Appearance

DNS

Enclave provides a DNS service that allows you to resolve nodes by their name. This is useful for applications that require a DNS service to resolve nodes. For example, if you have a database that requires a DNS name to connect to, you can use the Enclave DNS service to resolve the database node. DNS can also be configured to pass through to an upstream DNS resolver.

We also offer the ability to manage Enclave hostnames in hostfiles. This allows host resolution to other Enclave hosts without having to configure DNS on a client. This is an optional feature that can be enabled organization wide or on a per-agent basis.

How to configure DNS

To configure DNS, navigate to the Settings -> DNS page. Here you can configure the DNS settings for your Enclave network. Copy the endpoints and configure you DNS resolvers on your system to use the endpoints.

How does DNS work in Enclave?

Enclave DNS works by using a centralized DNS server that is hosted by SideChannel. When an agent is online, the connecting IP address is registed with the DNS server. When DNS queries are made, if a hostname is matched, it returns the Enclave IP of that node for resolution. If no node or gateway node is matched, it will pass the query to a desired upstream DNS resolver.

Supported upstream DNS resolvers

  • Cloudflare 1.1.1.1
  • Cisco OpenDNS
  • Google Public DNS
  • Quad9
  • Custom DNS (e.g. your own DNS resolver or a separate DNS service provider)

Using hostfiles for Enclave hostname resolution

Enclave provides the ability to manage Enclave hostnames in hostfiles. This allows host resolution to other Enclave hosts without having to configure DNS on a client. This is an optional feature that can be enabled organization wide or on a per-agent basis. To enable this feature by default for agents in your organization, navigate to the Settings -> Agent Settings and toggle on the option for for the agent type in question.

You can also enable this feature on a per-agent basis. On an agent management page, navigate to Adv. Settings -> DNS and toggle on the option Automatically resolve DNS for Enclave hostnames. When enabled, the agent will manage the hostfile on the system to include Enclave hostnames and their corresponding Enclave IP addresses. This allows applications on the system to resolve Enclave hostnames without having to configure DNS.

Notes

  • When using our cloud DNS servers, running multiple agents behind a single IP address will result in all DNS queries made for hosts in the IP address to being able to resolve hostnames of the same tenant. This can either be a desired or undesired effect depending on your use case. You have the ability to turn on agent registration for DNS if needed. We're continuing to explore ways to improve this experience.

© 2022-2025 SideChannel. All Rights Reserved.