Using EthDNS to host your DNS domain


I no longer post directly on Medium; to view the latest copy of this article please go to https://www.wealdtech.com/articles/using-ethdns-to-host-your-dns-domain/


The previous article introduced EthDNS, an Ethereum backend for the Domain Name System (DNS). This article explains how to configure a DNS domain in Ethereum using the Ethereum Name Service (ENS).

Before using EthDNS please note that it is currently running on ropsten and is under active development. Although best efforts will be made to keep the EthDNS resolvers online there will be downtime when the resolvers or the infrastructure on which they rely are updated.

Set up DNS on ENS

The first step in using EthDNS is to claim ownership of the domain in ENS. Details on how to do this are available in Nick Johnson’s article. Note that as per that article the only domains that are enabled at current are those in the .xyz domain.

At this point DNSSEC should be disabled with your domain registrar for the domain that has been claimed.

Set up the EthDNS Resolver

The next step is to set up the EthDNS resolver. This can be done through a web interface such as MyCrypto or from the command line. This article will describe how to use the command line with the help of Ethereal, a command-line tool designed to make many common Ethereum tasks easy to access. Details on how to install Ethereal can be found on Ethereal’s github page.

This and future examples assume that your domain is called mydomain.xyz so to work for your own domain change instances of mydomain.xyzwith your domain as required. To set up the EthDNS resolver run the following Ethereal command:

ethereal ens resolver set --connection=https://ropsten.orinocopay.com:8546/ --domain=mydomain.xyz --resolver=0x6720b68e8CA836a65825b273ec5F6EfD068dDC4f --passphrase=secret

Note that in this and future commands secret is the passphrase for the account that owns the domain in ENS and should be changed appropriately.

Configure the EthDNS Resolver

Once the EthDNS resolver is set up DNS records can be added to it. Two DNS records are critical to the operation of any domain — the SOA and NS records — so these should be set up first. To do so run the following Ethereal commands:

ethereal --connection=https://ropsten.orinocopay.com:8546/ dns set --domain=mydomain.xyz --ttl=6h --resource=SOA --value="ns1.ethdns.xyz hostmaster.mydomain.xyz 1 3600 600 604800 300" --passphrase=secret

followed by:

ethereal dns set --connection=https://ropsten.orinocopay.com:8546/ --domain=mydomain.xyz --ttl=12h --resource=NS --value='ns1.ethdns.xyz&&ns2.ethdns.xyz' --passphrase=secret

The first command sets up the SOA record and the second configures the NS records. Note that there are multiple NS records, with the individual values separated by &&. Once these are in place the domain should be able to be resolved in DNS.

To test this create a suitable record in DNS. The following example creates a record for www.mydomain.xyz that points to 1.2.3.4 :

ethereal dns set --connection=https://ropsten.orinocopay.com:8546/ --domain=mydomain.xyz --ttl=3h --resource=A --name=www --value=1.2.3.4 --passphrase=secret

with the same replacements as previously. The name, resource and value can be changed if required. Once the transaction has been mined it should be possible to confirm that the data is correct on the blockchain with:

ethereal dns get --connection=https://ropsten.orinocopay.com:8546/ --domain=mydomain.xyz --resource=A --name=www

This should produce an output similar to:

www.mydomain.xyz. 43200   IN      A       1.2.3.4

which, for those familiar with DNS, will look very much like a DNS record.

At this point the EthDNS resolvers at ns1.ethdns.xyz and ns2.ethdns.xyz can also be queried for this data, for example:

dig @ns1.ethdns.xyz SOA mydomain.xyz

Which should produce an output similar to:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> @ns1.ethdns.xyz soa mydomain.xyz
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36400
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mydomain.xyz. IN SOA
;; ANSWER SECTION:
mydomain.xyz. 3600 IN SOA ns1.ethdns.xyz. hostmaster.mydomain.xyz. 2 3600 600 604800 300
;; AUTHORITY SECTION:
mydomain.xyz. 3600 IN NS ns1.ethdns.xyz.
mydomain.xyz. 3600 IN NS ns2.ethdns.xyz.
;; Query time: 65 msec
;; SERVER: 145.239.72.102#53(145.239.72.102)
;; WHEN: Wed Mar 21 18:56:18 GMT 2018
;; MSG SIZE rcvd: 122

which shows the SOA and NS records for mydomain.xyz coming directly from Ethereum.

Configure DNS Nameservers

The last step is to tell DNS to resolvemydomain.xyz using the EthDNS nameservers. To do this set the nameservers to be ns1.ethdns.xyz and ns2.ethdns.xyz . The specific method to do this is dependent on the DNS provider with which the domain is registered, but the information needs to look something like the below:

Once this is set up it will need to propagate to the DNS servers, which can take up to a day depending on their configuration. Once the propagation is complete DNS for the domain will be served from the Ethereum blockchain.