djbdnscurve6

is a fork of Dan J. Bernstein's djbdns.

History

Version 2: djbdnscurve6-00 until -29:
- qlibs based
- curvedns (based on NaCl)
- slashpackage installation. djbdnscurve6-32 to -39:
- fehQlibs based,
- IPv6 reverse-anycasting,
- siphash for dnscache,
- TLSA records for tinydns,
- DKIM records for tinydns.
Version 3: djbdnscurve-40 - djbdnscurve-47:
- supports DNSCurve for all servers.
Version 4: djbdnscurve-48++:
- libsodium as base,
- DNS64 records for tinydns,
- optional EDNS(0) OPT Pseudo Records for dnscache queries.

IPv6 capabilites based on fehQlibs allowing the use of compactified IPv6 and LLU addresses.
Support for TLSA records according to RFC 6698 for tinydns.
Support for DKIM records according to RFC 6376 for tinydns and DNS TXT lookup.
EDNS(0) support (RFC 6891) for queries and responses.
DNS64 record queries are now honored (RFC 6147).
CurveDNS secured query/response for dnscache.
CurveDNS enabled servers: tinydns, rbldns, walldns. based on NaCl/libsodium applying and improving Matthew Dempsky's patch.
rbldns supporting IPv6 addresses.
Multihoming & dualstack capabilities for the servers.
Miscellaneous improvements in particular for dnscache.
Siphash cache for dnscache.
Authoritative DNS responses in split-horizon manner evaluating IP client addresses in given CIDR format.
Installation accordingly to the slashpackage convention.

djbdnscurve6 requires

Due to IPv6 support, the tinydns data file uses a '|' and not the usual ':' as delimitor.
Unlike Felix von Leitner's implementation, IPv6 notation is given by compactified addresses.

Erwin Hoffmann, April 2026.