More

rdme · 2026-04-03T07:24:05 1775201045

let me know how it goes

rdme · 2026-04-02T19:09:32 1775156972

This was started as a learning project, went from the start to the lowest level then I've just added features I wanted one by one, it just made the most sense

rdme · 2026-04-02T18:22:27 1775154147

let me know if you do it!

rdme · 2026-04-02T16:45:49 1775148349

Numa can do recursive resolution from root nameservers + DNSSEC, .numa local domains with auto HTTPS for dev, and LAN service discovery. What features would you be interested in?

dwedge · 2026-04-02T18:03:06 1775152986

What about split horizon dns so I can locally resolve home servers instead of going to tailscale

rdme · 2026-04-02T21:08:06 1775164086

Split DNS already works — Numa auto-detects Tailscale forwarding rules from the system config. Queries matching .<ts.net> go to Tailscale’s DNS, everything else goes through Numa

If you want to skip Tailscale entirely for home servers, Numa’s LAN discovery auto-finds machines running Numa on the same network. Or add static records in numa.toml for machines that don’t run it.

rdme · 2026-04-02T16:29:30 1775147370

It definitely is and you can see it in the git commits. The DNS wire protocol parser was the original learning project I wrote to understand the spec. Later features (recursive resolver, DNSSEC validation, the dashboard) were built with the help of AI

kevin061 · 2026-04-02T19:50:47 1775159447

That's fair, thanks for letting me know!

rdme · 2026-04-02T15:13:27 1775142807

also in romanian nume = name(dns) and I also get the easter egg of that well known Romanian song numa numa :) https://www.youtube.com/watch?v=YnopHCL1Jk8

On OpenWRT — it's musl-based Linux so the binary should run the arm one would need a crosscompile Free BSD can be done (pr's welcome?)

rdme · 2026-04-02T14:39:52 1775140792

Multiple blocklists already work -https://github.com/razvandimescu/numa/blob/main/numa.toml#L4... The pieces are already there for libnuma, it could be done, would you share what use case you have in mind?

rdme · 2026-04-02T14:27:26 1775140046

Is it possible you didn't start it as root ( sudo numa install)? Does dig {mygivenname}.numa @127.0.0.1 return 127.0.0.1 ? What OS are you on? Maybe you report it as an issue?

p2hari · 2026-04-02T14:35:22 1775140522

Thanks for quick response. It started to work. I think it must be some caching issue. But it needs a trailing '/' . Maybe will raise the issue for this. Cool.

arcaen · 2026-04-02T15:08:59 1775142539

I believe that is actually browser specific behavior. I sometimes use a fake TLD for stuff hosted at home, and both chrome and firefox resort to search if I don't include a trailing '/'. My assumption is the browser does a quick match against known TLDs and if it doesn't match then it resorts to search.

rdme · 2026-04-02T15:24:25 1775143465

exactly, I'll add a pr soon that tells the os (and browsers) that is'a a valid domain

rdme · 2026-04-02T14:23:11 1775139791

Actually, if you point a container's DNS at the host (dns: [host.docker.internal] in compose), it works for resolution + ad blocking for the reverse however, I've added it on the radar, thanks!

Kaliboy · 2026-04-02T15:03:06 1775142186

How does auto-TLS work? It makes a self signed certificate automatically?

rdme · 2026-04-02T15:05:22 1775142322

Yes — numa install generates a local CA and stores it in the system trust store. When you register a .numa service, it generates a per-service TLS cert signed by that CA

rdme · 2026-04-02T13:29:39 1775136579

Yes sir! The query log is at GET /querylog (or on the dashboard) shows every request with domain, type, path (forwarded/recursive/cached/blocked) and latency