User:Matthews/Drafts/Knot Resolver
Knot Resolver is a minimalistic implementation of a caching validating DNS resolver.
Installation
USE flags
USE flags for net-dns/knot-resolver A scaleable caching DNS resolver
caps
|
Use Linux capabilities library to control privilege |
dnstap
|
Build dnstap binary logging module |
jemalloc
|
Use dev-libs/jemalloc for memory management |
kresc
|
Build (experimental) command-line client |
nghttp2
|
DNS-over-HTTPS support |
systemd
|
Enable use of systemd-specific libraries and features like socket activation or session tracking |
test
|
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently) |
verify-sig
|
Verify upstream signatures on distfiles |
Emerge
root #emerge --ask net-dns/knot-resolverConfiguration
The Knot Resolver configuration is handled via a Lua script, /etc/knot-resolver/kresd.conf. It defaults to listening on localhost and acting as a recursive resolver.
Moving cache to tmpfs
To improve performance and reduce disk I/O, the resolver cache can be moved to a tmpfs by mounting one at /var/cache/knot-resolver:
/etc/fstabtmpfs /var/cache/knot-resolver tmpfs rw,size=2G,uid=knot-resolver,gid=knot-resolver,nosuid,nodev,noexec,mode=0700 0 0
The cache.fssize() function can be used in the configuration, to make the cache module aware of the tmpfs size:
/etc/knot-resolver/kresd.confcache.size = cache.fssize() - 10*MB
Adding to runlevel
OpenRC
OpenRC users can add the kresd init script to the default runlevel with the following command:
root #rc-update add kresd defaultsystemd
The kresd systemd unit is templated, allowing multiple instances to be created for high availability and to handle higher volumes of traffic. For maximum performance, it is recommended to create as many instances as there are CPUs[1].
To start a single instance:
root #systemctl enable --now kresd@1.serviceTo start four instances:
root #systemctl enable --now kresd@{1..4}.serviceSee also
- BIND — a popular free software DNS server
References
- ↑ Knot Resolver Documentation. Multiple Instances, retrieved on August 12th, 2023