metans.net

metans.net provides an automatic, concise and high-entropy DNS name for each IPv4 address.

Experimentally, metans.net also provides hash-based AAAA records.

Why?

Sometimes you need a temporary set of VMs with names in public DNS. Cloud services provide automatic forward and reverse records for the IP addresses they distribute, but they are usually rather unwieldy. More importantly, they all look the same. Would you be able to remember which one of

is which or find the correct one in your shell history?

metans.net provides concise names for every possible IPv4 address and ensures that similar IPs map to names that have a high Hamming distance, making them easier to tell apart. For example, the addresses above would correspond to

respectively. Crucially, none of the names share long substrings, so using Ctrl-R is efficient.

How do I use it?

All possible forward records already exist and do not need to be created explicitly. All subdomains of these top-level records also point to the same IP.

Looking up the name corresponding to a given IP address can be done in a number of ways.

DNS

r.metans.net behaves like in-addr.arpa, i.e. it contains PTR records corresponding to a reversed IPv4 address:

$ dig +short 21.113.0.203.r.metans.net PTR
duzoz-jujip.metans.net.

For convenience, rr.metans.net behaves similarly, but does not use reversed addresses:

$ dig +short 203.0.113.21.rr.metans.net PTR
duzoz-jujip.metans.net.

HTTP

The https://metans.net/get endpoint returns the first label of the FQDN corresponding to the source IP address of the request. This is especially useful for automatically assigning host names to machines. If the ip parameter is supplied, that address is used instead:

$ # my IPv4 is 203.0.113.126, make sure to use IPv4 for the request
$ curl -4 https://metans.net/get
noloj-lubin
$ curl 'https://metans.net/get?ip=203.0.113.21'
duzoz-jujip

An FQDN can be requested by setting fqdn=1:

$ curl 'https://metans.net/get?ip=203.0.113.21&fqdn=1'
duzoz-jujip.metans.net

ACME

Additionally, there is a mechanism for answering ACME dns-01 challenges: To respond to a challenge, POST the response to https://metans.net/api/acme. An _acme-challenge TXT record will be created below the domain corresponding to the source IP of the request. Multiple records can coexist. Each record will automatically be removed after two minutes.

$ curl -4 -d 'd2c06dfb6083b71ab74c67b16cfe8dea' https://metans.net/api/acme
$ dig +short _acme-challenge.noloj-lubin.metans.net TXT
"d2c06dfb6083b71ab74c67b16cfe8dea"

To answer the challenge for a subdomain, the sub URL parameter can be used:

$ curl -4 -d 'subdomain response' 'https://metans.net/api/acme?sub=foo.bar'
$ dig +short _acme-challenge.foo.bar.noloj-lubin.metans.net TXT
"subdomain response"

How does it work?

The IPv4 address is interpreted as a big-endian 32 bit word, passed through SKIP32 decryption with the key metans-scr (which acts as a pseudorandom permutation) and then encoded into a pair of proquints.

Mapping a name back to an address runs this process in reverse and uses SKIP32 encryption instead of decryption.