- queries served

Wildcard DNS for any IP address

Any subdomain resolves to 127.0.0.1 by default. Embed a specific IP to override - no setup, no signup.

$ dig myapp.127-0-0-1.nar0.com +short127.0.0.1
Copied!

Hostname formats

myapp.nar0.com127.0.0.1default
9-9-9-9.nar0.com9.9.9.9dashed
8.8.8.8.nar0.com8.8.8.8dotted
09090909.nar0.com9.9.9.9hex
2620-fe--fe.nar0.com2620:fe::feIPv6
myapp.8-8-4-4.nar0.com8.8.4.4prefixed
a.b.c.10-0-0-1.nar0.com10.0.0.1deep subdomain

Add any prefix labels for virtual hosting, distinct TLS certs, or service naming. Nesting depth is unlimited.

Use cases

Stable hostnames for localhost

Use myapp.nar0.com instead of bare localhost. DNS resolves to 127.0.0.1, so anything that needs a real domain (OAuth callbacks, cookies scoped to a host, service workers) works.

Local development

Multiple services on different local IPs? api.10-0-0-1.nar0.com and web.10-0-0-2.nar0.com each resolve to distinct addresses. No DNS config needed.

CI/CD and testing

Automated tests that need DNS names for dynamic IPs. No DNS provider API calls, no propagation delays. The hostname encodes the IP directly.

Staging environments

Give each staging server a readable hostname like staging.10-0-1-50.nar0.com. No DNS records to manage when IPs change.

Features

Private IPs

Localhost, LAN, Docker, Kubernetes. 127.0.0.1, 10.x, 172.16.x, 192.168.x all resolve.

Dual-stack

Full IPv4 and IPv6. Dashed, dotted, and hex formats.

DNS-over-HTTPS

RFC 8484 DoH endpoint at /dns-query. GET and POST.

What's my IP

curl nar0.com/ip returns your public IP as plain text.

Zero config

No signup, no API keys, no DNS records. The hostname is the configuration.

API

GET/dns-query?dns={base64url}DoH query (RFC 8484)
POST/dns-queryDoH with application/dns-message body
GET/ipYour public IP as plain text
GET/healthHealth check

Quick start

DNS-only - works with any tool that does DNS (nginx, Traefik, Node.js, Caddy, anything). Here's Caddy:

# Caddyfile
myapp.nar0.com {
    reverse_proxy localhost:3000
}

# Start Caddy
$ caddy run

# DNS resolves to 127.0.0.1 - now hit your dev server
$ curl http://myapp.nar0.com

myapp.nar0.com resolves to 127.0.0.1 by default. Any subdomain without an IP works the same way. For HTTPS, your local server needs its own cert - mkcert or your DNS provider.

FAQ

What is nar0.com?+

A free wildcard DNS service for developers. Any subdomain of nar0.com resolves to an IP encoded in the hostname (or 127.0.0.1 by default).

Does it support private IPs?+

Yes. Loopback (127.0.0.1), RFC 1918 (10.x, 172.16.x, 192.168.x), and other private ranges all resolve. The IP is deterministic from the hostname, so there is no DNS rebinding risk.

Does my traffic go through nar0.com?+

No. nar0.com only handles DNS resolution. When you visit https://myapp.nar0.com, your browser queries DNS once, gets back 127.0.0.1, then connects directly to that IP. No application traffic passes through nar0.com servers.

Is it free?+

Yes. No signup, no API keys, no accounts. Best-effort service with no SLA; fair-use rate limiting applies (roughly 10 responses/sec per source IP over UDP, with TCP fallback). If you need guaranteed throughput or a private deployment, email contact[at]nar0.com.

Is it safe to use?+

DNS queries are not logged per-request. Only an aggregate query counter is kept (visible at the top of this page). The DNS path is otherwise stateless - it extracts the IP from the hostname and returns it.

How do I report abuse?+

Email abuse[at]nar0.com. Typical response time is within 24 hours.

What if my internet goes down?+

DNS queries require internet. For offline resilience, add a local fallback in your resolver:

Pi-hole: Local DNS Records *.nar0.com 127.0.0.1
AdGuard Home: DNS rewrites *.nar0.com 127.0.0.1
Unbound: local-zone: "nar0.com" redirect + local-data: "nar0.com A 127.0.0.1"