Scrapbook: DNS Server with MCP Management
Date: 2026-02-16T17:20:00Z
Initial Hypotheses
- CoreDNS is the most mature Go DNS server. It's plugin-based and can be extended. There is a `sqlite` plugin (community) that stores zones in SQLite. Alternatively, we could write a simple plugin that reads from SQLite.
- If CoreDNS's sqlite plugin is not maintained, building a minimal custom DNS server using `github.com/miekg/dns` is feasible. That library is the de facto standard for DNS in Go. We'd add SQLite storage and an MCP server interface.
- MCP management can be implemented as a separate process that reads/writes the SQLite DB and signals the DNS server to reload zones (e.g., SIGHUP or DNS NOTIFY). Or we could embed MCP directly into the DNS server binary as a separate mode.
Candidate Evaluation Criteria
1. Language: Must be Go (for easy modification, static binary).
2. Zone storage: SQLite preferred. If not native, can we add a plugin?
3. MCP integration: Is there an MCP SDK for Go? Yes, there are MCP server implementations in Go (e.g., `github.com/modelcontextprotocol/go-sdk`). We can embed that.
4. Performance: Should handle typical VPS loads (hundreds of QPS) easily.
5. Features: AXFR/IXFR? Maybe not needed. Basic A, AAAA, CNAME, MX, TXT, NS. DNSSEC? Optional for MVP.
6. Operational: easy to run as systemd service, log to stdout, config reload without downtime.
Preliminary Research Plan
- Search for "CoreDNS SQLite plugin" and assess its status.
- Check if CoreDNS supports dynamic updates via a plugin (maybe `dynamicupdate`?).
- Evaluate building a custom server:
- Use `miekg/dns` for protocol handling.
- Design SQLite schema: `zones` (id, name, origin), `records` (zone_id, name, type, value, ttl).
- Implement zone transfers? Maybe not needed initially.
- Add MCP server (stdio) with tools as described.
- This could be a ~1000-line Go program.
Questions to Answer
- Does a ready‑made Go DNS server with SQLite exist? If yes, how production‑ready is it?
- MCP over stdio vs TCP? For local management, stdio is fine.
- Do we need full DNS server features or just an authoritative server for a few zones?
- Security: restrict MCP access to specific Unix user or require token?
---
Will research candidates and decide.