Logo
5.7.0

Quick Start

  • Installation
  • Startup
    • First DNS query
  • Configuration
    • Listening on network interfaces
    • Scenario: Internal Resolver
      • Internal-only domains
    • Scenario: ISP Resolver
      • Limiting client access
      • TLS server configuration
      • Mandatory domain blocking
    • Scenario: Personal Resolver
      • Forwarding over TLS protocol (DNS-over-TLS)
      • Forwarding to multiple targets
      • Non-persistent cache

Configuration

  • Configuration Overview
    • Syntax
    • Documentation Conventions
    • Modules
      • modules.list()
      • modules.load()
      • modules.unload()
  • Networking and protocols
    • Server (communication with clients)
      • Addresses and services
        • net.listen()
        • PROXYv2 protocol
        • Features for scripting
      • DoT and DoH (encrypted DNS)
        • DNS-over-TLS (DoT)
        • DNS-over-HTTPS (DoH)
        • Configuration options for DoT and DoH
        • Configuration options for DoH
      • Other HTTP services
        • Example configuration
        • HTTPS (TLS for HTTP)
        • Legacy DNS-over-HTTPS (DoH)
        • Built-in services
        • Dependencies
    • Client (retrieving answers from servers)
      • IPv4 and IPv6 usage
        • net.outgoing_v4()
        • net.outgoing_v6()
      • Forwarding
    • DNS protocol tweaks
      • DNS protocol tweaks
        • net.bufsize()
  • Performance and resiliency
    • Cache
      • Sizing
      • Persistence
      • Configuration reference
        • cache.open()
        • cache.backends()
        • cache.count()
        • cache.close()
        • cache.fssize()
        • cache.stats()
        • cache.max_ttl()
        • cache.min_ttl()
        • cache.ns_tout()
        • cache.get()
        • cache.clear()
    • Multiple instances
      • Zero-downtime restarts
      • Instance-specific configuration
    • Prefetching records
      • Expiring records
      • Prediction
      • Example configuration
      • Exported metrics
      • Properties
        • predict.config()
    • Cache prefilling
      • Dependencies
    • Serve stale
      • Running
    • Root on loopback (RFC 7706)
    • Priming module
    • EDNS keepalive
    • XDP for higher UDP performance
      • Prerequisites
      • Set up
      • Optimizations
      • Limitations
  • Policy, access control, data manipulation
    • Query policies
      • Filters
        • all()
        • pattern()
        • suffix()
        • domains()
        • suffix_common()
        • custom_filter()
      • Actions
        • Non-chain actions
        • Chain actions
        • Actions for extra logging
        • Custom actions
      • Forwarding
        • FORWARD()
        • STUB()
      • Forwarding over TLS protocol (DNS-over-TLS)
        • TLS_FORWARD()
        • CA+hostname authentication
        • Key-pinned authentication
        • TLS Examples
        • Forwarding to multiple targets
      • Replacing part of the DNS tree
      • Response policy zones
        • rpz()
      • Additional properties
        • add()
        • del()
        • todnames()
    • Views and ACLs
      • Example configuration
      • Rule order
      • Properties
    • Static hints
      • Examples
      • Properties
        • hints.config()
        • hints.add_hosts()
        • hints.get()
        • hints.set()
        • hints.del()
        • hints.root_file()
        • hints.root()
        • hints.use_nodata()
        • hints.ttl()
    • DNS64
      • Simple example
      • Advanced options
    • IP address renumbering
      • Example configuration
    • Answer reordering
      • reorder_RR()
    • Rebinding protection
    • Refuse queries without RD bit
    • DNS Application Firewall
      • Example configuration
      • Web interface
      • RESTful interface
  • Logging, monitoring, diagnostics
    • log_level()
    • verbose()
    • log_target()
    • log_groups()
    • DNSSEC validation failure logging
    • Statistics collector
      • Built-in statistics
      • Module reference
        • stats.get()
        • stats.set()
        • stats.list()
        • stats.upstreams()
        • stats.frequent()
        • stats.clear_frequent()
      • Graphite/InfluxDB/Metronome
        • Dependencies
      • Prometheus metrics endpoint
    • Scripting worker
      • worker.stats()
    • Name Server Identifier (NSID)
    • Debugging a single request
      • Using query policies
      • Using HTTP module
    • Watchdog
    • Dnstap (traffic collection)
    • Sentinel for Detecting Trusted Root Keys
    • Signaling Trust Anchor Knowledge in DNSSEC
    • System time skew detector
    • Detect discontinuous jumps in the system time
    • Debugging options
    • Logging API
  • DNSSEC, data verification
    • trust_anchors.add_file()
    • trust_anchors.remove()
    • trust_anchors.set_insecure()
    • trust_anchors.add()
    • trust_anchors.summary()
    • mode()
  • Experimental features
    • Run-time reconfiguration
      • Control sockets
        • map()
      • Lua scripts
        • Helper functions
      • Asynchronous events
        • Timers and events reference
        • Asynchronous function execution
      • Etcd support
        • Example configuration
        • Dependencies
    • Experimental DNS-over-TLS Auto-discovery
      • How it works
      • Generating NS target names
      • Example configuration
      • Caveats
      • Dependencies
  • Usage without systemd
    • Process management
      • Garbage Collector
    • Privileges and capabilities
      • Using capabilities
      • Running as non-privileged user
        • user()
      • Running as root

Operation

  • Upgrading
    • Upcoming changes
    • 5.4 to 5.5
      • Packagers & Developers
      • Module API changes
    • 5.3 to 5.4
      • Configuration file
      • Packagers & Developers
      • Module changes
    • 5.2 to 5.3
      • Configuration file
      • Packagers & Developers
    • 5.1 to 5.2
      • Users
      • Configuration file
      • Module changes
    • 5.0 to 5.1
      • Module changes
    • 4.x to 5.x
      • Users
      • Configuration file
    • 4.2.2 to 4.3+
      • Module changes
    • 4.x to 4.2.1+
      • Users
    • 3.x to 4.x
      • Users
        • Configuration file
      • Packagers & Developers
        • Module changes
    • 2.x to 3.x
      • Users
      • Packagers & Developers
        • Module changes
  • Release notes
    • Version numbering
    • Knot Resolver 5.x.y (202y-mm-dd)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.7.0 (2023-08-22)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 5.6.0 (2023-01-26)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 5.5.3 (2022-09-21)
      • Security
      • Improvements
    • Knot Resolver 5.5.2 (2022-08-16)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.5.1 (2022-06-14)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.5.0 (2022-03-15)
      • Improvements
      • Incompatible changes
      • Bugfixes
    • Knot Resolver 5.4.4 (2022-01-05)
      • Bugfixes
    • Knot Resolver 5.4.3 (2021-12-01)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.4.2 (2021-10-13)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.4.1 (2021-08-19)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.4.0 (2021-07-29)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.3.2 (2021-05-05)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 5.3.1 (2021-03-31)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.3.0 (2021-02-25)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.2.1 (2020-12-09)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.2.0 (2020-11-11)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.1.3 (2020-09-08)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.1.2 (2020-07-01)
      • Bugfixes
    • Knot Resolver 5.1.1 (2020-05-19)
      • Security
      • Bugfixes
    • Knot Resolver 5.1.0 (2020-04-29)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.0.1 (2020-02-05)
      • Bugfixes
      • Improvements
    • Knot Resolver 5.0.0 (2020-01-27)
      • Incompatible changes
      • Improvements
      • Bugfixes
    • Knot Resolver 4.3.0 (2019-12-04)
      • Security - CVE-2019-19331
      • Bugfixes
      • Improvements
    • Knot Resolver 4.2.2 (2019-10-07)
      • Bugfixes
    • Knot Resolver 4.2.1 (2019-09-26)
      • Bugfixes
      • Improvements
    • Knot Resolver 4.2.0 (2019-08-05)
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 4.1.0 (2019-07-10)
      • Security
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 4.0.0 (2019-04-18)
      • Incompatible changes
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 3.2.1 (2019-01-10)
      • Bugfixes
      • Improvements
    • Knot Resolver 3.2.0 (2018-12-17)
      • New features
      • Bugfixes
      • Improvements
      • Module API changes
    • Knot Resolver 3.1.0 (2018-11-02)
      • Incompatible changes
      • Improvements
      • Bugfixes
    • Knot Resolver 3.0.0 (2018-08-20)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 2.4.1 (2018-08-02)
      • Security
      • Bugfixes
    • Knot Resolver 2.4.0 (2018-07-03)
      • Incompatible changes
      • Security
      • New features
      • Bugfixes
      • Improvements
    • Knot Resolver 2.3.0 (2018-04-23)
      • Security
      • New features
      • Bugfixes
      • Improvements
    • Knot Resolver 2.2.0 (2018-03-28)
      • New features
      • Bugfixes
    • Knot Resolver 2.1.1 (2018-02-23)
      • Bugfixes
    • Knot Resolver 2.1.0 (2018-02-16)
      • Incompatible changes
      • Bugfixes
    • Knot Resolver 2.0.0 (2018-01-31)
      • Incompatible changes
      • New features
      • Bugfixes
    • Knot Resolver 1.5.3 (2018-01-23)
      • Bugfixes
    • Knot Resolver 1.5.2 (2018-01-22)
      • Security
      • Bugfixes
    • Knot Resolver 1.5.1 (2017-12-12)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 1.5.0 (2017-11-02)
      • Bugfixes
      • Improvements
    • Knot Resolver 1.99.1-alpha (2017-10-26)
      • Improvements
      • Regressions
    • Knot Resolver 1.4.0 (2017-09-22)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.3 (2017-08-09)
      • Security
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.2 (2017-07-28)
      • Security
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.1 (2017-06-23)
      • Bugfixes
    • Knot Resolver 1.3.0 (2017-06-13)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.6 (2017-04-24)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.5 (2017-04-05)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.4 (2017-03-09)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.3 (2017-02-23)
      • Bugfixes
    • Knot Resolver 1.2.2 (2017-02-10)
      • Bugfixes:
      • Testing:
    • Knot Resolver 1.2.1 (2017-02-01)
      • Security:
      • Documentation
      • Bugfixes:
    • Knot Resolver 1.2.0 (2017-01-24)
      • Security:
      • Improvements:
      • Bugfixes:
      • Miscellaneous:
    • Knot Resolver 1.1.1 (2016-08-24)
      • Bugfixes:
      • Improvements:
    • Knot Resolver 1.1.0 (2016-08-12)
      • Improvements:
    • Knot Resolver 1.0.0 (2016-05-30)
      • Initial release:

Developers

  • Building from sources
    • Dependencies
      • Packaged dependencies
    • Compilation
      • Build options
      • Customizing compiler flags
    • Tests
      • Unit tests
      • Postinstall tests
      • Config tests
      • Extra tests
      • Useful meson commands
    • Documentation
    • Tarball
    • Packaging
      • Systemd
      • Trust anchors
    • Docker image
  • Custom HTTP services
    • Custom RESTful services
  • Knot Resolver library
    • Requirements
    • For users
    • For developers
    • Writing layers
    • APIs in Lua
      • Elementary types and constants
      • Working with domain names
      • Working with resource records
      • Working with packets
      • Working with requests
      • Significant Lua API changes
        • Incompatible changes since 3.0.0
    • API reference
      • Name resolution
        • Example usage of the iterative API:
      • Cache
      • Nameservers
      • Modules
      • Utilities
      • Generics library
        • array
        • queue
        • pack
        • lru
        • trie
  • Modules API reference
    • Supported languages
    • The anatomy of an extension
    • Writing a module in Lua
    • Writing a module in C
    • Configuring modules
    • Exposing C module properties
      • Special properties
  • Worker API reference
Knot Resolver
  • Search

© Copyright CZ.NIC labs.

Built with Sphinx using a theme provided by Read the Docs.