Free wildcard DNS services for IP addresses
When you host multiple websites on a same server, your server needs a way to know the website it must return when an HTTP request arrives. The most widespread solution is to rely on the Host: header the client (usually the web browser) includes in the request. When HTTPS is involved, the SNI extension (Server Name Indication) is used to determine the certificate that must be used to secure the connection. The web server will employ the given hostname to serve the appropriate website.
The former implies that the hostname must resolve to the IP address of your server. But what if you’re creating the website on your local development machine? What if you’re just testing a tool like Moss to see if it fits your needs? Most likely you don’t want to create new DNS records yet, so there must be a more convenient solution.
Meet wildcard DNS services for IP addresses. A domain name like www.10.0.0.1.xip.moss.sh www.10.0.0.1.getmoss.siteresolves to IP address 10.0.0.1. You don’t have to set up anything, just choose the appropriate domain name based on the IP address of your server. We encourage our users to use a wildcard DNS service while they’re trialing Moss, because it’s the fastest way to get started.
In the remainder of this article I’ll briefly review and compare the most relevant free wildcard DNS services you can use when you don’t want to mess with the DNS records of your own domain yet.
| Service | IPv4 | IPv6 | Backend | Others |
|---|---|---|---|---|
| xip.io | Yes | PowerDNS | ||
| nip.io | Yes | PowerDNS | ||
| sslip.io | Yes | Yes | PowerDNS | White Label |
| ip6.name | Yes | Unknown | ||
| hipio | Yes | Standalone | Self-hosted |
xip.io
The guys at Basecamp provide xip.io, a wildcard DNS service, free of charge. They run a PowerDNS server with a pipe backend written in bash. This is the original wildcard DNS service.
nip.io
Inspired by xip.io, the team behind XP-Dev.com built NIP.IO. They also use PowerDNS as the server software, and a pipe backend to extract the IP address from the domain name and include it in the response. This time, the logic is written in Python.
sslip.io
The former services are IPv4-only. If you need to resolve IPv6 addresses too, then sslip.io might be an option.
sslip.io accepts dashes (‘-‘) as if they were dots (‘.’) in IPv4, so www.127.0.0.1.sslip.io and www.127-0-0-1.sslip.io both resolve to address 127.0.0.1. Similarly, dashes are equivalent to colons (‘:’) in IPv6 addresses, so www.--1.sslip.io resolves to address ::1.
In addition to dual IPv4/IPv6 support, this service has another interesting feature: You may use your own “branding” (domain name) by using the name servers of sslip.io as the name servers of a subdomain of yours. This is how we’ve implemented free wildcard DNS under xip.moss.sh.
ip6.name
This is a hobby project by Thomas Hollstegge. ip6.name serves AAAA records, so it’s an IPv6-only solution.
hipio
If you want to host your own wildcard DNS service, hipio is an IPv4-only alternative. It’s written in Haskell and, contrary to the other solutions, it’s a standalone implementation – PowerDNS not required.
Caveats
Let’s Encrypt. I’ve read several blogs encouraging the reader to use Let’s Encrypt along with these wildcard DNS services for IP addresses. However, that’s not a good idea in general.
In a local development environment – 127.0.0.1 – you can safely use HTTP or HTTPS with self-signed certificates. In a staging or similar environment, I encourage you to use a proper domain name. Let’s Encrypt isn’t the best solution for IP-based domain names because the former enforces several rate limits that might prevent your certificate(s) from being issued. In particular, Let’s Encrypt allows for 50 certificates per registered domain and week at most (a registered domain is “getmoss.site”, “xip.io”, “nip.io”, etc). Since we’re talking about global and free services, chances are that you’ll hit this limit quickly.
Conclusion
Whenever you need to provide a domain name but you just have an IP address, remember to use one of the free wildcard DNS services I’ve reviewed in this post. These are usually relevant in development or testing environments. Since these are global and free services, it doesn’t make much sense to use Let’s Encrypt with them because the odds to reach their rate limits are high.
In case you found this article helpful or just interesting, remember to subscribe below and we’ll send you an email whenever we post new stuff.