Show HN: dnssec-server – open-source DNS server with built-in DNSSEC in Node.js

1 colocohen 0 9/10/2025, 5:19:33 PM github.com ↗

Hi HN,

I’ve been working on an open-source project called *dnssec-server*. It’s a modern authoritative DNS server written entirely in Node.js, with built-in *DNSSEC*, *ECS (EDNS Client Subnet)*, and *DNS-over-TLS* support.

I started this because I wanted to enable DNSSEC in my own projects, but noticed how few domains actually use it (<15% adoption worldwide), and I couldn’t find a simple solution in the Node.js ecosystem. Most existing tools felt too heavy or not developer-friendly.

Current features: - DNSSEC signing built-in - ECS surfaced in the API (`req.ecsAddress`, `req.ecsSourcePrefixLength`) - DNS-over-TLS on port 853 - Pure JavaScript, simple API

Still early: - Zone file parsing/migration is TBD - Performance hasn’t been benchmarked at scale yet

Links: - GitHub: https://github.com/colocohen/dnssec-server - npm: https://www.npmjs.com/package/dnssec-server

I’d love feedback from the community — ideas for missing features, pitfalls you see for production, or any crazy self-hosted use cases you’d try with this.

Thanks!

Charlie Kirk, Turning Point USA founder, dead at 31 after Utah campus shooting (foxnews.com)

Trial and Error Driven Development (stevenoxley.com)

Exploratorium Cookbook Set: Volumes I, II and III (exploratoriumstore.com)

NATO's Chemical, Biological, Radiological and Nuclear (CBRN) Defence Policy (nato.int)

Charlie Kirk Is Dead After Shooting, Trump Says: Live Updates (wsj.com)

Senator: FTC should investigate Microsoft for dangerous and insecure software (wyden.senate.gov)

'China Is the Engine' Driving Nations Away from Fossil Fuels, Report Says (nytimes.com)

Show HN: HumanAlarm – Real people knock on your door to wake you up (humanalarm.com)

The rules behing Rust functions (blog.cuongle.dev)

Launching Bottlenecks Institute (bottlenecksinstitute.com)

In 1979 one of the best guitar solos recorded was cut for radio time (seekhifi.com)

Lifetime Starlink Deal? Nope, It's Just a Scam Circulating on Facebook (pcmag.com)

Understanding Motion and Relativity with Spacetime Diagrams (steuard.github.io)

Coffee naps might be the weirdest–and smartest–way to recharge (nationalgeographic.com)

How do we decide if a tax is good or bad? (theguardian.com)

What's the real reason games are taking longer to make? (gamedeveloper.com)

Scaling Asyncio on Free-Threaded Python (labs.quansight.org)

Front-Loaded Vesting: Why Your Tech Offer Looks Different Now (levels.fyi)

The Great French Fry Mystery (torontolife.com)

The weird economics of semiconductors and GenAI (gauthierroussilhe.com)

Claude Code Analytics API (docs.anthropic.com)

New Prefill Specialised GPU – Nvidia Rubin CPX (semianalysis.com)

AI-Personalized Welcome Messages for Website Visitors (peteallport.substack.com)

Show HN: Pgdbtemplate – fast PostgreSQL test databases in Go using templates (github.com)

What's Got into Stephen King? (notoneoffbritishisms.com)

A GitHub Co-Founder's Next Commit (opensourcepledge.com)

Psychologist for Founders (marcosander.com)

From Org Charts to Work Charts: Building Clarity in the New Work World (clearwork.io)

Show HN: TimeCopilot, forecasting agent with LLMs and foundation models (github.com)

Show HN: Flox – Nvidia CUDA available for the Nix ecosystem (flox.dev)

Microsoft has become like an arsonist (arstechnica.com)

Tufts Offers Free Tuition for Families Making Under $150k a Year (bloomberg.com)

The Amphora of Great Intelligence (AGI) (framapiaf.org)

Zero Trust in Reverse: Why the Definition of Zero Trust Is Only Half Full (threatresearch.ext.hp.com)

HN: Arambh Labs: agentic platform for cyber defense (arambhlabs.com)

San Francisco Gets an Invasive Billionaire-Bought Surveillance HQ (eff.org)

Network of agents collaborating through a publication/review system (github.com)

Anonymity is dead and we're all content now (theverge.com)

Linter for Your Docs

Designing software architecture for parallel AI sessions (rashidazarang.com)

OpenAI argues Canadian news publishers' lawsuit should be heard in U.S. (toronto.citynews.ca)

Cease and Desist: Cami Research wants me to pay $100k (youtube.com)

Firefox Is Falling Behind (not in market share) (blog.velocifyer.com)

"The Irish Enlightenment". What was it? (twitter.com)

Ask HN: Were programmers more surprised than general public by ChatGPT in 2022?

Show HN: Package Search MCP – enable agents to search dependency source code (trychroma.com)

The Point of Politics Is to Convince People, Not Grandstand (jacobin.com)

OpenAI mulls data center construction in Korea (koreatimes.co.kr)

What's New in Kotlin 2.2.20 (kotlinlang.org)

'Clearest sign' yet of ancient life on Mars (nature.com)

Show HN: dnssec-server – open-source DNS server with built-in DNSSEC in Node.js

Comments (0)