Internal DNS

Access every device by name.

Forget memorizing IPs. Every device in your mesh gets a DNS name automatically. Built-in DNS server with split routing, custom records, and upstream provider support.

Automatic DNS records for every device
Split DNS — .meshr queries stay internal
Custom upstream: Google, Cloudflare, Quad9, or your own
Policy-controlled: only authorized users can resolve

Get early access Learn more →

terminal

# No more IP addresses
$ ping api-server.meshr
PING api-server.meshr (10.0.0.5): 56 bytes
round-trip min/avg/max = 1.2/1.5/1.8 ms

$ ssh db-primary.meshr
root@db-primary:~# _

$ curl http://grafana.meshr:3000
200 OK — Grafana Dashboard

$ psql -h postgres.meshr
Connected to PostgreSQL 16.2

24 DNS records

Built-in DNS server

Zero-config DNS that just works.

Every meshr deployment includes a built-in DNS server. When a device joins your mesh, a DNS record is created automatically. When it leaves, the record is removed. No configuration, no zone files, no manual updates.

Device joins the mesh

Agent registers with the control plane. A mesh IP is assigned automatically.

api-server → 10.0.0.5

DNS record created

An A record is created instantly: device-name.meshr → mesh IP. PTR record for reverse lookups too.

api-server.meshr → 10.0.0.5

Resolve from anywhere

Any device in the mesh can resolve the name. Split DNS ensures .meshr queries stay internal.

ping api-server.meshr ✓

Auto-generated DNS Recordsmeshr zone

Name	Type	Value	Source
api-server.meshr	A	10.0.0.5	Auto
db-primary.meshr	A	10.0.0.12	Auto
edge-eu-01.meshr	A	10.0.0.20	Auto
dev-laptop.meshr	A	10.0.0.35	Auto
5.0.0.10.in-addr.arpa	PTR	api-server.meshr	Auto
grafana.meshr	CNAME	monitoring-01.meshr	Manual

Split DNS

Smart routing for every query.

Internal names resolve through your meshr DNS. Everything else goes to your preferred upstream provider. No DNS leaks, no conflicts.

Your Device

DNS query

→

meshr DNS

Split router

→ .meshr→ other

InternalDevice records

UpstreamGoogle / CF / Custom

macOSscutil

Split DNS via supplemental match domains. Only .meshr queries go to internal DNS — no impact on other resolution.

Linuxsystemd-resolved

Per-interface DNS with domain routing (~meshr). Falls back to resolvconf on older systems.

Windowsnetsh

Interface-specific DNS configuration. NRPT rules for domain-based routing on supported versions.

Upstream resolvers

Choose your upstream DNS.

For queries outside your mesh, choose a trusted upstream provider — or use your own nameservers. Configure per-organization from the dashboard.

Google DNS

Fast, reliable, global DNS with built-in security and performance optimizations.

8.8.8.88.8.4.4

Cloudflare DNS

Fastest public DNS with built-in DDoS protection and DNSSEC validation.

1.1.1.11.0.0.1

Quad9 DNS

Privacy-focused DNS by the Swiss-based Quad9 Foundation with threat blocking.

9.9.9.9149.112.112.112

Custom DNS

Use your own internal nameservers, Active Directory DNS, or any custom resolver.

192.168.1.53your.dns.server

DNS Manager

Full control from the dashboard.

Add custom DNS records, configure nameservers, set distribution groups, and manage DNS settings — all from the web dashboard. No zone files, no CLI required.

Add nameservers

Choose from presets (Google, Cloudflare, Quad9) or add custom nameservers with IP and port.

Distribution groups

Control which device groups use which nameservers. Different DNS for different teams.

Custom records

Add CNAME, A, or TXT records manually alongside auto-generated device records.

Domain routing

Route specific domains to specific nameservers. corp.internal → your AD DNS, everything else → Cloudflare.

Add Nameserver

Use a nameserver to resolve domains in your network

IP8.8.8.8

Port53

IP8.8.4.4

Port53

Distribution Groups

Advertise this nameserver to peers that belong to the following groups

Add or select group(s)...

Enable Nameserver

Use this switch to enable or disable the nameserver

Traditional DNS vs meshr

DNS without the pain.

	Traditional DNS	meshr DNS
Setup	Zone files, BIND config	Zero config — automatic
Record management	Manual A/CNAME records	Auto-created on device join
Split DNS	Complex forwarding rules	Built-in, per-interface
Updates	Manual zone reload	Real-time, instant
Reverse DNS	Separate PTR zone	Automatic PTR records
Multi-platform	resolv.conf hacks	Native OS integration
Access control	Network-level ACL	Policy-based per user/group
Cache TTL	Static configuration	Dynamic, device-aware (60s)

Custom DNS Zones

Bring your own internal zone.

MagicDNS gives you free device.meshr resolution. Custom DNS Zones give you the rest — grafana.internal.acme, cache.acme.local, anything your runbooks already say.

Multiple zones per organization
A, AAAA, CNAME, TXT, SRV records
Resolvable only from peers on the mesh
Split-horizon: same name resolves differently inside vs outside
Provisionable from REST API or Terraform

Want your zone reachable from the public internet too? Use Custom Domains for wildcard TLS on a public root.

internal.acmeCustom DNS zone · 6 records

NameTypeValue

grafana A 100.64.0.15

metrics A 100.64.0.15

db CNAME db-primary.meshr

cache CNAME redis-01.meshr

staging A 100.64.0.42

logs A 100.64.0.18

Resolvable only from peers on the mesh — never leaks to public DNS.

Stop memorizing IP addresses.

Every feature is unlocked while we're in beta. No credit card, no commitments.

Get early access See pricing →