Running Your Own Local (or LAN-Wide) Handshake HNS Nameserver: A Practical Guide

If you’re deep into Handshake (HNS), you’ve probably noticed that resolving .hns domains reliably can still feel clunky. Public resolvers exist, but nothing beats controlling your own — whether for speed, privacy, testing, or sharing with your home/office network.

This guide builds on our earlier SkyInclude tutorial setting up Bob Wallet for bidding and managing domains. Here we focus on turning your machine into a full HNS-aware DNS resolver that you (and your local network) can trust.

Why Run Your Own HNS Nameserver?

Instant .hns resolution without relying on third-party services.
Recursive + authoritative support (lookup any HNS name + host your own records).
LAN sharing — make your whole home or small office use Handshake seamlessly.
Privacy & sovereignty — no one else logs your HNS queries.
Works great alongside your existing Bob Wallet setup for managing names.

Two Main Options

Bob Wallet (Easiest – includes full hsd node)
Standalone hsd (full node) or hnsd (light SPV resolver)

Option 1: Bob Wallet (Recommended Starting Point)

Bob Wallet already runs hsd (the full Handshake node) in the background. Once synced, it can act as your local resolver.

Install and fully sync Bob Wallet (expect tens of GB and some time on first run).
After syncing, hsd is running. Default ports are usually:
- Recursive resolver: ~5350
- Authoritative: ~5349
To expose it beyond just your machine (for LAN use), you’ll need to configure hsd manually or check Bob’s advanced settings.

Option 2: Manual hsd Setup (Full Power)

Clone and run the official full node:

git clone https://github.com/handshake-org/hsd.git && cd hsd\nnpm install

Create/edit ~/.hsd/hsd.conf:

rs-host: 0.0.0.0      # 127.0.0.1 for localhost only; 0.0.0.0 for LAN\nrs-port: 53           # Standard DNS port (or 5350)\nns-host: 0.0.0.0\nns-port: 5349

Run it:

./bin/hsd

Pro tip: For port 53 without sudo, use setcap on Linux.

Lightweight Option: hnsd (SPV – Less Resource Heavy)

git clone https://github.com/handshake-org/hnsd.git && cd hnsd\n./autogen.sh && ./configure && make

Run with LAN binding:

./hnsd --rs-host=0.0.0.0:53

Making It LAN-Accessible (Not Just Localhost)

By default everything binds to 127.0.0.1 (your machine only). Change to 0.0.0.0 (all interfaces) or your specific LAN IP (e.g. 192.168.1.100).

Firewall rules (important!):

Allow UDP/TCP inbound on your chosen port from your LAN subnet only.
Avoid exposing port 53 publicly unless you add rate-limiting (DNS amplification risk).

Point Devices to Your Resolver

On the same machine: Set DNS to 127.0.0.1
Other LAN devices: Use your machine’s LAN IP (find it with ip addr or ifconfig)

Test from anywhere on the network:

dig @YOUR_LAN_IP example.hns\ndig @YOUR_LAN_IP google.com   # Recursive should work too

Interconnecting with Your Handshake Setup

This pairs perfectly with the previous guide:

Use Bob Wallet to bid on and manage your TLDs/SLDs.
Point your nameserver records (NS/DS) to infrastructure you control (like this local/LAN setup for testing, or production services like HSHub).
Host sites on your own domains and resolve them instantly via your node.

Once running, every device on your network can access the full decentralized web without extra browser extensions.

Tips & Gotchas

First sync of hsd takes time and disk space — be patient.
For always-on: Use systemd, Docker, or pm2.
DNSSEC is supported out of the box.
macOS/Windows: System DNS settings → manual → add your IP.
Linux: Watch out for NetworkManager overwriting /etc/resolv.conf.

Running your own resolver is one of the most empowering steps in the Handshake ecosystem. It turns “cool experiment” into “daily driver” for your decentralized internet journey.

Have questions on your specific OS, errors during setup, or want to go full production with multiple nodes? Drop them below or reach out — happy to iterate on this.

Part of the ongoing SkyInclude series on owning your piece of the internet. Check the Bob Wallet guide for the bidding/management side.