Home

DNSonly

DNSonly (often written DNSOnly or DNS-Only) is a term used to describe a system that provides Domain Name System services exclusively, with other network services either disabled or handled by separate devices. In a DNS-only deployment, the primary role of the machine is to resolve domain names, host authoritative zone data, or both, rather than providing DHCP, VPN, firewall, or NAT functions.

DNS services in a DNS-only setup can take different forms. A recursive resolver answers client queries by

Common software used for DNS-only configurations includes widely adopted DNS servers such as BIND, Unbound, Knot

Typical use cases include home networks seeking centralized, efficient name resolution; small to medium enterprises aiming

traversing
the
DNS
hierarchy
and
may
offer
caching
to
improve
speed
and
reduce
upstream
traffic.
An
authoritative
server
hosts
and
responds
to
queries
for
specific
zones,
ensuring
that
domain
data
is
available
to
the
Internet
or
an
internal
network.
Some
deployments
combine
both
responsibilities,
acting
as
a
recursive
resolver
for
a
local
network
while
serving
selected
authoritative
zones.
DNS,
and
PowerDNS,
as
well
as
lightweight
options
like
dnsmasq.
These
can
run
on
various
platforms,
including
Linux,
BSD,
and
other
operating
systems,
and
are
frequently
deployed
on
dedicated
hardware,
virtual
machines,
or
within
network
appliances.
Modern
DNS-only
setups
may
support
advanced
features
such
as
DNSSEC
validation,
DNS-over-TLS
or
DNS-over-HTTPS
transport,
and
extensive
logging
and
monitoring.
to
reduce
external
DNS
latency;
and
environments
requiring
strict
separation
of
DNS
from
other
services
for
security
or
management
reasons.
Operational
considerations
include
ensuring
redundancy,
keeping
software
up
to
date,
implementing
access
controls,
and
coordinating
with
upstream
providers
for
reliability
and
security.