On Fri, Aug 8, 2025, 13:20 William Herrin via NANOG <nanog@lists.nanog.org> wrote:
Can anyone recommend software for an authoritative DNS server where the open source code is clean and well documented? I have an anycast-related experiment I'd like to put together and I want to be able to quickly shoehorn it into existing code.
I looked at the source for ISC Bind but the code complexity is far beyond anything I'd want to touch for a casual experiment. Please don't use macros (#defines) to construct your C function _definitions_. I realize C allows it but it turns your code into a meta-language that no one else knows.
Regards, Bill Herrin
I know this is going to sound absolutely silly, but hear me out. For *simple labbing/POC*, dnsmasq. Yes, really. https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html See the --auth-server= option. I, in no way, recommend it for production authoritative (as it may have been guessed from the other thread, I'm proudly a PowerDNS fanboy and dnsmasq authoritative just feels wrong and dirty) but. *But.* For simple experiments, it may be ideal. Despite being arguably overloaded in functionality, its source[0] is quite clean and rather well-documented (for example, here's its implementation of DNSSEC[1] resolution) and fairly well organized. [0] https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=summary (or https://github.com/imp/dnsmasq if you prefer)
[1] https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=src/dnssec.c;h=0860...