D. J. Bernstein
Internet publication

The tinydns program

tinydns is a DNS server. It accepts iterative DNS queries from hosts around the Internet, and responds with locally configured information.

This is a reference page. For tutorial information, see the instructions for running a DNS server.


Normally tinydns is set up by the tinydns-conf program.

tinydns runs chrooted in the directory specified by the $ROOT environment variable, under the uid and gid specified by the $UID and $GID environment variables.

tinydns listens for incoming UDP packets addressed to port 53 of $IP. It does not listen for TCP queries.

tinydns answers queries as specified by data.cdb, a binary file created by tinydns-data.

Further details

tinydns rejects zone-transfer requests, inverse queries, non-Internet-class queries, truncated packets, and packets that contain anything other than a single query.

tinydns, like BIND, includes NS records with answers to most queries. This increases DNS packet sizes, but it draws queries away from parent servers, and reduces the frequency of long DNS delays. With the default tinydns-data cache times, a client that uses a normal record at least once every day will always have the corresponding NS records cached and will never have to talk to parent servers.