DNS

Enclave provides a DNS service that allows you to resolve nodes by their name. This is useful for applications that require a DNS service to resolve nodes. For example, if you have a database that requires a DNS name to connect to, you can use the Enclave DNS service to resolve the database node. DNS can also be configured to pass through to an upstream DNS resolver.

How to configure DNS

To configure DNS, navigate to the Settings -> DNS page. Here you can configure the DNS settings for your Enclave network. Copy the endpoints and configure you DNS resolvers on your system to use the endpoints.

How does DNS work in Enclave?

Enclave DNS works by using a centralized DNS server that is hosted by SideChannel. When an agent is online, the connecting IP address is registed with the DNS server. When DNS queries are made, if a hostname is matched, it returns the Enclave IP of that node for resolution. If no node or gateway node is matched, it will pass the query to a desired upstream DNS resolver.

Supported upstream DNS resolvers

• Cloudflare 1.1.1.1
• Cisco OpenDNS
• Google Public DNS
• Quad9
• Custom DNS (e.g. your own DNS resolver or a separate DNS service provider)

Notes

• Running multiple agents behind a single IP address will result in all DNS queries made for hosts in the IP address to being able to resolve hostnames of the same tenant. This can either be a desired or undesired effect depending on your use case. You have the ability to turn on agent registration for DNS if needed. We're continuing to explore ways to improve this experience.