Logo
stable

Quick Start

  • Installation
  • Startup
    • First DNS query
  • Configuration
    • Listening on network interfaces
    • Scenario: Internal Resolver
      • Internal-only domains
    • Scenario: ISP Resolver
      • Limiting client access
      • TLS server configuration
      • Mandatory domain blocking
    • Scenario: Personal Resolver
      • Forwarding over TLS protocol (DNS-over-TLS)
      • Forwarding to multiple targets
      • Non-persistent cache

Configuration

  • Configuration Overview
    • Syntax
    • Documentation Conventions
    • Modules
  • Networking and protocols
    • Server (communication with clients)
      • Addresses and services
        • Features for scripting
      • DoT and DoH (encrypted DNS)
        • DNS-over-TLS (DoT)
        • DNS-over-HTTPS (DoH)
        • Configuration options for DoT and DoH
        • Configuration options for DoH
      • Other HTTP services
        • Example configuration
        • HTTPS (TLS for HTTP)
        • Legacy DNS-over-HTTPS (DoH)
        • Built-in services
        • Dependencies
    • Client (retrieving answers from servers)
      • IPv4 and IPv6 usage
      • Forwarding
    • DNS protocol tweaks
      • DNS protocol tweaks
  • Performance and resiliency
    • Cache
      • Sizing
      • Persistence
      • Configuration reference
    • Multiple instances
      • Zero-downtime restarts
      • Instance-specific configuration
    • Prefetching records
      • Expiring records
      • Prediction
      • Example configuration
      • Exported metrics
      • Properties
    • Cache prefilling
      • Dependencies
    • Serve stale
      • Running
    • Root on loopback (RFC 7706)
    • Priming module
    • EDNS keepalive
    • XDP for higher UDP performance
      • Prerequisites
      • Set up
      • Optimizations
      • Limitations
  • Policy, access control, data manipulation
    • Query policies
      • Filters
      • Actions
        • Non-chain actions
        • Chain actions
        • Actions for extra logging
        • Custom actions
      • Forwarding
      • Forwarding over TLS protocol (DNS-over-TLS)
        • CA+hostname authentication
        • Key-pinned authentication
        • TLS Examples
        • Forwarding to multiple targets
      • Replacing part of the DNS tree
      • Response policy zones
      • Additional properties
    • Views and ACLs
      • Example configuration
      • Rule order
      • Properties
    • Static hints
      • Examples
      • Properties
    • DNS64
      • Simple example
      • Advanced options
    • IP address renumbering
      • Example configuration
    • Answer reordering
    • Rebinding protection
    • Refuse queries without RD bit
    • DNS Application Firewall
      • Example configuration
      • Web interface
      • RESTful interface
  • Logging, monitoring, diagnostics
    • DNSSEC validation failure logging
    • Statistics collector
      • Built-in statistics
      • Module reference
      • Graphite/InfluxDB/Metronome
        • Dependencies
      • Prometheus metrics endpoint
    • Scripting worker
    • Name Server Identifier (NSID)
    • Debugging a single request
      • Using query policies
      • Using HTTP module
    • Watchdog
    • Dnstap (traffic collection)
    • Sentinel for Detecting Trusted Root Keys
    • Signaling Trust Anchor Knowledge in DNSSEC
    • System time skew detector
    • Detect discontinuous jumps in the system time
    • Debugging options
    • Logging API
  • DNSSEC, data verification
  • Experimental features
    • Run-time reconfiguration
      • Control sockets
      • Lua scripts
        • Helper functions
      • Asynchronous events
        • Timers and events reference
        • Asynchronous function execution
      • Etcd support
        • Example configuration
        • Dependencies
    • Experimental DNS-over-TLS Auto-discovery
      • How it works
      • Generating NS target names
      • Example configuration
      • Caveats
      • Dependencies
  • Usage without systemd
    • Process management
      • Garbage Collector
    • Privileges and capabilities
      • Using capabilities
      • Running as non-privileged user
      • Running as root

Operation

  • Upgrading
    • Upcoming changes
    • 5.3 to 5.4
      • Configuration file
      • Packagers & Developers
      • Module changes
    • 5.2 to 5.3
      • Configuration file
      • Packagers & Developers
    • 5.1 to 5.2
      • Users
      • Configuration file
      • Module changes
    • 5.0 to 5.1
      • Module changes
    • 4.x to 5.x
      • Users
      • Configuration file
    • 4.2.2 to 4.3+
      • Module changes
    • 4.x to 4.2.1+
      • Users
    • 3.x to 4.x
      • Users
        • Configuration file
      • Packagers & Developers
        • Module changes
    • 2.x to 3.x
      • Users
      • Packagers & Developers
        • Module changes
  • Release notes
    • Version numbering
    • Knot Resolver 5.4.2 (2021-10-13)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.4.1 (2021-08-19)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.4.0 (2021-07-29)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.3.2 (2021-05-05)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 5.3.1 (2021-03-31)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.3.0 (2021-02-25)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.2.1 (2020-12-09)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.2.0 (2020-11-11)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.1.3 (2020-09-08)
      • Improvements
      • Bugfixes
    • Knot Resolver 5.1.2 (2020-07-01)
      • Bugfixes
    • Knot Resolver 5.1.1 (2020-05-19)
      • Security
      • Bugfixes
    • Knot Resolver 5.1.0 (2020-04-29)
      • Improvements
      • Bugfixes
      • Incompatible changes
    • Knot Resolver 5.0.1 (2020-02-05)
      • Bugfixes
      • Improvements
    • Knot Resolver 5.0.0 (2020-01-27)
      • Incompatible changes
      • Improvements
      • Bugfixes
    • Knot Resolver 4.3.0 (2019-12-04)
      • Security - CVE-2019-19331
      • Bugfixes
      • Improvements
    • Knot Resolver 4.2.2 (2019-10-07)
      • Bugfixes
    • Knot Resolver 4.2.1 (2019-09-26)
      • Bugfixes
      • Improvements
    • Knot Resolver 4.2.0 (2019-08-05)
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 4.1.0 (2019-07-10)
      • Security
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 4.0.0 (2019-04-18)
      • Incompatible changes
      • Improvements
      • Bugfixes
      • Module API changes
    • Knot Resolver 3.2.1 (2019-01-10)
      • Bugfixes
      • Improvements
    • Knot Resolver 3.2.0 (2018-12-17)
      • New features
      • Bugfixes
      • Improvements
      • Module API changes
    • Knot Resolver 3.1.0 (2018-11-02)
      • Incompatible changes
      • Improvements
      • Bugfixes
    • Knot Resolver 3.0.0 (2018-08-20)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 2.4.1 (2018-08-02)
      • Security
      • Bugfixes
    • Knot Resolver 2.4.0 (2018-07-03)
      • Incompatible changes
      • Security
      • New features
      • Bugfixes
      • Improvements
    • Knot Resolver 2.3.0 (2018-04-23)
      • Security
      • New features
      • Bugfixes
      • Improvements
    • Knot Resolver 2.2.0 (2018-03-28)
      • New features
      • Bugfixes
    • Knot Resolver 2.1.1 (2018-02-23)
      • Bugfixes
    • Knot Resolver 2.1.0 (2018-02-16)
      • Incompatible changes
      • Bugfixes
    • Knot Resolver 2.0.0 (2018-01-31)
      • Incompatible changes
      • New features
      • Bugfixes
    • Knot Resolver 1.5.3 (2018-01-23)
      • Bugfixes
    • Knot Resolver 1.5.2 (2018-01-22)
      • Security
      • Bugfixes
    • Knot Resolver 1.5.1 (2017-12-12)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 1.5.0 (2017-11-02)
      • Bugfixes
      • Improvements
    • Knot Resolver 1.99.1-alpha (2017-10-26)
      • Improvements
      • Regressions
    • Knot Resolver 1.4.0 (2017-09-22)
      • Incompatible changes
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.3 (2017-08-09)
      • Security
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.2 (2017-07-28)
      • Security
      • Bugfixes
      • Improvements
    • Knot Resolver 1.3.1 (2017-06-23)
      • Bugfixes
    • Knot Resolver 1.3.0 (2017-06-13)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.6 (2017-04-24)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.5 (2017-04-05)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.4 (2017-03-09)
      • Security
      • Improvements
      • Bugfixes
    • Knot Resolver 1.2.3 (2017-02-23)
      • Bugfixes
    • Knot Resolver 1.2.2 (2017-02-10)
      • Bugfixes:
      • Testing:
    • Knot Resolver 1.2.1 (2017-02-01)
      • Security:
      • Documentation
      • Bugfixes:
    • Knot Resolver 1.2.0 (2017-01-24)
      • Security:
      • Improvements:
      • Bugfixes:
      • Miscellaneous:
    • Knot Resolver 1.1.1 (2016-08-24)
      • Bugfixes:
      • Improvements:
    • Knot Resolver 1.1.0 (2016-08-12)
      • Improvements:
    • Knot Resolver 1.0.0 (2016-05-30)
      • Initial release:

Developers

  • Building from sources
    • Dependencies
      • Packaged dependencies
    • Compilation
      • Build options
      • Customizing compiler flags
    • Tests
    • Documentation
    • Tarball
    • Packaging
      • Systemd
      • Trust anchors
    • Docker image
  • Custom HTTP services
    • Custom RESTful services
  • Knot Resolver library
    • Requirements
    • For users
    • For developers
    • Writing layers
    • APIs in Lua
      • Elementary types and constants
      • Working with domain names
      • Working with resource records
      • Working with packets
      • Working with requests
      • Significant Lua API changes
        • Incompatible changes since 3.0.0
    • API reference
      • Name resolution
      • Cache
      • Nameservers
      • Modules
      • Utilities
      • Generics library
        • array
        • queue
        • map
        • set
        • pack
        • lru
        • trie
  • Modules API reference
    • Supported languages
    • The anatomy of an extension
    • Writing a module in Lua
    • Writing a module in C
    • Configuring modules
    • Exposing C module properties
      • Special properties
  • Worker API reference
Knot Resolver
  • Docs »
  • Search

© Copyright 2014-2020 CZ.NIC labs Revision bc5e5f05.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: stable
Versions
latest
stable
v5.4.2
v5.4.1
v5.4.0
v5.3.2
v5.3.1
v5.3.0
v5.2.1
v5.2.0
v5.1.3
v5.1.2
v5.1.1
v5.1.0
v5.0.1
v5.0.0
v4.3.0
v4.2.2
v4.2.1
v4.2.0
v4.1.0
v4.0.0
v3.2.1
v3.2.0
v3.1.0
v3.0.0
v2.4.1
v2.4.0
v2.3.0
v2.2.0
v2.1.1
v2.1.0
v2.0.0
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.0
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.6
v1.2.5
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.1
v1.1.0
v1.0.0
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by Read the Docs.