Logo
stable

Quick Start

  • Installation
  • Startup
    • First DNS query
  • Configuration
    • Listening on network interfaces
    • Scenario: Internal Resolver
      • Internal-only domains
    • Scenario: ISP Resolver
      • Limiting client access
      • TLS server configuration
      • Mandatory domain blocking
    • Scenario: Personal Resolver
      • Forwarding over TLS protocol (DNS-over-TLS)
      • Forwarding to multiple targets
      • Non-persistent cache

Configuration

  • Configuration Overview
    • Syntax
    • Documentation Conventions
    • Modules
  • Networking and protocols
    • Server (communication with clients)
      • Addresses and services
        • Features for scripting
      • DNS-over-TLS server (DoT)
      • HTTP services
        • Example configuration
        • HTTPS (TLS for HTTP)
        • Built-in services
        • Dependencies
      • DNS-over-HTTP (DoH)
        • DoH support in Knot Resolver
        • Normal HTTP proxy
        • HTTP proxy with DoH support
        • Client configuration
    • Client (retrieving answers from servers)
      • IPv4 and IPv6 usage
      • Forwarding
    • DNS protocol tweaks
      • DNS protocol tweaks
  • Performance and resiliency
    • Cache
      • Sizing
      • Persistence
      • Configuration reference
    • Multiple instances
      • Zero-downtime restarts
      • Instance-specific configuration
    • Prefetching records
      • Example configuration
      • Exported metrics
      • Properties
    • Cache prefilling
      • Dependencies
    • Serve stale
      • Running
    • Root on loopback (RFC 7706)
    • Priming module
    • EDNS keepalive
  • Policy, access control, data manipulation
    • Query policies
      • Filters
      • Actions
        • Non-chain actions
        • Chain actions
        • Custom actions
      • Forwarding
      • Forwarding over TLS protocol (DNS-over-TLS)
        • CA+hostname authentication
        • Key-pinned authentication
        • TLS Examples
        • Forwarding to multiple targets
      • Replacing part of the DNS tree
      • Response policy zones
      • Additional properties
    • Views and ACLs
      • Example configuration
      • Rule order
      • Properties
    • Static hints
      • Examples
      • Properties
    • DNS64
      • Example configuration
    • IP address renumbering
      • Example configuration
    • Answer reordering
    • Rebinding protection
    • Refuse queries without RD bit
    • DNS Application Firewall
      • Example configuration
      • Web interface
      • RESTful interface
  • Logging, monitoring, diagnostics
    • DNSSEC validation failure logging
    • Statistics collector
      • Built-in statistics
      • Module reference
      • Graphite/InfluxDB/Metronome
        • Dependencies
      • Prometheus metrics endpoint
    • Name Server Identifier (NSID)
    • Debugging a single request
    • Watchdog
    • Dnstap (traffic collection)
    • Sentinel for Detecting Trusted Root Keys
    • Signaling Trust Anchor Knowledge in DNSSEC
    • System time skew detector
    • Detect discontinuous jumps in the system time
  • DNSSEC, data verification
  • Experimental features
    • Run-time reconfiguration
      • Control sockets
      • Lua scripts
        • Helper functions
      • Asynchronous events
        • Timers and events reference
        • Asynchronous function execution
      • Etcd support
        • Example configuration
        • Dependencies
    • Experimental DNS-over-TLS Auto-discovery
      • How it works
      • Generating NS target names
      • Example configuration
      • Caveats
      • Dependencies
  • Usage without systemd
    • Process management
      • Garbage Collector
    • Privileges and capabilities
      • Using capabilities
      • Running as non-privileged user
      • Running as root

Operation

  • Upgrading
    • 5.0 to 5.1
      • Module changes
    • 4.x to 5.x
      • Users
      • Configuration file
    • 4.2.2 to 4.3+
      • Module changes
    • 4.x to 4.2.1+
      • Users
    • 3.x to 4.x
      • Users
        • Configuration file
      • Packagers & Developers
        • Module changes
    • 2.x to 3.x
      • Users
      • Packagers & Developers
        • Module changes
  • Release notes
    • Knot Resolver 5.1.1 (2020-05-19)
      • Security
      • Bugfixes
    • Knot Resolver 5.1.0 (2020-04-29)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.0.1 (2020-02-05)
      • Bugfixes
      • Improvements
    • Knot Resolver 5.0.0 (2020-01-27)
      • Incompatible changes
      • Improvements
      • Bugfixes
    • Knot Resolver 4.3.0 (2019-12-04)
      • Security - CVE-2019-19331
      • Bugfixes
      • Improvements
    • Knot Resolver 4.2.2 (2019-10-07)
      • Bugfixes
    • Knot Resolver 4.2.1 (2019-09-26)
      • Bugfixes
      • Improvements
    • Knot Resolver 4.2.0 (2019-08-05)
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 4.1.0 (2019-07-10)
      • Security
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 4.0.0 (2019-04-18)
      • Incompatible changes
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 3.2.1 (2019-01-10)
      • Bugfixes
      • Improvements
    • Knot Resolver 3.2.0 (2018-12-17)
      • New features
      • Bugfixes
      • Improvements
      • Module API changes
    • Knot Resolver 3.1.0 (2018-11-02)
      • Incompatible changes
      • Improvements
      • Bugfixes
    • Knot Resolver 3.0.0 (2018-08-20)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 2.4.1 (2018-08-02)
      • Security
      • Bugfixes
    • Knot Resolver 2.4.0 (2018-07-03)
      • Incompatible changes
      • Security
      • New features
      • Bugfixes
      • Improvements
    • Knot Resolver 2.3.0 (2018-04-23)
      • Security
      • New features
      • Bugfixes
      • Improvements
    • Knot Resolver 2.2.0 (2018-03-28)
      • New features
      • Bugfixes
    • Knot Resolver 2.1.1 (2018-02-23)
      • Bugfixes
    • Knot Resolver 2.1.0 (2018-02-16)
      • Incompatible changes
      • Bugfixes
    • Knot Resolver 2.0.0 (2018-01-31)
      • Incompatible changes
      • New features
      • Bugfixes
    • Knot Resolver 1.5.3 (2018-01-23)
      • Bugfixes
    • Knot Resolver 1.5.2 (2018-01-22)
      • Security
      • Bugfixes
    • Knot Resolver 1.5.1 (2017-12-12)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 1.5.0 (2017-11-02)
      • Bugfixes
      • Improvements
    • Knot Resolver 1.99.1-alpha (2017-10-26)
      • Improvements
      • Regressions
    • Knot Resolver 1.4.0 (2017-09-22)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.3 (2017-08-09)
      • Security
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.2 (2017-07-28)
      • Security
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.1 (2017-06-23)
      • Bugfixes
    • Knot Resolver 1.3.0 (2017-06-13)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.6 (2017-04-24)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.5 (2017-04-05)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.4 (2017-03-09)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.3 (2017-02-23)
      • Bugfixes
    • Knot Resolver 1.2.2 (2017-02-10)
      • Bugfixes:
      • Testing:
    • Knot Resolver 1.2.1 (2017-02-01)
      • Security:
      • Documentation
      • Bugfixes:
    • Knot Resolver 1.2.0 (2017-01-24)
      • Security:
      • Improvements:
      • Bugfixes:
      • Miscellaneous:
    • Knot Resolver 1.1.1 (2016-08-24)
      • Bugfixes:
      • Improvements:
    • Knot Resolver 1.1.0 (2016-08-12)
      • Improvements:
    • Knot Resolver 1.0.0 (2016-05-30)
      • Initial release:

Developers

  • Building from sources
    • Dependencies
      • Packaged dependencies
    • Compilation
      • Build options
      • Customizing compiler flags
    • Tests
    • HTML Documentation
    • Tarball
    • Packaging
      • Systemd
      • Trust anchors
    • Docker image
  • Custom HTTP services
    • Custom RESTful services
  • Knot Resolver library
    • Requirements
    • For users
    • For developers
    • Writing layers
    • APIs in Lua
      • Elementary types and constants
      • Working with domain names
      • Working with resource records
      • Working with packets
      • Working with requests
      • Significant Lua API changes
        • Incompatible changes since 3.0.0
    • API reference
      • Name resolution
      • Cache
      • Nameservers
      • Modules
      • Utilities
      • Generics library
        • array
        • queue
        • map
        • set
        • pack
        • lru
        • trie
  • Modules API reference
    • Supported languages
    • The anatomy of an extension
    • Writing a module in Lua
    • Writing a module in C
    • Configuring modules
    • Exposing C module properties
      • Special properties
  • Worker API reference
Knot Resolver
  • Docs »
  • Search

© Copyright 2014-2020 CZ.NIC labs Revision 24f5932a.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: stable
Versions
latest
stable
v5.1.1
v5.1.0
v5.0.1
v5.0.0
v4.3.0
v4.2.2
v4.2.1
v4.2.0
v4.1.0
v4.0.0
v3.2.1
v3.2.0
v3.1.0
v3.0.0
v2.4.1
v2.4.0
v2.3.0
v2.2.0
v2.1.1
v2.1.0
v2.0.0
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.0
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.6
v1.2.5
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.1
v1.1.0
v1.0.0
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by Read the Docs.