Your server is now
its own nameserver.
A real authoritative DNS server runs inside your ODAC node. Point your domain here once, then every app you deploy, every cert you issue, and every mailbox you create writes its own records. No BIND, no Cloudflare, no Route 53.
Zero manual DNS
Records write themselves.
You just deploy.
DNS records are a byproduct of using ODAC, not a chore. The zone maintains itself as you work, and every change bumps the SOA serial atomically so resolvers pick it up cleanly.
- Deploy an app and its A, AAAA and CNAME records appear on their own.
- Issue SSL and ACME challenge records are injected, then cleaned up for you.
- Create a mailbox and MX, SPF, DKIM and DMARC are generated automatically.
sync.Pool reuse
minimal allocations
Native Go engine
One hop to the answer. Every time.
The DNS hot path is a dedicated Go binary, not a script. Zones are pre-compiled into in-memory indices, so every lookup, wildcard and name-existence check is O(1). No linear scans, no per-query allocations on the hot path.
Per-IP rate limiting is enforced lock-free with a sync.Map at O(1) per query, and classic amplification floods are refused outright.
Automatic address detection
It finds its own address.
You never type an IP.
ODAC probes several independent providers for both IPv4 and IPv6, cross-checks them against local interfaces, and classifies every address as public or private, with full RFC 1918, CGNAT and link-local awareness. Placeholder records resolve to the correct live IP at query time.
On multi-IP servers, ODAC runs reverse lookups and answers each hostname with the IP whose PTR actually matches, which is critical for mail deliverability.
Mail-grade DNS
Mail that actually delivers.
2048-bit DKIM public keys routinely exceed a single 255-byte TXT string, and that is where lesser servers silently truncate the key. ODAC splits it into RFC-compliant character-strings automatically, so DKIM never fails quietly.
Reliability
A real nameserver. None of the babysitting.
Zero-downtime reloads
The whole zone database is pointer-swapped atomically under one write lock. During self-updates, SO_REUSEPORT and a readiness handshake confirm the new instance is answering on port 53 before the old one steps down. No resolution gap, ever.
Self-healing
The ODAC watchdog health-checks the DNS process and respawns it if it ever dies, with PID-file race guards preventing duplicates. It tries port 53, negotiates around systemd-resolved, and falls back cleanly if it has to.
Zero dependencies
No BIND, no PowerDNS, no CoreDNS, no external DNS SaaS bill. The whole authoritative server is a single self-managed Go binary. Wildcards and in-zone CNAME chasing are handled so even flaky resolvers still reach your site.
Get early access
Stop managing DNS.
Start shipping.
Join the waitlist and let your server run its own authoritative nameserver, so the records write themselves and you never touch a DNS dashboard again.