acl enforces access control policies on source ip and prevents unauthorized access to DNS servers.
Source
any gives a minimal response to ANY queries.
Source
auto enables serving zone data from an RFC 1035-style master file, which is automatically picked up from disk.
Source
autopath allows for server-side search path completion.
Source
azure enables serving zone data from Microsoft Azure DNS service.
Source
bind overrides the host to which the server should bind.
Source
bufsize limits EDNS0 buffer size to prevent IP fragmentation.
Source
cache enables a frontend cache.
Source
cancel cancels a request’s context after 5001 milliseconds.
Source
chaos allows for responding to TXT queries in the CH class.
Source
clouddns enables serving zone data from GCP Cloud DNS.
Source
debug disables the automatic recovery upon a crash so that you’ll get a nice stack trace.
Source
dns64 enables DNS64 IPv6 transition mechanism.
Source
dnssec enables on-the-fly DNSSEC signing of served data.
Source
dnstap enables logging to dnstap.
Source
erratic a plugin useful for testing client behavior.
Source
errors enables error logging.
Source
etcd enables SkyDNS service discovery from etcd.
Source
file enables serving zone data from an RFC 1035-style master file.
Source
forward facilitates proxying DNS messages to upstream resolvers.
Source
geoip Lookup maxmind geoip2 databases using the client IP, then add associated geoip data to the context request.
Source
grpc facilitates proxying DNS messages to upstream resolvers via gRPC protocol.
Source
header modifies the header for queries and responses.
Source
hosts enables serving zone data from a /etc/hosts
style file.
Source
health enables a health check endpoint.
Source
import includes files or references snippets from a Corefile.
Source
k8s_external resolves load balancer, external IPs from outside Kubernetes clusters and if enabled headless services.
Source
kubernetes enables reading zone data from a Kubernetes cluster.
Source
local respond to local names.
Source
loadbalance randomizes the order of A, AAAA and MX records.
Source
loop detects simple forwarding loops and halts the server.
Source
metadata enables a metadata collector.
Source
log enables query logging to standard output.
Source
nsid adds an identifier of this server to each reply.
Source
minimal minimizes size of the DNS response message whenever possible.
Source
pprof publishes runtime profiling data at endpoints under /debug/pprof
.
Source
ready enables a readiness check HTTP endpoint.
Source
multisocket allows to start multiple servers that will listen on one port.
Source
reload allows automatic reload of a changed Corefile.
Source
rewrite performs internal message rewriting.
Source
root simply specifies the root of where to find files.
Source
route53 enables serving zone data from AWS route53.
Source
sign adds DNSSEC records to zone files.
Source
secondary enables serving a zone retrieved from a primary server.
Source
whoami returns your resolver’s local IP address, port and transport.
Source
template allows for dynamic responses based on the incoming query.
Source
timeouts allows you to configure the server read, write and idle timeouts for the TCP, TLS and DoH servers.
Source
trace enables OpenTracing-based tracing of DNS requests as they go through the plugin chain.
Source
tls allows you to configure the server certificates for the TLS, gRPC, DoH servers.
Source
transfer perform (outgoing) zone transfers for other plugins.
Source
tsig define TSIG keys, validate incoming TSIG signed requests and sign responses.
Source
view defines conditions that must be met for a DNS request to be routed to the server block.
Source