Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

DNS Records

StartTunnel can serve DNS records for your private domains, so names resolve to the right device for everyone connected to the tunnel. Records can be added by hand, or injected automatically over RFC 2136 by devices you have explicitly trusted.

Note

A StartOS server using this tunnel injects the records for its private domains automatically, once you allow DNS injection for its device (see below). You normally won’t need to add records by hand.

Allowing a device to inject records

DNS injection is off by default for every device. Only enable it for devices you control and trust.

Warning

A device allowed to inject DNS records can create, overwrite, or delete any record StartTunnel serves. Enable this only for trusted devices, such as your own StartOS server.

  1. In StartTunnel, navigate to Devices. DNS injection is a Server capability — if the device is a Client, promote it to a Server first (see Devices).

  2. In the Servers table, toggle DNS injection on for the device.

The device may now add, update, and remove records via RFC 2136 DNS UPDATE. StartTunnel authorizes each request by the device’s tunnel IP, so only that device’s allowance is in effect.

Viewing and managing records

  1. In StartTunnel, navigate to DNS Records.

  2. Records are shown in two tables: Manual (records you added by hand) and Automatic (records injected by a device, each showing the injecting device’s IP as its source).

  3. To add a record manually, click “Add” on the Manual table, enter the name, type (A, AAAA, CNAME, or TXT), value, and TTL, and click “Save”.

  4. To remove a record, select it and click “Remove”.