Knot Resolver is a full caching DNS resolver implementation. The core architecture is tiny and efficient, written in C and LuaJIT, providing a foundation and a state-machine-like API for extension modules. There are three built-in modules - iterator, validator and cache - which provide the main functionality of the resolver. A few other modules are automatically loaded by default to extend the resolver's functionality.
Since Knot Resolver version 6, it also includes a so-called manager. It is a new component written in Python that hides the complexity of older versions and makes it more user friendly. For example, new features include declarative configuration in YAML format and HTTP API for dynamic changes in the resolver and more.
Knot Resolver uses a different scaling strategy than the rest of the DNS resolvers - no threading, shared-nothing architecture (except MVCC cache which can be shared), which allows you to pin workers to available CPU cores and grow by self-replication. You can start and stop additional workers based on the contention without downtime, which is automated by the manager by default.
The LuaJIT modules, support for DNS privacy and DNSSEC, and persistent cache with low memory footprint make it a great personal DNS resolver or a research tool to tap into DNS data. Strong filtering rules, and auto-configuration with etcd make it a great large-scale resolver solution. It also has strong support for DNS over TCP, in particular TCP Fast-Open, query pipelining and deduplication, and response reordering.
For more on using the resolver, see the User Documentation. See the Developer Documentation for detailed architecture and development.
The latest stable packages for various distributions are available in our upstream repository. Follow the installation instructions to add this repository to your system.
Knot Resolver is also available from the following distributions' repositories:
- Fedora and Fedora EPEL
- Debian stable, Debian testing, Debian unstable
- Ubuntu
- Arch Linux
- Alpine Linux
The project uses apkg
for packaging.
See distro/README.md
for packaging specific instructions.
Knot Resolver mainly depends on KnotDNS libraries, LuaJIT, libuv and Python.
See the Building project documentation page for more information.
By default, Knot Resolver comes with systemd integration and you just need to start its service. It requires no configuration changes to run a server on localhost.
# systemctl start knot-resolver
See the documentation at knot-resolver.cz/documentation/latest for more information.
Running the Docker image is simple and doesn't require any dependencies or system modifications, just run:
$ docker run -Pit cznic/knot-resolver
The images are meant as an easy way to try the resolver, and they're not designed for production use.
- GitLab issues (you may authenticate via GitHub)
- mailing list