Hi,
over the last weekend I did configure knot resolver on Turris Omnia to
write statistics to my influxdb instance.
Now that I have statistics, I am not entirely sure what all the data means.
Everything under answer is easy to understand.
But all data under cache is only 0, although answer.cached is not 0.
Please find some stats below. I would be very grateful for some explanation
what the data means.
My next step would be to try to use RPZ funtionality. is there statistics
for RPZ too?
/Ulrich
> stats.list()
[answer.nxdomain] => 360546
[answer.100ms] => 64682
[answer.1500ms] => 2740
[answer.slow] => 12137
[answer.servfail] => 204137
[answer.250ms] => 84208
[answer.cached] => 430091
[answer.nodata] => 1533
[answer.1ms] => 462921
[answer.total] => 922236
[answer.10ms] => 58963
[answer.noerror] => 356015
[answer.50ms] => 195917
[answer.500ms] => 29794
[answer.1000ms] => 7525
[predict.learned] => 54
[predict.epoch] => 19
[predict.queue] => 520
[query.edns] => 152223
[query.dnssec] => 211
> cache.stats()
[hit] => 0
[delete] => 0
[miss] => 0
[insert] => 0
--
Ulrich Wisser
ulrich(a)wisser.se
Hi,
I would like to run Knot Resolver with DNS-over-TLS on my laptop, but I
need to configure 'policy.FORWARD' whenever I connect to our corporate
network. The information about new connection is provided by the Network
Manager, that is not a problem, but then I need to configure the
resolver somehow. I was thinking about creating a new configuration file
and simply restarting the server, but it fails with "Start request
repeated too quickly".
Is there a way to add/remove policy rules "on the fly"?
The HTTP/2 module seems like a good candidate for doing this. Can this
module be used to accomplish this task?
Best regards,
Martin Sehnoutka
PS: If there is anyone using dnssec-trigger, this would be similar, but
less complicated.
--
Martin Sehnoutka | Associate Software Engineer
PGP: 5FD64AF5
UTC+1 (CET)
RED HAT | TRIED. TESTED. TRUSTED.
Hi, Folks!
I want to use GoogleDNS 8.8.x.x as fallback forwarder when domain's NS'es
are down or inaccessible (for example, when network connectivity between me
and NS is broken).
Is it possible?
policy.add(policy.all(policy.FORWARD({ '8.8.8.8', '8.8.4.4' }))) works
well, but disables recursion at all. How to call it only after/when
recursion is failed?
WBR, Ilya
