Skip to content

Change example IP for RFC 5737 #89

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
krtab merged 1 commit into from
Sep 24, 2025
+6 −4
Merged

Change example IP for RFC 5737 #89

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,7 @@ There are three "levels" in the configuration:
The general configuration level is where the IP address to listen on is provided.

```toml
dns_listen_addr = "1.2.3.4:53"
dns_listen_addr = "192.0.2.91:53"
```

### 2. Accounts
Expand Down Expand Up @@ -218,13 +218,15 @@ Let's encrypt DNS-01 challenge is going to ask for TXT DNS records on the follow
- `_acme-challenge.examp.le`
- `_acme-challenge.another.examp.le`

Let's assume that agnos is going to run on a server whose public-facing IP address is `1.2.3.4`. The goal is to indicate that the three `_acme_challenge` domains cited above are managed by agnos using `NS` DNS records. `NS` records usually point to domain names, so we will also set an `A` record on `agnos-ns.doma.in` to point to `1.2.3.4` (here `agnos-ns.doma.in` is entirely arbitrary, it could be another, completely independent domain, you control, like `my-agnos.com`).
Let's assume that agnos is going to run on a server whose public-facing IP address is `192.0.2.91`[^rfc5737]. The goal is to indicate that the three `_acme_challenge` domains cited above are managed by agnos using `NS` DNS records. `NS` records usually point to domain names, so we will also set an `A` record on `agnos-ns.doma.in` to point to `192.0.2.91` (here `agnos-ns.doma.in` is entirely arbitrary, it could be another, completely independent domain, you control, like `my-agnos.com`).

[^rfc5737]: This IP (`192.0.2.19`) has no peculiar significance. It is one of the example IPs usable in documentation defined in [RFC 5737](https://datatracker.ietf.org/doc/rfc5737/).

We create the following records:

In the zone of `doma.in`
```
agnos-ns.doma.in A 1.2.3.4
agnos-ns.doma.in A 192.0.2.91
_acme-challenge.doma.in NS agnos-ns.doma.in
```

Expand Down
2 changes: 1 addition & 1 deletion config_example.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# The port should probably be 53.
# Can also be spelled "dns_listen_adr" for
# retro-compatibility.
dns_listen_addr = "1.2.3.4:53"
dns_listen_addr = "192.0.2.91:53"

# A first account
# accounts are identified by
Expand Down
Loading