metadata/ Wed, 28 Oct 2020 18:26:48 +0000 https://coredns.io/plugins/metadata/ Description By enabling metadata any plugin that implements metadata.Provider interface will be called for each DNS query, at the beginning of the process for that query, in order to add its own metadata to context. The metadata collected will be available for all plugins, via the Context parameter provided in the ServeDNS function. The package (code) documentation has examples on how to inspect and retrieve metadata a plugin might be interested in. https://coredns.io/plugins/kubernetes/ Fri, 06 Mar 2026 16:27:00 +0000 https://coredns.io/plugins/kubernetes/ Description This plugin implements the Kubernetes DNS-Based Service Discovery Specification. CoreDNS running the kubernetes plugin can be used as a replacement for kube-dns in a kubernetes cluster. See the deployment repository for details on how to deploy CoreDNS in Kubernetes. stubDomains and upstreamNameservers are implemented via the forward plugin. See the examples below. This plugin can only be used once per Server Block. Syntax kubernetes [ZONES...] With only the plugin specified, the kubernetes plugin will default to the zone specified in the server’s block. https://coredns.io/plugins/nsid/ Wed, 28 Oct 2020 18:26:48 +0000 https://coredns.io/plugins/nsid/ Description This plugin implements RFC 5001 and adds an EDNS0 OPT resource record to replies that uniquely identify the server. This is useful in anycast setups to see which server was responsible for generating the reply and for debugging. This plugin can only be used once per Server Block. Syntax nsid [DATA] DATA is the string to use in the nsid record. If DATA is not given, the host’s name is used. https://coredns.io/plugins/minimal/ Mon, 15 Mar 2021 14:42:29 +0000 https://coredns.io/plugins/minimal/ Description The minimal plugin tries to minimize the size of the response. Depending on the response type it removes resource records from the AUTHORITY and ADDITIONAL sections. Specifically this plugin looks at successful responses (this excludes negative responses, i.e. nodata or name error). If the successful response isn’t a delegation only the RRs in the answer section are written to the client. Syntax minimal Examples Enable minimal responses: example.org { whoami forward . https://coredns.io/plugins/pprof/ Wed, 28 Oct 2020 18:26:48 +0000 https://coredns.io/plugins/pprof/ Description You can visit /debug/pprof on your site for an index of the available endpoints. By default it will listen on localhost:6053. This is a debugging tool. Certain requests (such as collecting execution traces) can be slow. If you use pprof on a live server, consider restricting access or enabling it only temporarily. This plugin can only be used once per Server Block. Syntax pprof [ADDRESS] Optionally pprof takes an address; the default is localhost:6053. https://coredns.io/plugins/log/ Fri, 06 Mar 2026 16:27:00 +0000 https://coredns.io/plugins/log/ Description By just using log you dump all queries (and parts for the reply) on standard output. Options exist to tweak the output a little. Note that for busy servers logging will incur a performance hit. Enabling or disabling the log plugin only affects the query logging, any other logging from CoreDNS will show up regardless. Syntax log With no arguments, a query log entry is written to stdout in the common log format for all requests. https://coredns.io/plugins/metrics/ Fri, 13 Jun 2025 10:26:16 +0000 https://coredns.io/plugins/metrics/ Description With prometheus you export metrics from CoreDNS and any plugin that has them. The default location for the metrics is localhost:9153. The metrics path is fixed to /metrics. In addition to the default Go metrics exported by the Prometheus Go client, the following metrics are exported: coredns_build_info{version, revision, goversion} - info about CoreDNS itself. coredns_panics_total{} - total number of panics. coredns_dns_requests_total{server, zone, view, proto, family, type} - total query count. https://coredns.io/plugins/multisocket/ Thu, 11 Dec 2025 04:36:33 +0000 https://coredns.io/plugins/multisocket/ Description With multisocket, you can define the number of servers that will listen on the same port. The SO_REUSEPORT socket option allows to open multiple listening sockets at the same address and port. In this case, kernel distributes incoming connections between sockets. Enabling this option allows to start multiple servers, which increases the throughput of CoreDNS in environments with a large number of CPU cores. Syntax multisocket [NUM_SOCKETS] NUM_SOCKETS - the number of servers that will listen on one port. https://coredns.io/plugins/nomad/ Thu, 11 Dec 2025 04:36:33 +0000 https://coredns.io/plugins/nomad/ Description This plugin serves DNS records for services registered with Nomad. Nomad 1.3+ comes with support for discovering services with an in-built service catalogue that is available via the HTTP API. This plugin extends the HTTP API and provides a DNS interface for querying the service catalogue. The query can be looked up with the format [service].[namespace].service.nomad. The plugin currently handles A, AAAA and SRV records. Refer to #Usage Example for more details. https://coredns.io/plugins/quic/ Fri, 13 Jun 2025 10:26:16 +0000 https://coredns.io/plugins/quic/ Description The quic plugin allows you to configure parameters for the DNS-over-QUIC (DoQ) server to fine-tune the security posture and performance of the server. This plugin can only be used once per quic Server Block. Syntax quic { max_streams POSITIVE_INTEGER worker_pool_size POSITIVE_INTEGER } max_streams limits the number of concurrent QUIC streams per connection. This helps prevent DoS attacks where an attacker could open many streams on a single connection, exhausting server resources. https://coredns.io/plugins/reload/ Tue, 15 Aug 2023 20:06:20 +0000 https://coredns.io/plugins/reload/ Description This plugin allows automatic reload of a changed Corefile. To enable automatic reloading of zone file changes, use the auto plugin. This plugin periodically checks if the Corefile has changed by reading it and calculating its SHA512 checksum. If the file has changed, it reloads CoreDNS with the new Corefile. This eliminates the need to send a SIGHUP or SIGUSR1 after changing the Corefile. The reloads are graceful - you should not see any loss of service when the reload happens. https://coredns.io/plugins/ready/ Tue, 09 Sep 2025 19:01:00 +0000 https://coredns.io/plugins/ready/ Description By enabling ready an HTTP endpoint on port 8181 will return 200 OK, when all plugins that are able to signal readiness have done so. If some are not ready yet the endpoint will return a 503 with the body containing the list of plugins that are not ready. Each Server Block that enables the ready plugin will have the plugins in that server block report readiness into the /ready endpoint that runs on the same port. https://coredns.io/plugins/root/ Fri, 22 Nov 2024 08:09:54 +0000 https://coredns.io/plugins/root/ Description The default root is the current working directory of CoreDNS. The root plugin allows you to change this. A relative root path is relative to the current working directory. NOTE: The root directory is NOT currently supported by all plugins. Currently the following plugins respect the root plugin configuration: file tls dnssec This plugin can only be used once per Server Block. Syntax root PATH PATH is the directory to set as CoreDNS’ root. https://coredns.io/plugins/route53/ Tue, 10 May 2022 17:23:57 +0000 https://coredns.io/plugins/route53/ Description The route53 plugin is useful for serving zones from resource record sets in AWS route53. This plugin supports all Amazon Route 53 records (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html). The route53 plugin can be used when CoreDNS is deployed on AWS or elsewhere. Syntax route53 [ZONE:HOSTED_ZONE_ID...] { aws_access_key [AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY] # Deprecated, uses other authentication methods instead. aws_endpoint ENDPOINT credentials PROFILE [FILENAME] fallthrough [ZONES...] refresh DURATION } ZONE the name of the domain to be accessed. https://coredns.io/plugins/sign/ Mon, 15 Mar 2021 14:42:29 +0000 https://coredns.io/plugins/sign/ Description The sign plugin is used to sign (see RFC 6781) zones. In this process DNSSEC resource records are added. The signatures that sign the resource records sets have an expiration date, this means the signing process must be repeated before this expiration data is reached. Otherwise the zone’s data will go BAD (RFC 4035, Section 5.5). The sign plugin takes care of this. Only NSEC is supported, sign does not support NSEC3. https://coredns.io/plugins/proxyproto/ Fri, 06 Mar 2026 16:27:00 +0000 https://coredns.io/plugins/proxyproto/ Description This plugin adds support for the PROXY protocol version 1 and 2. It allows CoreDNS to receive connections from a load balancer or proxy that uses the PROXY protocol to forward the original client’s IP address and port information. Syntax proxyproto { allow <CIDR...> default <use|ignore|reject|skip> } If allow is unspecified, PROXY protocol headers are accepted from all IP addresses. The default option controls how connections from sources not listed in allow are handled. https://coredns.io/plugins/secondary/ Tue, 21 Sep 2021 15:01:04 +0000 https://coredns.io/plugins/secondary/ Description With secondary you can transfer (via AXFR) a zone from another server. The retrieved zone is not committed to disk (a violation of the RFC). This means restarting CoreDNS will cause it to retrieve all secondary zones. If the primary server(s) don’t respond when CoreDNS is starting up, the AXFR will be retried indefinitely every 10s. Syntax secondary [ZONES...] ZONES zones it should be authoritative for. If empty, the zones from the configuration block are used. https://coredns.io/plugins/whoami/ Thu, 06 Feb 2020 12:07:03 +0000 https://coredns.io/plugins/whoami/ Description The whoami plugin is not really that useful, but can be used for having a simple (fast) endpoint to test clients against. When whoami returns a response it will have your client’s IP address in the additional section as either an A or AAAA record. The reply always has an empty answer section. The port and transport are included in the additional section as a SRV record, transport can be “tcp” or “udp”. https://coredns.io/plugins/rewrite/ Fri, 06 Mar 2026 16:27:00 +0000 https://coredns.io/plugins/rewrite/ Description Rewrites are invisible to the client. There are simple rewrites (fast) and complex rewrites (slower), but they’re powerful enough to accommodate most dynamic back-end applications. Syntax A simplified/easy-to-digest syntax for rewrite is… rewrite [continue|stop] FIELD [TYPE] [(FROM TO)|TTL] [OPTIONS] FIELD indicates what part of the request/response is being re-written. type - the type field of the request will be rewritten. FROM/TO must be a DNS record type (A, MX, etc. https://coredns.io/plugins/trace/ Thu, 08 Sep 2022 18:42:54 +0000 https://coredns.io/plugins/trace/ Description With trace you enable OpenTracing of how a request flows through CoreDNS. Enable the debug plugin to get logs from the trace plugin. Syntax The simplest form is just: trace [ENDPOINT-TYPE] [ENDPOINT] ENDPOINT-TYPE is the type of tracing destination. Currently only zipkin and datadog are supported. Defaults to zipkin. ENDPOINT is the tracing destination, and defaults to localhost:9411. For Zipkin, if ENDPOINT does not begin with http, then it will be transformed to http://ENDPOINT/api/v1/spans. https://coredns.io/plugins/timeouts/ Fri, 13 Jun 2025 10:26:16 +0000 https://coredns.io/plugins/timeouts/ Description CoreDNS is configured with sensible timeouts for server connections by default. However in some cases for example where CoreDNS is serving over a slow mobile data connection the default timeouts are not optimal. Additionally some routers hold open connections when using DNS over TLS or DNS over HTTPS. Allowing a longer idle timeout helps performance and reduces issues with such routers. The timeouts “plugin” allows you to configure CoreDNS server read, write and idle timeouts. https://coredns.io/plugins/tls/ Fri, 22 Nov 2024 08:09:54 +0000 https://coredns.io/plugins/tls/ Description CoreDNS supports queries that are encrypted using TLS (DNS over Transport Layer Security, RFC 7858) or are using gRPC (https://grpc.io/ , not an IETF standard). Normally DNS traffic isn’t encrypted at all (DNSSEC only signs resource records). The tls “plugin” allows you to configure the cryptographic keys that are needed for both DNS-over-TLS and DNS-over-gRPC. If the tls plugin is omitted, then no encryption takes place. The gRPC protobuffer is defined in pb/dns. https://coredns.io/plugins/transfer/ Mon, 24 Jan 2022 14:51:48 +0000 https://coredns.io/plugins/transfer/ Description This plugin answers zone transfers for authoritative plugins that implement transfer.Transferer. transfer answers full zone transfer (AXFR) requests and incremental zone transfer (IXFR) requests with AXFR fallback if the zone has changed. When a plugin wants to notify it’s secondaries it will call back into the transfer plugin. The following plugins implement zone transfers using this plugin: file, auto, secondary, and kubernetes. See transfer.go for implementation details if you are a plugin author that wants to use this plugin. https://coredns.io/plugins/tsig/ Thu, 08 Sep 2022 18:42:54 +0000 https://coredns.io/plugins/tsig/ Description With tsig, you can define CoreDNS’s TSIG secret keys. Using those keys, tsig validates incoming TSIG requests and signs responses to those requests. It does not itself sign requests outgoing from CoreDNS; it is up to the respective plugins sending those requests to sign them using the keys defined by tsig. The tsig plugin can also require that incoming requests be signed for certain query types, refusing requests that do not comply. https://coredns.io/plugins/template/ Thu, 08 Jan 2026 11:42:04 +0000 https://coredns.io/plugins/template/ Description The template plugin allows you to dynamically respond to queries by just writing a (Go) template. Syntax template CLASS TYPE [ZONE...] { match REGEX... answer RR additional RR authority RR rcode CODE ederror EXTENDED_ERROR_CODE [EXTRA_REASON] fallthrough [FALLTHROUGH-ZONE...] } CLASS the query class (usually IN or ANY). TYPE the query type (A, PTR, … can be ANY to match all types). ZONE the zone scope(s) for this template. Defaults to the server zones. https://coredns.io/plugins/view/ Mon, 13 Oct 2025 05:58:44 +0000 https://coredns.io/plugins/view/ Description view defines an expression that must evaluate to true for a DNS request to be routed to the server block. This enables advanced server block routing functions such as split dns. Syntax view NAME { expr EXPRESSION } view NAME - The name of the view used by metrics and exported as metadata for requests that match the view’s expression expr EXPRESSION - CoreDNS will only route incoming queries to the enclosing server block if the EXPRESSION evaluates to true. https://coredns.io/explugins/ipecho/ Fri, 29 Sep 2017 16:18:35 +0100 https://coredns.io/explugins/ipecho/ Description ipecho parses the IP out of a subdomain and echos it back as an record. Example A IN 127.0.0.1.example.com. -> A: 127.0.0.1 AAAA IN ::1.example.com. -> AAAA: ::1 Syntax ipecho { domain example1.com domain example2.com ttl 2629800 } domain adds the domain that should be handled ttl defines the ttl that should be used in the response debug enables debug logging https://coredns.io/2026/03/06/coredns-1.14.2-release/ Fri, 06 Mar 2026 00:00:00 +0000 https://coredns.io/2026/03/06/coredns-1.14.2-release/ This release adds the new proxyproto plugin to support Proxy Protocol and preserve client IPs behind load balancers. It also includes enhancements such as improved DNS logging metadata and stronger randomness for loop detection (CVE-2026-26018), along with several bug fixes including TLS+IPv6 forwarding, improved CNAME handling and rewriting, allowing jitter disabling, prevention of an ACL bypass (CVE-2026-26017), and a Kubernetes plugin crash fix. In addition, the release updates the build to Go 1. https://coredns.io/2026/01/15/coredns-1.14.1-release/ Thu, 15 Jan 2026 00:00:00 +0000 https://coredns.io/2026/01/15/coredns-1.14.1-release/ This release primarily addresses security vulnerabilities affecting Go versions prior to Go 1.25.6 and Go 1.24.12 (CVE-2025-61728, CVE-2025-61726, CVE-2025-68121, CVE-2025-61731, CVE-2025-68119). It also includes performance improvements to the proxy plugin via multiplexed connections, along with various documentation updates. Brought to You By Alex Massy Shiv Tyagi Ville Vesilehto Yong Tang Noteworthy Changes plugin/proxy: Use mutex-based connection pool (https://github.com/coredns/coredns/pull/7790) https://coredns.io/2026/01/10/coredns-1.14.0-release/ Sat, 10 Jan 2026 00:00:00 +0000 https://coredns.io/2026/01/10/coredns-1.14.0-release/ This release focuses on security hardening and operational reliability. Core updates introduce a regex length limit to reduce resource-exhaustion risk. Plugin updates improve error consolidation (show_first), reduce misleading SOA warnings, add Kubernetes API rate limiting, enhance metrics with plugin chain tracking, and fix issues in azure and sign. This release also includes additional security fixes; see the security advisory for details. Brought to You By cangming pasteley Raisa Kabir Ross Golder rusttech Syed Azeez Ville Vesilehto Yong Tang https://coredns.io/2025/12/08/coredns-1.13.2-release/ Mon, 08 Dec 2025 00:00:00 +0000 https://coredns.io/2025/12/08/coredns-1.13.2-release/ This release adds initial support for DoH3 and includes several core performance and stability fixes, including reduced allocations, a resolved data race in uniq, and safer QUIC listener initialization. Plugin updates improve forwarder reliability, extend GeoIP schema support, and fix issues in secondary, nomad, and kubernetes. Cache and file plugins also receive targeted performance tuning. Deprecations: The GeoIP plugin currently returns 0 for missing latitude/longitude, even though 0,0 is a real location. https://coredns.io/2025/10/08/coredns-1.13.1-release/ Wed, 08 Oct 2025 00:00:00 +0000 https://coredns.io/2025/10/08/coredns-1.13.1-release/ This release updates CoreDNS to Go 1.25.2 and golang.org/x/net v0.45.0 to address multiple high-severity CVEs. It also improves core performance by avoiding string concatenation in loops, and hardens the sign plugin by rejecting invalid UTF-8 tokens in dbfile. Brought to You By Catena cyber Ville Vesilehto Yong Tang Noteworthy Changes core: Avoid string concatenation in loops (https://github.com/coredns/coredns/pull/7572) core: Update golang to 1.25.2 and golang.org/x/net to v0.45.0 on CVE fixes (https://github.com/coredns/coredns/pull/7598) plugin/sign: Reject invalid UTF‑8 dbfile token (https://github. https://coredns.io/2025/10/05/coredns-1.13.0-release/ Sun, 05 Oct 2025 00:00:00 +0000 https://coredns.io/2025/10/05/coredns-1.13.0-release/ This release introduces a new Nomad plugin for integrating CoreDNS with HashiCorp Nomad. It also fixes major Corefile issues on infinite loops and import cycles, improves shutdown handling, normalizes core panics, addresses data races in the file plugin, enforces gRPC size limits, adjusts forward failover behavior, as well as prevents reload deadlocks. Brought to You By Fitz_dev Ilya Kulakov Olli Janatuinen Ville Vesilehto Yong Tang Noteworthy Changes core: Export timeout values in dnsserver. https://coredns.io/2025/09/08/coredns-1.12.4-release/ Mon, 08 Sep 2025 00:00:00 +0000 https://coredns.io/2025/09/08/coredns-1.12.4-release/ This release improves stability and security, fixing context propagation in DoH, label offset handling in the file plugin, and connection leaks in gRPC and transfer. It also adds support for the prefer option in loadbalance, introduces timeouts to the metrics server, and fixes several security vulnerabilities (see details in related security advisories). Brought to You By Archy Ilya Kulakov Olli Janatuinen Qasim Sarfraz Syed Azeez Ville Vesilehto wencyu Yong Tang https://coredns.io/2025/08/05/coredns-1.12.3-release/ Tue, 05 Aug 2025 00:00:00 +0000 https://coredns.io/2025/08/05/coredns-1.12.3-release/ This release improves plugin reliability and standards compliance, adding startup timeout to the Kubernetes plugin, fallthrough to gRPC, and EDNS0 unset to rewrite. The file plugin now preserves SRV record case per RFC 6763, route53 is updated to AWS SDK v2, and multiple race conditions in cache and connection handling in forward are fixed. Brought to You By blakebarnett Brennan Kinney Cameron Steel Dave Brown Dennis Simmons Guillaume Jacquet harshith-2411-2002 houpo-bob Oleg Guba Sebastian Mayr Stephen Kitt Syed Azeez Ville Vesilehto Yong Tang Yoofi Quansah https://coredns.io/2025/06/06/coredns-1.12.2-release/ Fri, 06 Jun 2025 00:00:00 +0000 https://coredns.io/2025/06/06/coredns-1.12.2-release/ This release introduces significant improvements to plugin stability and extensibility. It adds multicluster support to the Kubernetes plugin, fallthrough support in the file plugin, and a new SetProxyOptions function for the forward plugin. Notably, the QUIC (DoQ) plugin now limits concurrent streams, improving performance under load. Several bug fixes and optimizations improve reliability across plugins, including rewrite, proxy, and metrics. Brought to You By Ambrose Chua, Arthur Outhenin-Chalandre, Ben Kochie, Colden Cullen, Gleb Kogtev, Hirotaka Tagawa, Kevin Lyda, Manuel Rüger, Mark Mickan, Parfenov Ivan, skipper, vdbe, Viktor Oreshkin, Ville Vesilehto, Yannick Epstein, Yong Tang https://coredns.io/2025/03/24/coredns-1.12.1-release/ Mon, 24 Mar 2025 00:00:00 +0000 https://coredns.io/2025/03/24/coredns-1.12.1-release/ In this release: kubernetes: Revert recent change to only create PTR records for endpoints with hostname defined. forward: added option to return SERVFAIL immediately if all upstreams are unhealthy. Brought to You By Adrian Moisey, Arthur Outhenin-Chalandre, Bartosz Borkowski, Ben Kochie, Chris O’Haver, Min Woo Kim, Puneet Loya, Rich, Viktor, momantech Noteworthy Changes core: Increase CNAME lookup limit from 7 to 10 (https://github.com/coredns/coredns/pull/7153) plugin/kubernetes: Fix handling of pods having DeletionTimestamp set (https://github. https://coredns.io/2024/11/21/coredns-1.12.0-release/ Thu, 21 Nov 2024 00:00:00 +0000 https://coredns.io/2024/11/21/coredns-1.12.0-release/ This release adds a new feature: New multisocket plugin - allows CoreDNS to listen on multiple sockets Brought to You By Ben Kochie, Chris O’Haver, Emmanuel Ferdman, Viktor Noteworthy Changes plugin/multisocket (https://github.com/coredns/coredns/pull/6882) https://coredns.io/2024/11/13/coredns-1.11.4-release/ Wed, 13 Nov 2024 00:00:00 +0000 https://coredns.io/2024/11/13/coredns-1.11.4-release/ This release adds some new features and fixes some bugs. New features of note: forward plugin: new option next, to try alternate upstreams when receiving specified response codes upstreams on (functions like the external plugin alternate) dnssec plugin: new option to load keys from AWS Secrets Manager rewrite plugin: new option to revert EDNS0 option rewrites in responses Brought to You By AdamKorcz, Anifalak, Ben Kochie, Chris O’Haver, Frederic Hemery, Grant Spence, Harshita Sao, Jason Joo, Jasper Bernhardt, Johnny Bergström, Keith Coleman, Kevin Lyda, Lan, Lin-1997, Manuel Rüger, Nathan Currier, Nicolai Søborg, Nikita Usatov, Paco Xu, Reinhard Nägele, Robbie Ostrow, TAKAHASHI Shuuji, Till Riedel, Tobias Klauser, YASH JAIN, cedar-gao, chenylh, wmkuipers, xinbenlv, zhangguanzhang https://coredns.io/2024/04/24/coredns-1.11.3-release/ Wed, 24 Apr 2024 16:57:00 -0400 https://coredns.io/2024/04/24/coredns-1.11.3-release/ This release contains some new features, bug fixes, and package updates. Because of the deployment issues with the previous release, all changed features from 1.11.2 have been included in this release. New features include: When the forward plugin receives a malformed upstream response that overflows, it will now send an empty response to the client with the truncated (TC) bit set to prompt the client to retry over TCP. The rewrite plugin can now rewrite response codes. https://coredns.io/2024/01/26/coredns-1.11.2-release/ Fri, 26 Jan 2024 00:00:00 +0000 https://coredns.io/2024/01/26/coredns-1.11.2-release/ This release contains some new features, bug fixes, and package updates. New features include: When the forward plugin receives a malformed upstream response that overflows, it will now send an empty response to the client with the truncated (TC) bit set to prompt the client to retry over TCP. The rewrite plugin can now rewrite response codes. The dnstap plugin now supports adding metadata to the dnstap extra field. Brought to You By Amila Senadheera, Ben Kochie, Benjamin, Chris O’Haver, Grant Spence, John Belamaric, Keita Kitamura, Marius Kimmina, Michael Grosser, Ondřej Benkovský, P. https://coredns.io/2023/08/15/coredns-1.11.1-release/ Tue, 15 Aug 2023 00:00:00 +0000 https://coredns.io/2023/08/15/coredns-1.11.1-release/ This release fixes a major performance regression introduced in 1.11.0 that affected DoT (TLS) forwarded connections. It also adds a new option to dnstap to add metadata to the dnstap extra field, and fixes a config parsing bug in cache. Brought to You By Chris O’Haver, P. Radha Krishna, Yong Tang, Yuheng, Zhizhen He Noteworthy Changes Revert “plugin/forward: Continue waiting after receiving malformed responses (https://github.com/coredns/coredns/pull/6014)" (#6270) plugin/dnstap: add support for “extra” field in payload (https://github. https://coredns.io/2023/07/25/coredns-1.11.0-release/ Tue, 25 Jul 2023 00:00:00 +0000 https://coredns.io/2023/07/25/coredns-1.11.0-release/ Release Highlights Adds support for accepting DNS connections over QUIC (doq). Adds CNAME target rewrites to the rewrite plugin. Plus many bug fixes, and some security improvements. This release introduces the following backward incompatible changes: In the kubernetes plugin, we have dropped support for watching Endpoint and Endpointslice v1beta, since all supported K8s versions now use Endpointslice. The bufsize plugin changed its default size limit value to 1232 Some changes to forward plugin metrics. https://coredns.io/2023/01/20/coredns-1.10.1-release/ Fri, 20 Jan 2023 00:00:00 +0000 https://coredns.io/2023/01/20/coredns-1.10.1-release/ This release fixes some bugs, and adds some new features including: Corrected architecture labels in multi-arch image manifest A new plugin timeouts that allows configuration of server listener timeout durations acl can drop queries as an action template supports creating responses with extended DNS errors New weighted policy in loadbalance Option to serve original record TTLs from cache Brought to You By Arthur Outhenin-Chalandre, Ben Kaplan, Chris O’Haver, Gabor Dozsa, Grant Spence, Kumiko as a Service, LAMRobinson, Miciah Dashiel Butler Masters, Ondřej Benkovský, Rich, Stephen Kitt, Yash Singh, Yong Tang, rsclarke, sanyo0714 https://coredns.io/2022/09/16/coredns-1.10.0-release/ Fri, 16 Sep 2022 00:00:00 +0000 https://coredns.io/2022/09/16/coredns-1.10.0-release/ This release adds the new view plugin, enabling advanced server-block routing configurations such as split-DNS. Brought to You By Ben Kochie Chris O’Haver Erik Johansson John Belamaric Marius Kimmina Ondřej Benkovský Noteworthy Changes plugin/view: Advanced routing interface and new ‘view’ plugin (https://github.com/coredns/coredns/pull/5538) plugin/template: Add parseInt template function (https://github.com/coredns/coredns/pull/5609) https://coredns.io/2022/09/07/coredns-1.9.4-release/ Wed, 07 Sep 2022 00:00:00 +0000 https://coredns.io/2022/09/07/coredns-1.9.4-release/ This is a release with many new features. The most notable addition is a new plugin tsig for validating TSIG requests and signing responses. In header plugin a selector of query or response (default) is added for applying the actions. This release also adds lots of enhancements and bug fixes. Brought to You By Abirdcfly Alex AndreasHuber-CH Andy Lindeman Chris Narkiewicz Chris O’Haver Christoph Heer Daniel Jolly Konstantin Demin Marius Kimmina Md Sahil Ondřej Benkovský Shane Xie TomasKohout Vancl Yong Tang https://coredns.io/2022/05/27/coredns-1.9.3-release/ Fri, 27 May 2022 00:00:00 +0000 https://coredns.io/2022/05/27/coredns-1.9.3-release/ This is a release with a focus on security (CVE-2022-27191 and CVE-2022-28948) fixes. Additionally, several feature enhancements and bug fixes have been added. Brought to You By Chris O’Haver, lobshunter, Naveen, Radim Hatlapatka, RetoHaslerMGB, Tintin, Yong Tang Noteworthy Changes core: update gopkg.in/yaml.v3 to fix CVE-2022-28948 (https://github.com/coredns/coredns/pull/5408) core: update golang.org/x/crypto to fix CVE-2022-27191 (https://github.com/coredns/coredns/pull/5407) plugin/acl: adding a check to parse out zone info (https://github.com/coredns/coredns/pull/5387) plugin/dnstap: support FQDN TCP endpoint (https://github.com/coredns/coredns/pull/5377) plugin/errors: add stacktrace option to log a stacktrace during panic recovery (https://github. https://coredns.io/2022/05/13/coredns-1.9.2-release/ Fri, 13 May 2022 00:00:00 +0000 https://coredns.io/2022/05/13/coredns-1.9.2-release/ This is a release with many added features and security and bug fixes. The most notable one is the release of 3rd party security audit from Trail of Bits. Security issues discovered by this audit have all been fixed or covered. Brought to You By Antoine Tollenaere, Balazs Nagy, Chris O’Haver, dilyevsky, hansedong, Lorenz Brun, Marius Kimmina, nathannaveen, Ondřej Benkovský, Patrick W. Healy, Qasim Sarfraz, xuweiwei, Yong Tang Noteworthy Changes core: add Trail of Bits to list of 3rd party security auditors (https://github. https://coredns.io/2022/03/09/coredns-1.9.1-release/ Wed, 09 Mar 2022 00:00:00 +0000 https://coredns.io/2022/03/09/coredns-1.9.1-release/ This is a release with security and bug fixes and some new features added. 1.9.1 is also built with golang 1.17.8 that addressed several golang 1.17.6 vulnerabilities (CVE-2022-23772, CVE-2022-23773, CVE-2022-23806). Note golang 1.17.6 was used to built coredns 1.9.0. Brought to You By Chris O’Haver, Elijah Andrews, Rudolf Schönecker, Yong Tang, nathannaveen, xuweiwei Noteworthy Changes plugin/autopath: Don’t panic on empty token (https://github.com/coredns/coredns/pull/5169) plugin/cache: Add zones label to cache metrics (https://github.com/coredns/coredns/pull/5124) plugin/file: Add TXT test case (https://github. https://coredns.io/2022/03/03/coredns-and-apache-apisix-open-new-doors-for-service-discovery/ Thu, 03 Mar 2022 08:00:00 +0000 https://coredns.io/2022/03/03/coredns-and-apache-apisix-open-new-doors-for-service-discovery/ Background information In traditional physical machine and virtual machine deployment, calls between various services can be made through fixed IP + port. With the advent of the cloud-native era, enterprise business deployment is more inclined to cloud-native containerization. However, in a containerized environment, the startup and destruction of service instances are very frequent. Manual maintenance by operation and maintenance personnel will not only be a heavy workload, but also ineffective. https://coredns.io/2022/02/24/trail-of-bits-security-review/ Thu, 24 Feb 2022 00:00:00 +0000 https://coredns.io/2022/02/24/trail-of-bits-security-review/ Trail of Bits (https://trailofbits.com) conducted a security review and threat model of CoreDNS. Quoting from the security review summary: “The audit uncovered one high-severity issue (TOB-CDNS-8) concerning a bug that could lead to cache poisoning attacks. The majority of the other issues are of informational or low severity; these include several resulting from insufficient data validation, specifically from assumptions about the data processed by various functions, which we discovered by running fuzzing harnesses. https://coredns.io/2022/02/01/coredns-1.9.0-release/ Tue, 01 Feb 2022 00:00:00 +0000 https://coredns.io/2022/02/01/coredns-1.9.0-release/ This is a release with bug fixes and some new features added. Starting with 1.9.0 the minimal required go version will be 1.17. Wildcard queries are no longer supported by the kubernetes plugin. Brought to You By Chris O’Haver, Ondřej Benkovský, Tomas Hulata, Yong Tang, xuweiwei Noteworthy Changes plugin/kubernetes: remove wildcard query functionality (https://github.com/coredns/coredns/pull/5019) Health-checks should respect force_tcp (https://github.com/coredns/coredns/pull/5109) plugin/prometheus: Write rcode properly to the metrics (https://github.com/coredns/coredns/pull/5126) plugin/template: Persist truncated state to client if CNAME lookup response is truncated (https://github. https://coredns.io/2021/12/09/coredns-1.8.7-release/ Thu, 09 Dec 2021 00:00:00 +0000 https://coredns.io/2021/12/09/coredns-1.8.7-release/ This is a release with bug fixes and some new features added. We now enable HTTP/2 in gRPC service (https://github.com/coredns/coredns/pull/4842). The shuffling algorithm in loadbalance plugin has also been improved to have a more consistent behavior (https://github.com/coredns/coredns/pull/4961). This release will also log deprecation warnings when wildcard queries are received by kubernetes. The wildcard functionality will be completely removed from kubernetes plugin in future releases. Brought to You By Chris O’Haver, Christian Ang, Cyb3r Jak3, Denis Tingaikin, gomakesix, Hu Shuai, Humberto Leal, jayonlau, Johnny Bergström, LiuCongran, Matt Palmer, Miek Gieben, OctoHuman, Ondřej Benkovský, Pavol Lieskovský, Vector, Wu Shuang, xuweiwei, xww, Yong Tang, ZhangJian He, Zou Nengren https://coredns.io/2021/10/07/coredns-1.8.6-release/ Thu, 07 Oct 2021 00:00:00 +0000 https://coredns.io/2021/10/07/coredns-1.8.6-release/ This is a small bug fix release. Brought to You By Chris O’Haver, Miek Gieben. Noteworthy Changes plugin/kubernetes: fix reload panic (https://github.com/coredns/coredns/pull/4881) plugin/kubernetes: Don’t use pod names longer than 63 characters as dns labels (https://github.com/coredns/coredns/pull/4908) https://coredns.io/2021/09/10/coredns-1.8.5-release/ Fri, 10 Sep 2021 07:00:00 +0000 https://coredns.io/2021/09/10/coredns-1.8.5-release/ This is a rather big release, we now share plugins among zones in the same server block, which should save memory. Various bug fixes in a bunch of plugins and not one, but two new plugins. A geoip plugin that can report where the query came from and a header plugin that allows you to fiddle with (some of) the header bits in a DNS message. With this release, the coredns_cache_misses_total metric is deprecated. https://coredns.io/2021/05/28/coredns-1.8.4-release/ Fri, 28 May 2021 07:00:00 +0000 https://coredns.io/2021/05/28/coredns-1.8.4-release/ The CoreDNS team has released CoreDNS-1.8.4. This release includes a bunch of bugfixes and a few enhancements mostly in the dnssec and kubernetes plugins, and a new (small) plugin called minimal. It also include a fix when using the “reverse zone cidr syntax”, e.g. 10.0.0.0/15, now return the proper set of reverse zones. Brought to You By Chris O’Haver, cuirunxing-hub, Frank Riley, Keith Coleman, Miek Gieben, milgradesec, Mohammad Yosefpor, ntoofu, Paco Xu, Soumya Ghosh Dastidar, Steve Greene, Théotime Lévêque, Uwe Krueger, wangchenglong01, Yong Tang, Yury Tsarev. https://coredns.io/2021/02/24/coredns-1.8.3-release/ Wed, 24 Feb 2021 07:00:00 +0000 https://coredns.io/2021/02/24/coredns-1.8.3-release/ The CoreDNS team has released CoreDNS-1.8.3. This release includes a bunch of bugfixes and a few enhancements, see below. In case you’re wondering, 1.8.2 didn’t properly upload and tag the docker images, hence a quick followup release with that fixed. Brought to You By Bob, chantra, Chris O’Haver, Frank Riley, George Shammas, Johnny Bergström, Jun Chen, Lars Ekman, Manuel Rüger, Maxime Ginters, Miek Gieben, slick-nic, TimYin. Noteworthy Changes core: Also clear do and size (https://github. https://coredns.io/2021/02/23/coredns-1.8.2-release/ Tue, 23 Feb 2021 07:00:00 +0000 https://coredns.io/2021/02/23/coredns-1.8.2-release/ The CoreDNS team has released CoreDNS-1.8.2. This release includes a bunch of bugfixes and a few enhancements, see below. Brought to You By Bob, chantra, Chris O’Haver, Frank Riley, George Shammas, Johnny Bergström, Jun Chen, Lars Ekman, Manuel Rüger, Maxime Ginters, Miek Gieben, slick-nic, TimYin. Noteworthy Changes core: Also clear do and size (https://github.com/coredns/coredns/pull/4465) core: Flag blacklisting not needed anymore (https://github.com/coredns/coredns/pull/4420) core: Set http request in writer (https://github.com/coredns/coredns/pull/4445) Makefile.release: Replace manifest-tool with docker manifest (https://github. https://coredns.io/2021/01/20/coredns-1.8.1-release/ Wed, 20 Jan 2021 07:00:00 +0000 https://coredns.io/2021/01/20/coredns-1.8.1-release/ The CoreDNS team has released CoreDNS-1.8.1. This release fixes a bunch of bugs, and adds a (very) simple new plugin called local to answer “local” queries. Bunch of work in the kubernetes plugin to add support for new upstream features. If using the kubernetes plugin for a Kubernetes cluster >= 1.19, CoreDNS must be granted list and watch access to endpointslices. Brought to You By Blake Ryan, Bob, Chotiwat Chawannakul, Chris O’Haver, Guangwen Feng, Gunadhya, Jiang Biao, Johnny Bergström, luanphantiki, Matt Kulka, mgugger, Miek Gieben, Serge, sschepens, Yong Tang, ZouYu. https://coredns.io/2020/10/22/coredns-1.8.0-release/ Thu, 22 Oct 2020 08:00:00 +0000 https://coredns.io/2020/10/22/coredns-1.8.0-release/ The CoreDNS team has released CoreDNS-1.8.0. If you are running 1.7.1 you want to upgrade for the cache plugin fixes. This release also adds three backwards incompatible changes. This will only affect you if you have an external plugin or use outgoing zone transfers. If you’re using dnstap in your plugin, you’ll need to upgrade to the new API as detailed in it’s documentation. Two, because Caddy is now developing a version 2 and we are using version 1, we’ve internalized Caddy into https://github. https://coredns.io/2020/09/21/coredns-1.7.1-release/ Mon, 21 Sep 2020 10:00:00 +0000 https://coredns.io/2020/09/21/coredns-1.7.1-release/ The CoreDNS team has released CoreDNS-1.7.1. This is a small, incremental release that adds some polish and fixes a bunch of bugs. Brought to You By Ben Kochie, Ben Ye, Chris O’Haver, Cricket Liu, Grant Garrett-Grossman, Hu Shuai, Li Zhijian, Maxime Guyot, Miek Gieben, milgradesec, Oleg Atamanenko, Olivier Lemasle, Ricardo Katz, Ruslan Drozhdzh, Yong Tang, Zhou Hao, Zou Nengren. Noteworthy Changes backend: fix root zone usage (https://github.com/coredns/coredns/pull/4039) core: Add timeouts for http server (https://github. https://coredns.io/2020/06/15/coredns-1.7.0-release/ Mon, 15 Jun 2020 10:00:00 +0000 https://coredns.io/2020/06/15/coredns-1.7.0-release/ The CoreDNS team has released CoreDNS-1.7.0. This is a backwards-incompatible release. Major changes include: Better metrics names. The federation plugin (which allows for v1 Kubernetes federation) has been removed. We’ve also removed some supporting code from the kubernetes plugin, so it will not build as an external plugin (with this version of CoreDNS). As this was already backwards-incompatible release, we took the liberty of stuffing as much in one release as possible to minimize the disruption going forward. https://coredns.io/2020/03/24/coredns-1.6.8-release/ Tue, 24 Mar 2020 10:00:00 +0000 https://coredns.io/2020/03/24/coredns-1.6.8-release/ The CoreDNS team has released CoreDNS-1.6.8. Again a small release with some nice improvements in the forward plugin, and overall polish. See “Noteworthy Changes” for more detail. Note that 1.7.0 will contain a bunch of backward incompatible changes: the federation plugin will be full removed and the metrics name will be changed to inline with the naming recommendation from the Prometheus project. Brought to You By Andy Bursavich, Chris O’Haver, Christian Tryti, Darshan Chaudhary, Kohei Yoshida, LongKB, Miek Gieben, Ricky S, Sylvain Rabot, Zou Nengren. https://coredns.io/2020/03/24/coredns-1.6.9-release/ Tue, 24 Mar 2020 10:00:00 +0000 https://coredns.io/2020/03/24/coredns-1.6.9-release/ The CoreDNS team has released CoreDNS-1.6.9. This release is identical to 1.6.8. (Yes there was a CoreDNS-1.6.8, but our automation broke after tagging it in Git - hence another bump in the minor version) Again a small release with some nice improvements in the forward plugin, and overall polish. See “Noteworthy Changes” for more detail. Note that 1.7.0 will contain a bunch of backward incompatible changes: the federation plugin will be full removed and the metrics name will be changed to inline with the naming recommendation from the Prometheus project. https://coredns.io/2020/01/28/coredns-1.6.7-release/ Tue, 28 Jan 2020 10:00:00 +0000 https://coredns.io/2020/01/28/coredns-1.6.7-release/ The CoreDNS team has released CoreDNS-1.6.7. This is a fairly small release that resolves some nits and it adds mips64le to the set of architectures that we create binaries for. See “Noteworthy Changes” for more detail. Brought to You By Antonio Ojea, Brad P. Crochet, Dominic Yin, DrmagicE, Erfan Besharat, Jonathan Nagy, Kohei Yoshida, Miek Gieben, Yong Tang, Zheng Xie, Zou Nengren. Noteworthy Changes Add mips64le to released architectures (https://github.com/coredns/coredns/pull/3589) Fix HostPortOrFile to support IPv6 addresses with zone (https://github. https://coredns.io/2019/12/11/coredns-1.6.6-release/ Wed, 11 Dec 2019 10:00:00 +0000 https://coredns.io/2019/12/11/coredns-1.6.6-release/ The CoreDNS team has released CoreDNS-1.6.6. A fairly small release that polishes various plugins and fixes a bunch of bugs. Security The github.com/miekg/dns dependency has been updated to v1.1.25 to fix a DNS related security vulnerability (https://github.com/miekg/dns/issues/1043). Plugins A new plugin bufsize has been added that prevents IP fragmentation for the DNS Flag Day 2020 and to deal with DNS vulnerabilities. cache added a serve_stale option similar to unbound’s serve_expired. sign fix signing of authoritative data that we are not authoritative for. https://coredns.io/2019/11/06/coredns-1.6.5-release/ Wed, 06 Nov 2019 10:00:00 +0000 https://coredns.io/2019/11/06/coredns-1.6.5-release/ The CoreDNS team has released CoreDNS-1.6.5. A fairly small release that polishes various plugins and fixes a bunch of bugs. Plugins A new plugin transfer that encapsulates the zone transfer knowledge and code in one place. This makes it easier to add this functionality to new plugins. Plugins that already implement zone transfers are expected to move to it in the 1.7.0 release. forward don’t block on returning sockets; instead timeout and drop the socket on the floor, this makes each go-routine guarantee to exit. https://coredns.io/2019/09/27/coredns-1.6.4-release/ Fri, 27 Sep 2019 10:00:00 +0000 https://coredns.io/2019/09/27/coredns-1.6.4-release/ The CoreDNS team has released CoreDNS-1.6.4. Various code cleanups and documentation improvements. We’ve added one new plugin: acl, that allows blocking requests. Plugins acl block request from IPs or IP ranges. kubernetes received some bug fixes, see below for specific PRs. hosts exports metrics on the number of entries and last reload time. Brought to You By An Xiao, Chris O’Haver, Cricket Liu, Guangming Wang, Kasisnu, li mengyang, Miek Gieben, orangelynx, xieyanker, yeya24, Yong Tang. https://coredns.io/2019/08/31/coredns-1.6.3-release/ Sat, 31 Aug 2019 07:30:47 +0000 https://coredns.io/2019/08/31/coredns-1.6.3-release/ The CoreDNS team has released CoreDNS-1.6.3. In this release we have moved the federation plugin to github.com/coredns/federation, but it is still fully functional in this version. In version 1.7.0 we expect to deprecate it. Further more a slew a spelling corrections, and other minor improvements and polish. And two new plugins: clouddns and sign. Plugins clouddns to enable serving zone data from GCP Cloud DNS. sign that (DNSSEC) signs your zonefiles (in its most basic form). https://coredns.io/2019/08/13/coredns-1.6.2-release/ Tue, 13 Aug 2019 14:35:47 +0100 https://coredns.io/2019/08/13/coredns-1.6.2-release/ The CoreDNS team has released CoreDNS-1.6.2. This is a bug fix release, but it also features a new plugin called azure. It’s compiled with Go 1.12.8 that incorporates fixes for HTTP/2 that may impact you if you use DoH. Plugins Add azure to facilitate serving records from Microsoft Azure. Make the refresh frequency adjustable in the route53 plugin. Fix the handling of truncated responses in forward. Brought to You By Andrey Meshkov, Chris O’Haver, Darshan Chaudhary, ethan, Matt Kulka and Miek Gieben. https://coredns.io/2019/08/02/coredns-1.6.1-release/ Fri, 02 Aug 2019 14:35:47 +0100 https://coredns.io/2019/08/02/coredns-1.6.1-release/ The CoreDNS team has released CoreDNS-1.6.1. This is a small (bug fix) release. Plugins Fix a panic in the hosts plugin. The reload now detects changes in files imported from the main Corefile. route53 increases the paging size when talking to the AWS API, this decreases the chances of getting throttled. Brought to You By Alan, AllenZMC, dzzg, Erik Wilson, Matt Kulka, Miek Gieben, Yong Tang. Noteworthy Changes core: log panics (https://github. https://coredns.io/2019/07/28/coredns-1.6.0-release/ Sun, 28 Jul 2019 14:35:47 +0100 https://coredns.io/2019/07/28/coredns-1.6.0-release/ The CoreDNS team has released CoreDNS-1.6.0. The -cpu flag is removed from this version. This release sports changes in the file plugin. A speed up in the log plugin and fixes in the cache and hosts plugins. Upcoming deprecation: the kubernetes federation plugin will be moved to github.com/coredns/federation. This is likely to happen in CoreDNS 1.7.0. Plugins The file got lot of bug fixes and it now loads zones lazily on start, i. https://coredns.io/2019/07/03/coredns-1.5.2-release/ Wed, 03 Jul 2019 07:35:47 +0100 https://coredns.io/2019/07/03/coredns-1.5.2-release/ The CoreDNS team has released CoreDNS-1.5.2. Small bugfixes and a change to Caddy’s import path (mholt/caddy -> caddyserver/caddy). Doing a release helps plugins deal with the change better. Plugins For all plugins that use the upstream directive it use removed from the documentation; it’s still accepted but is a noop. Currently these plugins use CoreDNS to resolve external queries. The template plugin now supports meta data. The file plugin closes the connection after an AXFR. https://coredns.io/2019/06/26/coredns-1.5.1-release/ Wed, 26 Jun 2019 13:54:47 +0100 https://coredns.io/2019/06/26/coredns-1.5.1-release/ The CoreDNS team has released CoreDNS-1.5.1. Various bugfixes, better documentation and cleanups. The -cpu flag is somewhat redundant (cgroups/systemd/GOMAXPROCS are better ways to deal with this) and we want to remove it; if you depend on it in some way please voice that in this PR otherwise we’ll remove it in the next release. Plugins A new plugin any that block ANY queries according to RFC 8482 was added. Failed reload fixes for: ready, health and prometheus - when CoreDNS reloads and the Corefile is invalid these plugins now keep on working. https://coredns.io/2019/04/06/coredns-1.5.0-release/ Sat, 06 Apr 2019 08:24:07 +0000 https://coredns.io/2019/04/06/coredns-1.5.0-release/ A new release: CoreDNS-1.5.0. Two new plugins in this release: grpc, and ready. And some polish and simplifications in the core server code. The use of TIMEOUT and no_reload in file and auto have been fully deprecated. As is the proxy plugin. And a update on two important and active bugs: 2593 seems to hone in on Docker and/or the container environment being a contributing factor. 2624 is because of TLS session negotiating in the forward plugin. https://coredns.io/2019/03/03/coredns-1.4.0-release/ Sun, 03 Mar 2019 09:04:07 +0000 https://coredns.io/2019/03/03/coredns-1.4.0-release/ We are pleased to announce the release of CoreDNS-1.4.0! Our first release after we became a graduated project in CNCF. Deprecation notice for the next release: auto will deprecate TIMEOUT and recommends the use of RELOAD (2516). auto and file will deprecate NO_RELOAD and recommends the use of RELOAD set to 0 (2536). health will revert back to report process level health without plugin status. A new ready plugin will make sure plugins have at least completed their startup sequence. https://coredns.io/2019/01/13/coredns-1.3.1-release/ Sun, 13 Jan 2019 15:00:29 +0000 https://coredns.io/2019/01/13/coredns-1.3.1-release/ We are pleased to announce the release of CoreDNS-1.3.1! This is a fairly small release that allows us to announce some backwards incompatible changes in the next (1.4.0) release: The upstream directive used in various plugin will start to default to the coredns process itself. This allow those resolutions to take advantage of other plugins (i.e. caching). The etcd’s plugin StubDomain subsystem relied heavily on this functionality and as such will be removed from that plugin. https://coredns.io/2018/12/15/coredns-1.3.0-release/ Sat, 15 Dec 2018 16:14:29 +0000 https://coredns.io/2018/12/15/coredns-1.3.0-release/ We are pleased to announce the release of CoreDNS-1.3.0! Core In this release we do the EDNS0 handling in the server and make it compliant with https://dnsflagday.net/. This fits a theme where we move more and more protocol details into the server to make life easier for plugin authors. Plugins k8s_external a new plugin that allows external zones to point to Kubernetes in-cluster services. rewrite fixes a bug where a rule would eat the first character of a name https://coredns.io/2018/11/27/cluster-dns-coredns-vs-kube-dns/ Tue, 27 Nov 2018 00:00:00 +0000 https://coredns.io/2018/11/27/cluster-dns-coredns-vs-kube-dns/ When compiling data for a resource deployment guide for CoreDNS a few weeks ago, I also collected the same data for kube-dns using the same test environments. Although CoreDNS and Kube-dns ultimately perform the same task, there are some key differences in implementation that affect resource consumption and performance. At a high level, some of these differences are: CoreDNS is a single container per instance, vs kube-dns which uses three. Kube-dns uses dnsmasq for caching, which is single threaded C. https://coredns.io/2018/11/15/scaling-coredns-in-kubernetes-clusters/ Thu, 15 Nov 2018 00:00:00 +0000 https://coredns.io/2018/11/15/scaling-coredns-in-kubernetes-clusters/ I’m sharing the results of some tests I ran with CoreDNS (1.2.5) in Kubernetes (1.12) to provide some reference points for tuning CoreDNS to your cluster. In addition to testing CoreDNS in its default configuration, I tested CoreDNS with the optional autopath plugin enabled. The autopath plugin is an optimization that helps transparently mitigate the DNS performance penalties Pods incur due to Kubernetes’ infamous ndots:5 issue. These tests quantify the memory/performance trade when enabling autopath. https://coredns.io/2018/11/05/coredns-1.2.6-release/ Mon, 05 Nov 2018 20:40:29 +0100 https://coredns.io/2018/11/05/coredns-1.2.6-release/ We are pleased to announce the release of CoreDNS-1.2.6! Core Ignore the error when setting SO_REUSEPORT on a socket fails; this makes CoreDNS work on older kernels. Plugins etcd has seen minor bugfixes. loop fixes a bug when dealing with a failing upstream. log unifies all logging (done by this plugin and normal logs) and always use RFC3339 timestamps (with millisecond accuracy). The {when} verb has been made a noop, it will be removed in the next release. https://coredns.io/2018/10/24/coredns-1.2.5-release/ Wed, 24 Oct 2018 20:40:29 +0100 https://coredns.io/2018/10/24/coredns-1.2.5-release/ We are pleased to announce the release of CoreDNS-1.2.5! Core Correctly make a reply fit in the client’s buffer, especially when EDNS0 is not used. This used to be the responsibility of a plugin, now the server will handle it. Plugins Documentation and smaller updates for various plugins, as well as: cache - resets min TTL default back to 5 second (instead of 0). dnssec - now allows aZSK/KSK split as well as a CSK setup. https://coredns.io/2018/10/17/coredns-1.2.4-release/ Wed, 17 Oct 2018 20:01:29 +0100 https://coredns.io/2018/10/17/coredns-1.2.4-release/ We are pleased to announce the release of CoreDNS-1.2.4! Remember we said the 1.2.3 release was a big release and took quite a while? Well, we’ve fixed that glitch; as 1.2.4 is here now. CoreDNS v1.2.3’s kubernetes plugin DOES NOT WORK IN KUBERNETES and our testing that didn’t catch that regression, nor the Kubernetes scale testing which doesn’t really exercise the whole API. Plugins cache use zero of the minimal negative TTL (if no suitable TTL was found in the packet). https://coredns.io/2018/10/16/coredns-1.2.3-release/ Tue, 16 Oct 2018 11:37:29 +0100 https://coredns.io/2018/10/16/coredns-1.2.3-release/ We are pleased to announce the release of CoreDNS-1.2.3! Core This is a big release that spans almost 6 weeks of development, slightly longer than normal. You may also have noticed that CoreDNS wasn’t made the default in Kubernetes 1.12 due to increased memory used compared to kube-dns. This release contains a fix for that. The underlying DNS library has seen multiple updates to improve throughput and memory and we have enabled REUSE_PORT on the ports CoreDNS opens on *nix. https://coredns.io/2018/08/29/coredns-1.2.2-release/ Wed, 29 Aug 2018 07:10:29 +0100 https://coredns.io/2018/08/29/coredns-1.2.2-release/ We are pleased to announce the release of CoreDNS-1.2.2! This is a (small) release that helps out our friends at kops: make the default cache size smaller. Contributors The following people helped with getting this release done: Chris O’Haver, Miek Gieben. For documentation see our (in progress!) manual. For help and other resources, see our community page. https://coredns.io/2018/08/28/coredns-1.2.1-release/ Tue, 28 Aug 2018 07:10:29 +0100 https://coredns.io/2018/08/28/coredns-1.2.1-release/ We are pleased to announce the release of CoreDNS-1.2.1! This release features bugfixes (mostly in the kubernetes plugin), documentation improvements and one new plugin: loop. Plugins A new plugin called loop was added. When starting up it detects resolver loops and stops the process if one is detected. Contributors The following people helped with getting this release done. Good to see a whole bunch of new names, as well as the usual suspects: https://coredns.io/2018/07/11/coredns-1.2.0-release/ Wed, 11 Jul 2018 11:13:29 +0100 https://coredns.io/2018/07/11/coredns-1.2.0-release/ We are pleased to announce the release of CoreDNS-1.2.0! In this release we have a new plugin, bump etcd to version 3 and bugfixes. Core Enable watch functionality when CoreDNS is used as a gRPC server (documented in the code - for now). Plugins A new plugin called metadata was added. It adds metadata to a query, via the context. The etcd plugin now supports etcd version 3 (only!). It was impossible to support v2 and v3 at the same time (even as separate plugins); so we decided to drop v2 support. https://coredns.io/2018/06/19/coredns-1.1.4-release/ Tue, 19 Jun 2018 09:39:29 +0100 https://coredns.io/2018/06/19/coredns-1.1.4-release/ We are pleased to announce the release of CoreDNS-1.1.4! This release has a few enhancements in the plugins, and a few (Docker) improvements. Core As said in the 1.1.3 Release Notes, we are making the -log command line flag a noop. This is also a heads up that in the next release - 1.2.0 - the current etcd plugin will be replaced by a new plugin that supports etcd3, see this pull request. https://coredns.io/2018/05/24/coredns-1.1.3-release/ Thu, 24 May 2018 09:43:29 +0100 https://coredns.io/2018/05/24/coredns-1.1.3-release/ We are pleased to announce the release of CoreDNS-1.1.3! This release has fixes in the plugins, small core updates and experimental DNS over HTTPs support. We also announce the deprecation of a few things. Core Experimental DNS-over-HTTPS support was added in the server. Use https:// as the server’s scheme in the configuration. The -log flag actually doesn’t do anything, so this is a deprecation notice that this flag will be removed in the next release. https://coredns.io/2018/05/21/migration-from-kube-dns-to-coredns/ Mon, 21 May 2018 20:23:43 +0000 https://coredns.io/2018/05/21/migration-from-kube-dns-to-coredns/ CoreDNS is currently a Beta feature in Kubernetes and on course to being graduated to General Availability (GA) for Kubernetes 1.11. This means that CoreDNS will be available as a standard in Kubernetes via the installation toolkits such as kubeadm, kube-up, minikube and kops. This document will guide you to migrating the DNS service from CoreDNS to kube-dns when using the various tools available to spin up a Kubernetes cluster. https://coredns.io/2018/04/23/coredns-1.1.2-release/ Mon, 23 Apr 2018 09:21:29 +0100 https://coredns.io/2018/04/23/coredns-1.1.2-release/ We are pleased to announce the release of CoreDNS-1.1.2! This release has some fixes in the plugins and no core updates. Plugins forward has received a large pile of fixes and improvements. reload: the metrics and health plugin saw fixes for this reload issue, still not 100% perfect, but a whole lot better than it was. log now allows ORing of log classes. metrics: add a server label to make each metric unique to the server handling it. https://coredns.io/2018/03/25/coredns-1.1.1-release/ Sun, 25 Mar 2018 18:04:29 +0100 https://coredns.io/2018/03/25/coredns-1.1.1-release/ We are pleased to announce the release of CoreDNS-1.1.1! This release fixes a critical bug in the cache plugin found by Cure53. All users are encouraged to upgrade. Core Fix a bug when scrubbing the reply to fit the request’s buffer consumes 100% CPU and does not return the reply. Plugins cache fixes the critical spoof vulnerability. route53 adds support for PTR records. Contributors The following people helped with getting this release done: https://coredns.io/2018/03/15/cure53-security-assessment/ Thu, 15 Mar 2018 09:34:29 +0000 https://coredns.io/2018/03/15/cure53-security-assessment/ Being an incubating CNCF project makes us eligible for nice things like a security assessment (cue ominous music). The CNCF asked Cure53 to perform such an assessment. TL;DR: CoreDNS is in good shape, but Cure53 did find one critical issue (which we’ve fixed with the CoreDNS 1.1.1 release): DNS-01-003 Cache: DNS Cache poisoning via malicious Response (Critical) The CoreDNS application allows to configure the caching of the DNS responses via the cache plugin. https://coredns.io/2018/03/12/coredns-1.1.0-release/ Mon, 12 Mar 2018 09:33:29 +0000 https://coredns.io/2018/03/12/coredns-1.1.0-release/ We are pleased to announce the release of CoreDNS-1.1.0! CoreDNS has been promoted to the incubating level in the CNCF! This has been made possible by the work done by contributors, users and adopters. Thank you all! Core Bump the version to 1.1.0, as we deprecate two plugins (shutdown and startup). In CoreDNS 1.0.6 the bind plugin was extended to allow binding to multiple interfaces. This release adds the ability serve the same zone on different interfaces (we used to block this for no good reason). https://coredns.io/2018/02/21/coredns-1.0.6-release/ Wed, 21 Feb 2018 11:10:29 +0000 https://coredns.io/2018/02/21/coredns-1.0.6-release/ We are pleased to announce the release of CoreDNS-1.0.6! This release has bug fixes, documentation fixes, polish and new plugins. Core We’ve moved to a OWNERS model, where each plugin (and CoreDNS itself) now has an OWNERS file listing people involved with this code. Plugins The startup and shutdown plugin are deprecated (but working and included) in this release in favor of the on plugin. If you use them, this is the moment to move to on. https://coredns.io/manual/toc/ Fri, 16 Feb 2018 11:10:29 +0000 https://coredns.io/manual/toc/ This manual is a work-in-progress! Help is appreciated! See the source of this manual if you want to help. Either by sending pull requests or by filing issues with specifics of what you want to see addressed here, any missing content or just confusing bits. – CoreDNS Authors Table of Contents What is CoreDNS Installation Plugins Configuration Specific Setups Writing Plugins https://coredns.io/2018/01/29/deploying-kubernetes-with-coredns-using-kubeadm/ Mon, 29 Jan 2018 10:12:43 +0000 https://coredns.io/2018/01/29/deploying-kubernetes-with-coredns-using-kubeadm/ Kubernetes 1.9 has recently been launched and it ships with CoreDNS being a part of it. We can now install CoreDNS as the default service discovery via Kubeadm, which is the toolkit to install Kubernetes easily in a single step. Currently, CoreDNS is Alpha in Kubernetes 1.9. We have a roadmap which will make CoreDNS Beta in version 1.10 and eventually be the default DNS, replacing kube-dns. It is important to note that currently when switching from kube-dns to CoreDNS, the configurations that come with kube-dns (stubzones, federations…) will no longer exist and will switch to a default configuration in CoreDNS. https://coredns.io/2018/01/25/coredns-1.0.5-release/ Thu, 25 Jan 2018 11:10:29 +0000 https://coredns.io/2018/01/25/coredns-1.0.5-release/ We are pleased to announce the release of CoreDNS-1.0.5! This release has bug fixes, documentation fixes, polish and new plugins. Core Add ability to really compile out the default plugins. Plugins A new plugin route53 was added that enables serving zone data from AWS route53, see the documentation. A new plugin on was added. This is an external Caddy plugin, that is now also available (by default) for CoreDNS; it allows you to run commands when an event is generated. https://coredns.io/2018/01/18/coredns-1.0.4-release/ Thu, 18 Jan 2018 15:54:29 +0000 https://coredns.io/2018/01/18/coredns-1.0.4-release/ We are announcing the release of CoreDNS-1.0.4! This is a release that fixes a vulnerability in the underlying DNS library. See https://github.com/miekg/dns/issues/627 and the (still embargoed) CVE-2017-15133. Thanks to Tom Thorogood for bringing this issue to our attention. CoreDNS-1.0.4 is CoreDNS-1.0.3 recompiled with a patched DNS library. https://coredns.io/2018/01/10/coredns-1.0.3-release/ Wed, 10 Jan 2018 19:38:29 +0000 https://coredns.io/2018/01/10/coredns-1.0.3-release/ We are pleased to announce the release of CoreDNS-1.0.3! This is a small bugfix release, but we also have a new plugin: template. Core Manual pages are now generated from the READMEs, you can find them in the man/ directory. A coredns(1) and corefile(5) one where also added. Plugins The fallthrough directive was overhauled and now allows a list of zones to be specified. It will then only fallthrough for those zones, see plugin/plugin. https://coredns.io/2017/12/31/coredns-1.0.2-release/ Sun, 31 Dec 2017 09:06:29 +0000 https://coredns.io/2017/12/31/coredns-1.0.2-release/ We are pleased to announce the release of CoreDNS-1.0.2! This release can be summarized as “help external plugin developers” as most changes are geared towards exposing CoreDNS functionality to make this as easy as possible. Is also a fairly small release. Core Expose the directives list, so that external plugins can be easily added without mucking with CoreDNS code, see the pull request for details. Fix crash when there are no handlers that can actually serve queries, i. https://coredns.io/2017/12/11/coredns-1.0.1-release/ Mon, 11 Dec 2017 14:43:43 +0000 https://coredns.io/2017/12/11/coredns-1.0.1-release/ We are pleased to announce the release of CoreDNS-1.0.1! This release fixes a crash in the file plugin and has some minor bug fixes for other plugins. One new plugin was added: nsid, that implements RFC 5001. Plugins file fixes a crash when an request with a DO bit (pretty much the default) hits an unsigned zone. The default configuration should recover the go-routine, but this is nonetheless serious. file received some other fixes when returning (secure) delegations. https://coredns.io/2017/12/01/coredns-1.0.0-release/ Fri, 01 Dec 2017 22:43:43 +0000 https://coredns.io/2017/12/01/coredns-1.0.0-release/ We are pleased to announce the release of CoreDNS-1.0.0! Release 1.0.0 and other recent releases have focused on improving the performance and functionality of the kubernetes plugin, since CoreDNS is now on track to eventually replace kube-dns as the default cluster DNS in Kubernetes. As part of the Kubernetes proposal, we have shown that CoreDNS not only provides more functionality than kube-dns, but performs much better while using less memory. In our tests, CoreDNS running against a cluster with 5000 services was able to process 18,000 queries per second using 73MB of RAM, while kube-dns achieved 7,000qps using 97MB of RAM. https://coredns.io/2017/11/03/coredns-0.9.10-release/ Fri, 03 Nov 2017 20:45:43 +0000 https://coredns.io/2017/11/03/coredns-0.9.10-release/ CoreDNS-0.9.10 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. Release 0.9.10 is a minor release, with some fixes. Core The reverse zone syntax was extended to allow non-octet boundaries: 192.168.1.0/17 { ... } Will behave correctly. Lots of documentation clean ups. More platforms have binaries for each release. Plugins dnssec will now insert DS records (and sign them) when it signs a delegation response. https://coredns.io/2017/11/03/setting-up-coredns-on-aws/ Fri, 03 Nov 2017 07:40:37 +0000 https://coredns.io/2017/11/03/setting-up-coredns-on-aws/ At step by step walkthrough on setting up CoreDNS in Kubernetes (on AWS). Published by Arun Gupta. Also see this twitter thread. https://coredns.io/2017/10/18/coredns-0.9.9-release/ Wed, 18 Oct 2017 11:37:43 -0400 https://coredns.io/2017/10/18/coredns-0.9.9-release/ CoreDNS-0.9.9 has been released! (yes, we’ve moved to semver) CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. Release 0.9.9 is a major release, with lots of fixes. Core We’ve renamed middleware.Middleware to plugin.Plugin. This is backwards incompatible for external middleware plugins, but you can update your plugin by just replacing [Mm]iddleware with [Pp]lugin: sed 's/Middleware/Plugin/'g -i *.go sed 's/middleware/plugin/'g -i *.go From now on we’ll use the term plugin in our documentation and code. https://coredns.io/2017/09/16/semantic-versioning/ Sat, 16 Sep 2017 07:28:00 +0000 https://coredns.io/2017/09/16/semantic-versioning/ CoreDNS’ next release is around the corner and it is going to be 1.0.0. With this release to move to semantic versioning. This will allow us to make changes, some of which may be backwards incompatible, in a sane manor: Given a version number MAJOR.MINOR.PATCH, increment the: MAJOR version when you make incompatible API changes, MINOR version when you add functionality in a backwards-compatible manner, and PATCH version when you make backwards-compatible bug fixes. https://coredns.io/2017/09/10/coredns-011-release/ Sun, 10 Sep 2017 20:24:43 -0400 https://coredns.io/2017/09/10/coredns-011-release/ CoreDNS-011 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. Release v011 is a major release, with backwards incompatible changes in the kubernetes plugin. Core This release has backwards incompatible changes for the kubernetes plugin. Stop vendoring github.com/miekg/dns and golang.org/x/net/context. This enables external plugin to compile without tripping over vendored types that mismatch. Allow an easy way to specify reverse zones in the Corefile, just use (e. https://coredns.io/2017/09/09/a-first-look-at-coredns/ Sat, 09 Sep 2017 15:05:37 +0100 https://coredns.io/2017/09/09/a-first-look-at-coredns/ JP Mens (author of Alternative DNS servers, takes a first look at CoreDNS on his blog: https://jpmens.net/2017/09/09/coredns/ https://coredns.io/2017/08/08/coredns-performance-testing/ Tue, 08 Aug 2017 22:50:37 +0100 https://coredns.io/2017/08/08/coredns-performance-testing/ As CoreDNS is an inception level project under the CNCF which means we have access to the physical cloud infrastructure of Packet, a bare metal(!) cloud provider. Physical machines imply performance and also because you get an entire machine you can use them for performance metrics. For CoreDNS we have a few Benchmark tests (from the Go standard library) that haven’t seen much use. Typically you run these before your change and then after your and then use a tool like benchcmp to compare the results and impress your PR’s reviewers. https://coredns.io/2017/08/03/logging-with-dnstap/ Thu, 03 Aug 2017 10:25:28 +0200 https://coredns.io/2017/08/03/logging-with-dnstap/ dnstap is a flexible, structured binary log format for DNS software1. It uses Protocol Buffers to encode events that occur inside DNS software in an implementation-neutral format. dnstap can encode any DNS message exchanged by the server, along with information about the remote computer (IP address, port) and time. It includes client queries and responses, but also proxied requests or other information requested from other name servers. This example shows output from the dnstap command-line tool to get an idea of the kind of information that dnstap can provide: https://coredns.io/2017/08/01/intro-to-coredns-webinar-by-john-belamaric/ Tue, 01 Aug 2017 18:00:00 +0000 https://coredns.io/2017/08/01/intro-to-coredns-webinar-by-john-belamaric/ The recording of the webinar (“Intro to CoreDNS”) that John Belamaric gave is now available: https://coredns.io/2017/07/25/coredns-010-release/ Tue, 25 Jul 2017 11:24:43 -0400 https://coredns.io/2017/07/25/coredns-010-release/ CoreDNS-010 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. Release v010 is mostly a bugfix release, with one new plugin - dnstap. Core No changes. Plugins New dnstap is a new plugin that allows you to get dnstap information from CoreDNS. Updates file now handles multiple wildcard below each other correctly, and handles wildcards at the apex. hosts, and kubernetes have been fixed to return success with no data in cases where records exist but not of the requested type. https://coredns.io/2017/07/25/compile-time-enabling-or-disabling-plugins/ Tue, 25 Jul 2017 16:07:39 +0100 https://coredns.io/2017/07/25/compile-time-enabling-or-disabling-plugins/ CoreDNS’ plugins (or external plugins) can be enabled or disabled on the fly by specifying (or not specifying) it in the Corefile. But you can also compile CoreDNS with only the plugins you need and leave the rest completely out. There are two ways to achieve that. It could be done via compile-time configuration file with CoreDNS code base update. It also could be achieved without modifying CoreDNS code. Build with compile-time configuration file The with compile-time configuration file, plugin. https://coredns.io/2017/07/24/quick-start/ Mon, 24 Jul 2017 07:37:13 +0000 https://coredns.io/2017/07/24/quick-start/ First get CoreDNS, either Download the latest release from GitHub, unpack it. You should now have a “coredns” executable. Compile from git by getting the source code from GitHub. Change directory to coredns and: go get - to get a few dependencies, the other ones are vendored go build You should now have a “coredns” executable. Get the Docker image from docker hub. If you want to use CoreDNS in Kubernetes, please check this post about SD with the kuberneters plugin. https://coredns.io/2017/07/23/when-should-plugins-be-external/ Sun, 23 Jul 2017 22:00:00 +0000 https://coredns.io/2017/07/23/when-should-plugins-be-external/ The plugin.md in the CoreDNS source tree has some pointers on what a plugin for CoreDNS should have as minimum requirements. It basically boils down to: “it should add something unique and useful to CoreDNS”. Further more documentation, tests and functionality should all be excellent. It is easier to list when a plugin can be included in CoreDNS than to say it should stay external, so we will do that: https://coredns.io/2017/07/23/add-external-plugins/ Sun, 23 Jul 2017 21:28:13 +0000 https://coredns.io/2017/07/23/add-external-plugins/ If you want to have your external plugin listed create a pull request. In that pull request you’ll need to add a file to content/explugins/ that looks like this: +++ title = "<plugin name>" description = "*<plugin name>* is a ..." weight = 10 tags = [ "plugin" , "<plugin name>" ] categories = [ "plugin", "external" ] date = "2017-07-22T12:37:19+01:00" repo = "https://link-to-your-plugin-repo" home = "https://link-to-your-homepage-or-readme" +++ ## Description The *<plugin name>* plugin is a . https://coredns.io/2017/07/23/corefile-explained/ Sun, 23 Jul 2017 21:28:13 +0000 https://coredns.io/2017/07/23/corefile-explained/ The Corefile is CoreDNS’s configuration file. It defines: What servers listen on what ports and which protocol. For which zone each server is authoritative. Which plugins are loaded in a server. To explain more, let take a look at this “Corefile”: ZONE:[PORT] { [PLUGIN]... } ZONE defines the zone this server. The optional PORT defaults to 53, or the value of the -dns.port flag. PLUGIN defines the plugin(s) we want to load. https://coredns.io/2017/07/13/coredns-009-release/ Thu, 13 Jul 2017 22:52:11 +0000 https://coredns.io/2017/07/13/coredns-009-release/ CoreDNS-009 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. Release v009 is mostly a bugfix release, with a few new features in the plugin. Core No changes. Plugins secondary: fix functionality and improve matching of notify queries. cache: fix data race. proxy: async healthchecks. reverse: new option wildcard that also catches all subdomains of a template. kubernetes: experimental new option autopath that optimizes the search path and ndots combinatorial explosion, so clients with a large search path and high ndots will get a reply on the first query. https://coredns.io/2017/06/14/coredns-008-release/ Wed, 14 Jun 2017 22:52:11 +0000 https://coredns.io/2017/06/14/coredns-008-release/ CoreDNS-008 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. Release v008 has a lot of content, with new plugin and major features added to existing plugin. Please note there is an incompatible change to the log directive - it now only logs to stdout and so only allows stdout as the file name (which of course may be omitted). Core -log flag was changed into a boolean as all logging will be written to standard output. https://coredns.io/2017/06/08/how-queries-are-processed-in-coredns/ Thu, 08 Jun 2017 20:01:00 +0000 https://coredns.io/2017/06/08/how-queries-are-processed-in-coredns/ In the last post, we described three different use cases for custom DNS entries in Kubernetes: Making an alias for an external name Dynamically adding services to another domain, without running another server Adding an arbitrary entry inside the cluster domain In that post we covered the first two. In this post, we’ll show you how to use the fallthrough option of the kubernetes plugin to satisfy the third case. https://coredns.io/2017/05/08/custom-dns-entries-for-kubernetes/ Mon, 08 May 2017 20:01:00 +0000 https://coredns.io/2017/05/08/custom-dns-entries-for-kubernetes/ As described in our previous post, CoreDNS can be used in place of Kube-DNS for service discovery in Kubernetes clusters. Because of the flexible architecture of CoreDNS, this can enable some interesting use cases. In this blog, we’ll show how to solve a common problem - creating custom DNS entries for your services. There are a couple of different possiblities here: Making an alias for an external name Dynamically adding services to another domain, without running another server Adding an arbitrary entry inside the cluster domain CoreDNS can solve all of these use cases. https://coredns.io/2017/05/03/coredns-007-release/ Wed, 03 May 2017 19:26:11 +0000 https://coredns.io/2017/05/03/coredns-007-release/ CoreDNS-007 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. News CoreDNS is accepted as an inception project by the CNCF! Which means a lot to us. See this blog post on why we wanted/did this. Because of this we moved repos: https://github.com/coredns is the main overarching repo. There is an automatic redirect in place from the old repo. And… We have a new logo! https://coredns.io/2017/04/28/coredns-for-minikube/ Fri, 28 Apr 2017 12:30:00 +0000 https://coredns.io/2017/04/28/coredns-for-minikube/ In our previous post, we showed how CoreDNS can be used in place of Kube-DNS for service discovery in Kubernetes clusters. In that blog, there is a footnote about issues trying to replace Kube-DNS when using Google Container Engine (GKE). As it so happens, there is a similar issue with minikube, which is a local Kubernetes environment that is very useful for developers. When you try to replace Kube-DNS, you will find that shortly after you modify its service to point to CoreDNS, your changes will be reverted. https://coredns.io/2017/03/02/why-cncf-for-coredns/ Thu, 02 Mar 2017 18:00:00 +0000 https://coredns.io/2017/03/02/why-cncf-for-coredns/ CoreDNS has been accepted into the Cloud Native Computing Foundation as an inception project! We figure some of you may be wondering why we proposed CoreDNS as a CNCF project, so we wrote this blog entry. Our goal is to make CoreDNS the cloud-native DNS server and service discovery solution. The CNCF as an organization is focused on the advancement of cloud-native architectures. So, to us, this is an excellent match. https://coredns.io/2017/03/01/coredns-for-kubernetes-service-discovery-take-2/ Wed, 01 Mar 2017 20:33:08 +0000 https://coredns.io/2017/03/01/coredns-for-kubernetes-service-discovery-take-2/ A couple months ago we published a blog post on how to use CoreDNS instead of kube-dns in Kubernetes. Since then, we have made a lot of progress. We worked with the community to define a specification for [Kubernetes DNS-Based Service Discovery] (https://github.com/kubernetes/dns/blob/master/docs/specification.md), enabling us to ensure compatibility across the existing Kube-DNS implementation and our new one in CoreDNS. Version 1.0.0 of this specification mostly follows the current behavior of Kube-DNS. https://coredns.io/2017/03/01/how-to-add-plugins-to-coredns/ Wed, 01 Mar 2017 20:23:48 +0000 https://coredns.io/2017/03/01/how-to-add-plugins-to-coredns/ CoreDNS is a DNS server that chains plugins. A plugin is defined as a method: ServeDNS() that gets a request and either responds to the client or passes it on to the next plugin. If none of the plugins handle the request a default response of SERVFAIL is returned. This blog post details how to add a plugin to CoreDNS. We’re using the example of the whoami plugin which is a CoreDNS plugin and loaded by default if no Corefile is specified. https://coredns.io/2017/02/23/history-of-coredns-in-four-posts./ Thu, 23 Feb 2017 18:12:12 +0000 https://coredns.io/2017/02/23/history-of-coredns-in-four-posts./ Yes, at some point CoreDNS was actually a forked webserver doing DNS. This blog posts detail some of the early history of CoreDNS. Pondering if I should create someting ala Caddy, but then for DNS. I didn’t have a name, so it was “Caddy DNS” (or Daddy as some point): https://miek.nl/2016/march/10/caddy-dns/. This idea was good enough that I actually tried it out, resulting in the first queries answered by “Caddy DNS”: https://miek. https://coredns.io/2017/02/22/coredns-006-release/ Wed, 22 Feb 2017 21:26:11 +0000 https://coredns.io/2017/02/22/coredns-006-release/ CoreDNS-006 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. What is New Core Move CoreDNS to https://github.com/coredns/coredns together with several other repos. This will be the new home for CoreDNS development. Fixed: Fix hot-reloading. This would fail with [ERROR] SIGUSR1: listen tcp :53: bind: address already in use. Allow removal of core plugin, see comments in plugin.cfg. Plugin improvements New reverse plugin: allows CoreDNS to respond dynamically to an PTR request and the related A/AAAA request. https://coredns.io/2017/02/09/coredns-005-release/ Thu, 09 Feb 2017 18:50:31 +0000 https://coredns.io/2017/02/09/coredns-005-release/ CoreDNS-005 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. What is New Core A way to configure (external) plugin was added. Edit plugin.cfg and do a go generate && go build and your plugin has been added. This allows for out-of-tree plugin to be easily added. Documentation can be found in plugin.cfg. Plugin improvements New erratic: a new plugin that can drop queries, limited in the current functionality, but useful for testing. https://coredns.io/2017/01/01/coredns-004-release/ Sun, 01 Jan 2017 10:30:31 +0000 https://coredns.io/2017/01/01/coredns-004-release/ CoreDNS-004 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. What is New Core We are now also releasing an ARM build that can run on Raspberry Pi. Plugin improvements file|auto: resolve external CNAME when an upstream (new option) is specified. file|auto: allow port numbers for transfer from/to to be specified. file|auto: include zone’s NSset in positive responses. auto: close files and don’t leak file descriptors. https://coredns.io/2016/12/19/writing-plugins-for-coredns/ Mon, 19 Dec 2016 08:00:24 +0000 https://coredns.io/2016/12/19/writing-plugins-for-coredns/ A plugin adds functionality to CoreDNS, i.e. caching, metrics and basic zone file serving are all plugins. If you want to write a new plugin and want it to be included by default, i.e. merged in the code base please open an issue first to discuss initial design and other things that may come up. Starting with a README file to explain how things work from a user perspective is usually a good idea. https://coredns.io/2016/11/26/dns-over-https/ Sat, 26 Nov 2016 17:22:44 +0000 https://coredns.io/2016/11/26/dns-over-https/ Note this requires the proxy plugin which has been deprecated. Since almost a year Google has a DNS service that can be queried over HTTPS: https://dns.google.com. This means your queries are encrypted and can only be seen by you (and Google(!)). Seeing all the press about the UK’s snooper’s charter I though I should implement this as a plugin in CoreDNS. I’m (obviously) going to use this myself; which is perfect as it protects me and it allows me to dog food CoreDNS as a DNS proxy in my home network. https://coredns.io/2016/11/11/coredns-003-release/ Fri, 11 Nov 2016 16:38:32 +0000 https://coredns.io/2016/11/11/coredns-003-release/ CoreDNS-003 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. What is New Core Refused queries are properly logged and exported if metrics are enabled. Plugin improvements proxy: allow /etc/resolv.conf to be used in the configuration. metrics: add tests and normalize some of the metrics. Removed the AXFR size metrics. cache: Added size and capacity of the cache (for both denial and success cache types). https://coredns.io/2016/11/08/coredns-for-kubernetes-service-discovery/ Tue, 08 Nov 2016 07:33:08 +0000 https://coredns.io/2016/11/08/coredns-for-kubernetes-service-discovery/ Infoblox’s John Belamaric has published a blog post on how to use CoreDNS instead of kube-dns in Kubernetes. A little excerpt: Kubernetes includes a DNS server, Kube-DNS, for use in service discovery. This DNS server utilizes the libraries from SkyDNS to serve DNS requests for Kubernetes pods and services. The author of SkyDNS2, Miek Gieben, has a new DNS server, CoreDNS, that is built with a more modular, extensible framework. Infoblox has been working with Miek to adapt this DNS server as an alternative to Kube-DNS. https://coredns.io/2016/10/30/quick-start-for-windows/ Sun, 30 Oct 2016 00:00:00 +0000 https://coredns.io/2016/10/30/quick-start-for-windows/ This is a development quick start guide when you are using Windows. Make sure that you have your GOPATH set up Clone coredns and all dependencies: go get github.com/coredns/coredns Navigate to the source: cd $ENV:GOPATH\src\github.com\coredns\coredns Fork (but not clone) coredns Update the origin to point at your repository: git remote set-url origin https://github.com/USERNAME/coredns.git Open your editor: code . Create a new file named Corefile and populate it: # Only port 53 is supported as NSLOOKUP no longer supports non-standard ports . https://coredns.io/2016/10/19/coredns-002-release/ Wed, 19 Oct 2016 19:09:32 +0000 https://coredns.io/2016/10/19/coredns-002-release/ CoreDNS-002 has been released! CoreDNS is a DNS server that chains plugins, where each plugin implements a DNS feature. What is New -port was renamed to -dns.port to avoid clashing with Caddy’s -port (which was renamed to http.port). Lumberjack logger was removed, this means no built in log rotation; use an external tool for that. Brushed up GoDoc for all packages. Brushed up all READMEs to be more standard and look like manual page. https://coredns.io/2016/10/13/query-routing/ Thu, 13 Oct 2016 08:50:13 +0000 https://coredns.io/2016/10/13/query-routing/ Quiz time, in the following Corefile: . { proxy . 8.8.8.8:53 file db.example.com } Will a query for www.google.com be handled by the proxy or the file plugin? Answer below. What does this Corefile actually say? It specifies that queries for root (.) and everything below it (so for all domain names) we should enter this stanza. Next all queries should be forwarded to 8.8.8.8:53. Then because the file plugin does not specify what zones should be answered from the db. https://coredns.io/2016/09/29/coredns-and-caddy/ Thu, 29 Sep 2016 06:18:40 +0000 https://coredns.io/2016/09/29/coredns-and-caddy/ Caddy 0.9.3 is released. On it’s download page you can now select the “DNS plugin” to be added to Caddy! This is really nice and a culmination of all the work that has been put in to make this happen. Note that if you select this option you get a binary that is both a DNS and webserver, during startup you can select between the two with -type=dns|http flag. The CoreDNS developers will still provide their own (DNS only) binaries over at GitHub. https://coredns.io/2016/09/18/coredns-001-release/ Sun, 18 Sep 2016 11:40:37 +0100 https://coredns.io/2016/09/18/coredns-001-release/ CoreDNS-001 has been released. This is the first release! It provides a complete DNS server, that also does DNSSEC and is useful for service discovery in cloud setups. What is CoreDNS? CoreDNS is a DNS server that started its life as a fork of the Caddy web(!)server. It chains plugin, where each plugin implements some DNS feature. CoreDNS is a complete replacement (with more features, and maybe less bugs) for SkyDNS. https://coredns.io/manual/configuration/ Mon, 01 Jan 0001 00:00:00 +0000 https://coredns.io/manual/configuration/ Configuration There are various pieces that can be configured in CoreDNS. The first is determining which plugins you want to compile into CoreDNS. The binaries we provide have all plugins, as listed in plugin.cfg, compiled in. Adding or removing is easy, but requires a recompile of CoreDNS. Thus most users use the Corefile to configure CoreDNS. When CoreDNS starts, and the -conf flag is not given, it will look for a file named Corefile in the current directory. https://coredns.io/manual/explugins/ Mon, 01 Jan 0001 00:00:00 +0000 https://coredns.io/manual/explugins/ External Plugins CoreDNS comes with a large set of plugins, but not all (existing) plugins are included in the default install. You can find external plugins on our website, or develop one yourself. Enabling plugins is a compile time affair in CoreDNS, so you’ll need to have CoreDNS’ source code. https://coredns.io/manual/installation/ Mon, 01 Jan 0001 00:00:00 +0000 https://coredns.io/manual/installation/ Installation CoreDNS is written in Go, but unless you want to develop plugins or compile CoreDNS yourself, you probably don’t care. The following sections detail how you can get CoreDNS binaries or install from source. Binaries For every CoreDNS release, we provide pre-compiled binaries for various operating systems. For Linux, we also provide cross-compiled binaries for ARM, PowerPC and other architectures. Docker We push every release as Docker images as well. https://coredns.io/manual/plugins-dev/ Mon, 01 Jan 0001 00:00:00 +0000 https://coredns.io/manual/plugins-dev/ Writing Plugins As mentioned before in this manual, plugins are the thing that make CoreDNS tick. We’ve seen a bunch of configuration in the previous section, but how can you write your own plugin? See Writing Plugins for CoreDNS for an older post on this subject. The plugin.md documented in CoreDNS’ source also has some background and talks about styling the README.md. The canonical example plugin is the example plugin. Its github repository shows the most minimal code (with tests! https://coredns.io/manual/plugins/ Mon, 01 Jan 0001 00:00:00 +0000 https://coredns.io/manual/plugins/ Plugins Once CoreDNS has been started and has parsed the configuration, it runs Servers. Each Server is defined by the zones it serves and on what port. Each Server has its own Plugin Chain. When a query is being processed by CoreDNS, the following steps are performed: If there are multiple Servers configured that listen on the queried port, it will check which one has the most specific zone for this query (longest suffix match). https://coredns.io/manual/setups/ Mon, 01 Jan 0001 00:00:00 +0000 https://coredns.io/manual/setups/ Setups Here you can find a bunch of configurations for CoreDNS. All setups are done assuming you are not the root user and hence can’t start listening on port 53. We will use port 1053 instead, using the -dns.port flag. In every setup, the configuration file used is the CoreDNS’ default, named Corefile. This means we don’t need to specify the configuration file with the -conf flag. In other words, we start CoreDNS with . https://coredns.io/manual/what/ Mon, 01 Jan 0001 00:00:00 +0000 https://coredns.io/manual/what/ What is CoreDNS? CoreDNS is a DNS server. It is written in Go. CoreDNS is different from other DNS servers, such as (all excellent) BIND, Knot, PowerDNS and Unbound (technically a resolver, but still worth a mention), because it is very flexible, and almost all functionality is outsourced into plugins. Plugins can be stand-alone or work together to perform a “DNS function”. So what’s a “DNS function”? For the purpose of CoreDNS, we define it as a piece of software that implements the CoreDNS Plugin API.