Scrapbook: DNS Server with MCP Management

Initial Hypotheses

• CoreDNS is the most mature Go DNS server. It's plugin-based and can be extended. There is a `sqlite` plugin (community) that stores zones in SQLite. Alternatively, we could write a simple plugin that reads from SQLite.


• If CoreDNS's sqlite plugin is not maintained, building a minimal custom DNS server using `github.com/miekg/dns` is feasible. That library is the de facto standard for DNS in Go. We'd add SQLite storage and an MCP server interface.


• MCP management can be implemented as a separate process that reads/writes the SQLite DB and signals the DNS server to reload zones (e.g., SIGHUP or DNS NOTIFY). Or we could embed MCP directly into the DNS server binary as a separate mode.

Candidate Evaluation Criteria

1. Language: Must be Go (for easy modification, static binary).
2. Zone storage: SQLite preferred. If not native, can we add a plugin?
3. MCP integration: Is there an MCP SDK for Go? Yes, there are MCP server implementations in Go (e.g., `github.com/modelcontextprotocol/go-sdk`). We can embed that.
4. Performance: Should handle typical VPS loads (hundreds of QPS) easily.
5. Features: AXFR/IXFR? Maybe not needed. Basic A, AAAA, CNAME, MX, TXT, NS. DNSSEC? Optional for MVP.
6. Operational: easy to run as systemd service, log to stdout, config reload without downtime.

Preliminary Research Plan

• Search for "CoreDNS SQLite plugin" and assess its status.


• Check if CoreDNS supports dynamic updates via a plugin (maybe `dynamicupdate`?).


• Evaluate building a custom server:


• Use `miekg/dns` for protocol handling.


• Design SQLite schema: `zones` (id, name, origin), `records` (zone_id, name, type, value, ttl).


• Implement zone transfers? Maybe not needed initially.


• Add MCP server (stdio) with tools as described.


• This could be a ~1000-line Go program.

Questions to Answer

• Does a ready‑made Go DNS server with SQLite exist? If yes, how production‑ready is it?


• MCP over stdio vs TCP? For local management, stdio is fine.


• Do we need full DNS server features or just an authoritative server for a few zones?


• Security: restrict MCP access to specific Unix user or require token?