April 2, 2026
One tiny file, big DNS energy
Show HN: I built a DNS resolver from scratch in Rust – no DNS libraries
One tiny Rust app blocks ads and names your stuff — devs go wild
TLDR: A developer released Numa, a tiny Rust app that blocks ads and lets you name local apps while acting as your own portable “internet address book.” Commenters cheered the convenience, asked for customizable blocklists, and weighed the risk of DIY internet plumbing versus the joy of finally taming dev setup pain.
HN lit up after a solo dev dropped Numa, a portable “internet address book” you run on your laptop that both blocks ads anywhere you go and lets you give your apps friendly names like frontend.numa. It’s a single ~8MB file built in Rust with no DNS libraries — the author even hand‑parsed the protocol and added authenticity checks (DNSSEC). The crowd? Mostly ecstatic.
Cheerleaders piled in fast: “every dev knows this pain,” said one, happy to ditch clunky setups. Another vowed to try it immediately. The killer pitch: it travels with your laptop, so coffee shops, hotels, airports — you still get ad blocking and simple app names. And in a very HN twist, the dev linked a deep dive on how DNSSEC works, flexing receipts for the “no libraries” dare.
But the thread wasn’t just high‑fives. Tinkerers pressed for control, asking how the blocklist works and whether they can swap in favorites like StevenBlack. Privacy hawks perked up at the promise to see every “sneaky” web request, hinting at DIY dashboards and policy filters. Meanwhile, the quiet drama: the eternal “reinventing the wheel” debate lurked — building your own internet plumbing is bold — yet excitement won the day. Try it via numa.rs and tell your captive portal who’s boss.
Key Points
- •Numa is a single ~8MB Rust-based DNS resolver built without DNS libraries, implementing RFC 1035 by hand.
- •It provides caching, ad blocking (385K+ domains via Hagezi Pro), local service domains with auto TLS, and a web dashboard.
- •Supports forward, recursive (with full DNSSEC validation), and auto modes with DoH fallback; includes LAN discovery via mDNS and hub mode.
- •Cross-platform installation (macOS, Linux, Windows) with service integration (launchd/systemd/registry) and REST/TOML configuration.
- •Claims high performance: ~691ns cached round-trip, ~2.0M qps throughput, ~237ms recursive after SRTT warmup, 174ns ECDSA P-256 DNSSEC verification.