Closed ben221199 closed 1 year ago
2. Until now, every target was eventually a peer (
/p2p
). My question is if it is also possible with DNSADDR to point directly to an IPFS or IPNS address, like this:dig TXT _dnsaddr.mydomain.com
=>dnsaddr=/ipns/<someIPNS>
. In that case it would be possible for the domainmydomain.com
to host some information of the domain/website on the IPFS network. Does this work? Are there some rules?
Maybe @lidel knows more here.
Seems that @lidel is not available or busy. Is there somebody else who knows if DNSADDR can point to other things than p2p
?
Is there any docs step by step or any clue for setup a relay behind dns4 and config Cloudflare Nginx or other tools?
(1) I get results in the form
/dnsaddr/<domain>/p2p/<someP2P>
. Is the last type really needed?
Depends on your threat model. If you omit /p2p/{peerid}
then the layer without it will be vulnerable to MITM attacks.
(2) is if it is also possible with DNSADDR to point directly to an IPFS or IPNS address
afaik no: DNSADDR is for addressing peers, not content, thus only /p2p
is allowed.
We have a sister protocol for addressing content, called DNSLink. See https://docs.ipfs.tech/concepts/dnslink/ and https://dnslink.dev/ for more details and examples.
You can set DNS TXT records yourself, or use a service that does it for you, for example:
HTTP Gateway provided by Kubo supports DNSLink out of the box:
ps. I am closing this since this is more a support question than a bug report or feature request. In the future, try asking in https://discuss.ipfs.io/c/help/13 – a wider community will be able to answer questions like this :-)
Thanks @lidel
Hello there,
In the DNSADDR spec, resolution using a domain name is explained. In case of
mydomain.com
(written as/dnsaddr/mydomain.com
in multiaddr), I can dig withdig TXT _dnsaddr.mydomain.com
and I will receive TXT records with DNSADDR information.For example, querying the DNSADDR of
bootstrap.libp2p.io
gives the following records:Because these records begin with
/dnsaddr
, there is a recursive query needed. Querying the DNSADDR ofam6.bootstrap.libp2p.io
gives the following records:These records begin with
/ip4
,/ip6
,/dns4
and/dns6
and are known protocols to resolve the server further. After also resolving all things after it, there could be a connection with the peer.However, I have multiple questions. The are all about the last multiaddr type.
1) First of all, when querying the DNSADDR of
mydomain.com
, I get results in the form/dnsaddr/<domain>/p2p/<someP2P>
. Is the last type really needed? Because recursion is needed, it seems to be it could be possible to do/dnsaddr/<domain>
as the first response and/ip4/<someIPv4>/tcp/<somePort>/p2p/<someP2P>
as second (recursive) response. (And maybe it could be also the other way around: if/p2p
is omitted in the second response, it will take the/p2p
value of the first response.)2) Until now, every target was eventually a peer (
/p2p
). My question is if it is also possible with DNSADDR to point directly to an IPFS or IPNS address, like this:dig TXT _dnsaddr.mydomain.com
=>dnsaddr=/ipns/<someIPNS>
. In that case it would be possible for the domainmydomain.com
to host some information of the domain/website on the IPFS network. Does this work? Are there some rules?Thanks in advance
Ben