I just successfully migrated a several zones from NSD to Knot DNS. The
migration was straightforward and quick, but I limiting the number of
addresses per interface and remote server to one doesn't make sense to
me especially with dual stack hosts. This is more intuitive to me in
NSD. What is the rationale behind the current syntax?
Regards,
Matthias-Christian
Hi Everyone,
we're proud to announce, that release candidate for the next major
release 1.2 is out!
Apart from a couple bugfixes, it features full DDNS support (including
update forwarding).
There are a few limitations related to DNSSEC-signed zones, please
refer to user manual for more information.
Access control for dynamic updates could be configured in a similar
fashion to transfers, using the 'update-in' keyword.
Next major thing is an updated remote control tool.
Basic commands for start/stop/restart/compile and checks are the same
as they were,
but the command for refresh/flush/status could be executed remotely
given the right configuration.
You can enable remote control interface with a new config section
'control', f.e.:
control {
listen-on { address 127.0.0.1@5553; }
allow remote0;
}
You can also specify a remote with associated TSIG key for security reasons.
Knot control tool then accepts host, port and TSIG key as a parameter, f.e.:
$ knotc -s 127.0.0.1 -p 5553 status
Key could be also specified in a file instead of a command line parameter.
But that is just a tip of the iceberg. For more smaller features, like
configurable TCP timeouts or LOC support,
refer to RELNOTES and a user documentation.
RELNOTES: https://git.nic.cz/redmine/projects/knot-dns/repository/revisions/v1.2-rc1/…
Sources: https://secure.nic.cz/files/knot-dns/knot-1.2-rc1.tar.gz
GPG signature: https://secure.nic.cz/files/knot-dns/knot-1.2-rc1.tar.gz.asc
Packages available at www.knot-dns.cz will be updated soon as well.
Cheers,
Marek
--
Marek Vavruša Knot DNS
CZ.NIC Labs http://www.knot-dns.cz
-------------------------------------------
Americká 23, 120 00 Praha 2, Czech Republic
WWW: http://labs.nic.czhttp://www.nic.cz
Hi,
we've recently corrected two issues: the server crashed when trying to
reload configuration with duplicate zones and zone transfers scheduling
was broken, causing sometimes (but very rarely) some zones not to be
synced with master properly, so we are releasing the fixed version right
away.
Sources of this version are here:
http://public.nic.cz/files/knot-dns/knot-1.1.2-rc1.tar.gz
GPG signature:
http://public.nic.cz/files/knot-dns/knot-1.1.2-rc1.tar.gz.asc
Final v1.1.2 will be released in a week.
Kind regards,
Lubos
--
Ľuboš Slovák Knot DNS
CZ.NIC Labs http://www.knot-dns.cz
-------------------------------------------
Americká 23, 120 00 Praha 2, Czech Republic
Email: lubos.slovak(a)nic.cz
WWW: http://labs.nic.czhttp://www.nic.cz
-------------------------------------------
Please consider the environment before printing this email.
Join the campaign at http://thinkBeforePrinting.org
Hello,
final release 1.1.1 of Knot DNS was just released. We just fixed one
small bug since last week's release candidate. Now should be stable.
Enjoy and stay tuned for version 1.2, which should be out in late
November and will bring the long desired support for Dynamic Updates and
some other improvements!
Kind regards,
Lubos
--
Ľuboš Slovák Knot DNS
CZ.NIC Labs http://www.knot-dns.cz
-------------------------------------------
Americká 23, 120 00 Praha 2, Czech Republic
Email: lubos.slovak(a)nic.cz
WWW: http://labs.nic.czhttp://www.nic.cz
-------------------------------------------
Please consider the environment before printing this email.
Join the campaign at http://thinkBeforePrinting.org
Hello,
I have setup a KNOT dns server but I'm having troubles with the UDP
queries. The server is not answering to the UDP queries but it is
answering to queries in TCP.
The server is running on a CentOS release 6.3 (Final) and the
configuration file is the following.
*************knot.conf***********
system {
identity "Yet.another.server";
nsid "Yet.another.server";
storage "/opt/knot_run/knot-minimal";
pidfile "/opt/knot_run/knot.pid";
user root;
}
interfaces {
ipv4 { address 127.0.0.1@53; }
ipv4 { address 193.137.197.25@53; }
}
remotes {
ns-test01 { address 193.136.192.86@53; }
ns-test02 { address 193.136.192.87@53; }
ns-test03 { address 193.137.196.30@53; }
ns-test04 { address 193.137.196.31@53; }
}
zones {
zonetest-01.dns.pt {
file "/opt/knot_run/zones/zonetest01";
xfr-in ns-test01;
notify-in ns-test01;
}
zonetest-06.dns.pt {
file "/opt/knot_run/zones/zonetest06";
}
}
log {
file "/opt/knot_run/log/knot.log" { any all; }
}
**********************************
The output of the log file is
********knot.log******************
2012-09-17T10:25:40.208574+01:00 Stopping server...
2012-09-17T10:25:40.210677+01:00 Server finished.
2012-09-17T10:25:40.211260+01:00 Shut down.
2012-09-17T10:25:40.230967+01:00 Binding to interface 127.0.0.1 port 53.
2012-09-17T10:25:40.231283+01:00 Binding to interface 193.137.197.25
port 53.
2012-09-17T10:25:40.232162+01:00 Loading 2 compiled zones...
2012-09-17T10:25:40.233783+01:00 Loaded zone 'zonetest-01.dns.pt.'
2012-09-17T10:25:40.237553+01:00 Loaded zone 'zonetest-06.dns.pt.'
2012-09-17T10:25:40.238983+01:00 Loaded 2 out of 2 zones.
2012-09-17T10:25:40.239044+01:00 Configured 2 interfaces and 2 zones.
2012-09-17T10:25:40.239078+01:00
2012-09-17T10:25:40.239111+01:00 Starting server...
2012-09-17T10:25:40.240688+01:00 Server started as a daemon, PID = 8599
2012-09-17T10:25:40.240772+01:00 PID stored in /opt/knot_run/knot.pid
*********************************
And an example of the query's
*********************************
[root@ns-test06 ~]# dig @127.0.0.1 zonetest-06.dns.pt +tcp
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.1 <<>> @127.0.0.1
zonetest-06.dns.pt +tcp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30969
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;zonetest-06.dns.pt. IN A
;; ANSWER SECTION:
zonetest-06.dns.pt. 3600 IN A 193.137.196.42
;; AUTHORITY SECTION:
zonetest-06.dns.pt. 3600 IN NS ns-test01.dns.pt.
zonetest-06.dns.pt. 3600 IN NS ns-test02.dns.pt.
zonetest-06.dns.pt. 3600 IN NS ns-test03.dns.pt.
zonetest-06.dns.pt. 3600 IN NS ns-test04.dns.pt.
zonetest-06.dns.pt. 3600 IN NS ns-test06.dns.pt.
;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Sep 17 10:25:49 2012
;; MSG SIZE rcvd: 202
[root@ns-test06 ~]# dig @127.0.0.1 zonetest-06.dns.pt
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.1 <<>> @127.0.0.1
zonetest-06.dns.pt
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
*********************************
Can anyone help me with this problem?
Best regards,
--
Eduardo Duarte
SIT-DNS
DNS.PT - https://www.dns.pt/
FCCN - http://www.fccn.pt/