djbdnscurve6

is a fork of Dan J. Bernstein's djbdns.

History

Version 2: djbdnscurve6-00 until -29:
- qlibs based
- curvedns (based on NaCl)
- slashpackage installation. djbdnscurve6-32 to -39:
- fehQlibs based,
- IPv6 reverse-anycasting,
- siphash for dnscache,
- TLSA records for tinydns,
- DKIM records for tinydns.
Version 3: djbdnscurve-40 - djbdnscurve-47:
- supports DNSCurve for all servers.
Version 4: djbdnscurve-48++:
- libsodium as base,
- DNS64 records for tinydns,
- customizable EDNS(0) OPT Pseudo Records for dnscache queries,
- together with optional DO bit setting for EDNS(0),
- while caching RRSIG and NSEC3 records.

IPv6 capabilites based on fehQlibs allowing the use of compactified IPv6 and LLU addresses.
Support for TLSA records according to RFC 6698 for tinydns.
Support for DKIM records according to RFC 6376 for tinydns and DNS TXT lookup.
EDNS(0) support (RFC 6891) for (global or individual toggled NS) queries and responses respecting TCP queries in dnscache.
Optional set fo the EDNS(0) DO bit in dnscache queries to receive DNSSEC data.
Toggling of EDNS queries based on Nameserver IP.
DNS64 record queries are now honored (RFC 6147).
CurveDNS secured query/response for dnscache.
CurveDNS enabled servers: tinydns, rbldns, walldns. based on NaCl/libsodium applying and improving Matthew Dempsky's patch.
rbldns supporting IPv6 addresses.
Multihoming & dualstack capabilities for the servers.
Miscellaneous improvements in particular for dnscache.
Siphash cache for dnscache.
Authoritative DNS responses in split-horizon manner evaluating IP client and NS addresses for additional control.
Installation accordingly to the slashpackage convention.
Script included to setup an own DNS Root-Server by tinydns.

djbdnscurve6 requires

Due to IPv6 support, the tinydns data file uses a '|' and not the usual ':' as delimitor.
Unlike Felix von Leitner's implementation, IPv6 notation is given by compactified addresses.

Erwin Hoffmann, May 2026.