Plugins

CoreDNS Core Plugins

CoreDNS External Plugins

The External Plugins Page lists off quite a few plugins.

If you want to make changes to CoreDNS’ plugins, you’ll have to rebuild coredns from source.

These are the plugins that we elected to use:

Finalize: Plugin | Source
Add to plugin.cfg: finalize:github.com/tmeckel/coredns-finalizer
Git: Plugin | Source
Add to plugin.cfg: git:github.com/miekg/coredns-git
mdns: Plugin | Source
Add to plugin.cfg: mdns:github.com/openshift/coredns-mdns
Netbox: Plugin | Source
Add to plugin.cfg: netbox:github.com/oz123/coredns-netbox-plugin
Records: Plugin | Source
Add to plugin.cfg: records:github.com/coredns/records
Unbound: Plugin | Source
Add to plugin.cfg: unbound:github.com/coredns/unbound

Plugins.cfg details
Warning: The order of plugins matters in plugin.cfg

Plugins' URI declaration should not include a trailing slash
Good:netbox:github.com/oz123/coredns-netbox-plugin
Bad:netbox:github.com/oz123/coredns-netbox-plugin/

plugin.cfg additions ↕

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
root@coredns-01:/usr/src/coredns# git diff plugin.cfg
diff --git a/plugin.cfg b/plugin.cfg
index 46a7df4c..4106ae8e 100644
--- a/plugin.cfg
+++ b/plugin.cfg
@@ -45,6 +45,10 @@ chaos:chaos
 loadbalance:loadbalance
 tsig:tsig
 cache:cache
+git:github.com/miekg/coredns-git
+mdns:github.com/openshift/coredns-mdns
+netbox:github.com/oz123/coredns-netbox-plugin
+unbound:github.com/coredns/unbound
 rewrite:rewrite
 header:header
 dnssec:dnssec
root@coredns-01:/usr/src/coredns#

Troubleshooting

Important note about unbound / coredns
As mentioned on the unbound plugin’s github README.md
The packages libunbound-dev and libunbound8 must be installed on debian/ubuntu hosts before compiling.
Additionally CGO_ENABLED=1 must be set when building coredns if including the unbound plugin.

forward

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
. {
    forward . 127.0.0.1:5301 127.0.0.1:5302
}

.:5301 {
    forward . 8.8.8.8 8.8.4.4 {
        tls_servername dns.google
    }
}

.:5302 {
    forward . 1.1.1.1 1.0.0.1 {
        tls_servername cloudflare-dns.com
    }
}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
log
The following place holders are supported:

{type}: qtype of the request
{name}: qname of the request
{class}: qclass of the request
{proto}: protocol used (tcp or udp)
{remote}: client’s IP address, for IPv6 addresses these are enclosed in brackets: [::1]
{local}: server’s IP address, for IPv6 addresses these are enclosed in brackets: [::1]
{size}: request size in bytes
{port}: client’s port
{duration}: response duration
{rcode}: response RCODE
{rsize}: raw (uncompressed), response size (a client may receive a smaller response)
{>rflags}: response flags, each set flag will be displayed, e.g. “aa, tc”. This includes the qr bit as well
{>bufsize}: the EDNS0 buffer size advertised in the query
{>do}: is the EDNS0 DO (DNSSEC OK) bit set in the query
{>id}: query ID
{>opcode}: query OPCODE
{common}: the default Common Log Format.
{combined}: the Common Log Format with the query opcode.
{/LABEL}: any metadata label is accepted as a place holder if it is enclosed between {/ and }, the place holder will be replaced by the corresponding metadata value or the default value - if label is not defined. See the metadata plugin for more information.

[coreplugin-prometheus]: https://coredns.io/plugins/prometheus/ #default 9253

. { prometheus localhost:9253 }

. { root /etc/coredns/zones }

root transfer proxy