CoreDNS Chaining Middleware

March 19, 2016

dns

CoreDNS is shaping up nicely and of course the middleware (taken from Caddy) is working great.

Take for instance the following. We want to rewrite ANY queries to HINFO (because DDoS) and then proxy them to Google. We also need some logging. So after downloading and compiling CoreDNS, create the following Corefile:

.:1053 {
    log stdout
    rewrite ANY HINFO
    proxy . 8.8.8.8:53
}

By default CoreDNS will read a file called Corefile, so we can just start it with:

% ulimit -n 4096
% ./coredns
Activating privacy features...
.:1053

Queries work as expected, dig @localhost -p 1053 mx miek.nl will work and will show up in the logs:

127.0.0.1 - [19/Mar/2016:21:15:22 +0000] "MX miek.nl. udp" NOERROR 170

But lets try a ANY query, dig @localhost -p 1053 ANY miek.nl, the reply we get back is:

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;miek.nl.			IN	ANY

;; AUTHORITY SECTION:
miek.nl.		1799	IN	SOA	linode.atoom.net. miek.miek.nl. 1458360781 14400 3600 604800 14400

Which is not the reply you’d expect from an ANY query, the log makes clear that the rewrite happened:

127.0.0.1 - [19/Mar/2016:21:18:17 +0000] "HINFO miek.nl. udp" NOERROR 94
CoreDNS  DNS  Server  Middleware