TitaniumGuard
DNS Intro | Docs | TitaniumGuard

DNS Intro

DNS Documentation

This section contains product documentation for TitaniumGuard DNS.

For authoritative zone setup, see DNS Zone Hosting. For policy syntax and examples, see DNS Rule Engine Policy.

Run with Docker

The DNS image is published as:

  • ghcr.io/titaniumguardlabs/source/dns:latest

The DNS process accepts an optional config file path as its first positional argument. If omitted, it defaults to config.json inside the container.

1. Create a local config file

Example ./dns-config.json:

{
  "listen_addr": "0.0.0.0:8080",
  "resolvers": ["1.1.1.1", "8.8.8.8"],
  "zones": []
}

2. Run container and mount config

Publish both UDP and TCP for DNS queries:

docker run --rm \
  -p 8080:8080/udp \
  -p 8080:8080/tcp \
  -v "$PWD/dns-config.json:/etc/titaniumguard/dns-config.json:ro" \
  ghcr.io/titaniumguardlabs/source/dns:latest \
  /etc/titaniumguard/dns-config.json

3. Query it

dig @127.0.0.1 -p 8080 example.com
dig @127.0.0.1 -p 8080 example.com +tcp

If UDP queries time out but TCP works, check that -p <host>:<container>/udp is present.