pkdns

A DNS server providing self-sovereign and censorship-resistant domain names. It resolves records hosted on the Mainline DHT, the biggest DHT on the planet with ~15M nodes that services torrents since 15 years.

Getting Started

Hosted DNS

Use one of the hosted DNS servers to try out pkdns quickly.

• Verify the server is working.
• Configure your browser or system dns.
• Browse the self-sovereign web.

Pre-Built Binaries

1. Download the latest release for your plattform.
2. Extract the tar file. Should be something like tar -xvf tarfile.tar.gz.
3. Run pkdns --verbose.
4. Verify the server is working. Your dns server ip is 127.0.0.1.
5. Configure your system dns.
6. Browse the self-sovereign web.

Build It Yourself

Make sure you have the Rust toolchain installed.

1. Clone repository git clone https://github.com/pubky/pkdns.git.
2. Switch directory cd pkdns.
3. Run cargo run --package=pkdns.
4. Verify the server is working. Your server ip is 127.0.0.1.
5. Configure your system dns.
6. Browse the self-sovereign web.

Use Docker Compose

See compose.yaml.

Guides

Use DNS-over-HTTPS in your Browser

1. Pick a DNS-over-HTTPS URL from our public servers.txt list.
2. Configure your browser. See this guide.

Verify your server with this domain http://7fmjpcuuzf54hw18bsgi3zihzyh4awseeuq5tmojefaezjbd64cy./.

Change your System DNS

Follow one of the guides to change your DNS server on your system:

• MacOS guide
• Ubuntu guide
• Windows guide

Verify your server with this domain http://7fmjpcuuzf54hw18bsgi3zihzyh4awseeuq5tmojefaezjbd64cy./.

Verify pkdns is working

Pkarr Domains

Verify the server resolves pkarr domains. Replace PKDNS_SERVER_IP with your pkdns server IP address.

nslookup 7fmjpcuuzf54hw18bsgi3zihzyh4awseeuq5tmojefaezjbd64cy PKDNS_SERVER_IP

Troubleshooting If this does not work then the pkdns server is likely not running.

ICANN Domains

Verify it resolves regular ICANN domains. Replace PKDNS_SERVER_IP with your pkdns server IP address.

nslookup example.com PKDNS_SERVER_IP

Troubleshooting If this does not work then you need to change your ICANN fallback server with pkdns -f REGULAR_DNS_SERVER_IP. Or use the Google DNS server: pkdns -f 8.8.8.8.

Browse the Self-Sovereign Web

Here are some example pkarr domains:

• http://7fmjpcuuzf54hw18bsgi3zihzyh4awseeuq5tmojefaezjbd64cy./
• http://pkdns.7fmjpcuuzf54hw18bsgi3zihzyh4awseeuq5tmojefaezjbd64cy./

Hint: Always add a ./ to the end of a pkarr domain. Otherwise browsers will search instead of resolve the website.

Address already in use

Other services might occupy the port 53 already. For example, Docker Desktop uses the port 53 on MacOS. systemd-resolved is using it on Ubuntu. Make sure to free those.

Configuration

Options

Usage: pkdns [OPTIONS]

Options:
  -f, --forward <FORWARD>      ICANN fallback DNS server. Format: IP:Port. [default: 8.8.8.8:53]
  -v, --verbose                Show verbose output. [default: false]
  -c, --config <CONFIG>        The path to pkdns configuration file. This will override the pkdns-dir config path
  -p, --pkdns-dir <PKDNS_DIR>  The base directory that contains pkdns's data, configuration file, etc [default: ~/.pkdns]
  -h, --help                   Print help
  -V, --version                Print version

Config File

~/.pkdns/pkdns.toml is used for all extended configurations. An example can be found in sample-config.toml.

FAQs

• How Censorship-Resistant is Mainline DHT?
• How Censorship-Resistant are Public Key Domains
• How to publish a Public Key Domain Website?
• How can I run my own DNS over HTTPS endpoint?
• How to configure DynDNS?

Limitations

Recursion

pkdns does only partially support recursive lookups. Recursion only works

• For a CNAME pointing directly to another record in the same pkarr packet.

Record Types

Currently, pkdns only supports A, AAAA, TXT, CNAME, and MX records. For any other types, use bind9.

---

May the power ⚡ be with you. Powered by pkarr.