knot-resolver-users Srpen 2024

knot-resolver-users@lists.nic.cz

5 participants
4 discussions

non-persistent cache during system reboot although stored on persistent storage, why?

by Michael Grimm

Hi, I am running knot-resolver-5.7.4 in a FreeBSD service jail (14.1-STABLE). Note: Because I am still pretty new to using knot resolver, I may miss something important besides [1]. MWN> sum /usr/home/jails/test/var/run/kresd/data.mdb 268 10240 /usr/home/jails/test/var/run/kresd/data.mdb MWN> ./_STATS [2] cache('['count_entries']'): 4953 cache('['usage_percent']'): 16.953125 ### stopping jail simulates shutdown server [3]: MWN> service jail stop test Stopping jails: test. MWN> sum /usr/home/jails/test/var/run/kresd/data.mdb 268 10240 /usr/home/jails/test/var/run/kresd/data.mdb ### Thus, data.mdb is preserved after shutdown! ### starting jail simulates booting server: MWN> service jail start test Starting jails: test. MWN> sum /usr/home/jails/test/var/run/kresd/data.mdb 15059 10240 /usr/home/jails/test/var/run/kresd/data.mdb MWN> ./_STATS cache('['count_entries']'): 87 cache('['usage_percent']'): 0.15625 1) After having stopped that jail, data.mdb is still available and hasn't been modified as shown by checksum. 2) After start of the jail including start of kresd data.mdb has been modified (checksum). 3) cache.stats() shows significantly lower numbers. Questions: #) become cache.stats() reset after a reboot? #) what am I missing? Thanks in advance and regards, Michael [1] https://knot-resolver.readthedocs.io/en/stable/daemon-bindings-cache.html#p… [2] _STATS (based on https://knot-resolver.readthedocs.io/en/stable/daemon-bindings-cache.html#c…) echo -n "cache('['count_entries']'): " ; echo "cache.stats()" | nc -NU /var/run/kresd/control/kresd.sock | grep count_entries echo -n "cache('['usage_percent']'): " ; echo "cache.stats()" | nc -NU /var/run/kresd/control/kresd.sock | grep usage_percent [3] a real server reboot shows the same issue with the cache

10 měsíců

Moving Knot Resolver release files

by Oto Šťáva

Dear Knot Resolver users, due to an internal infrastructure change, released sources for Knot Resolver have been moved from <https://secure.nic.cz/files/knot-resolver/> to <https://knot-resolver.nic.cz/release/>. Apart from this movement, the rest of the directory structure remains unchanged. Proper redirects (HTTP 301 Moved Permanently) have been put in place to make this change as painless and transparent as possible. These redirects can be expected to stay in place for the foreseeable future. Still, we do recommend to change any of your direct links from the secure.nic.cz server to knot-resolver.nic.cz, to avoid the extra indirection step and/or unforeseen issues in the future. Should any of you run into any issues or have any questions about this change, please do let us know, we will be happy to help you out. Best regards -- Oto Šťáva | Knot Resolver team lead | CZ.NIC z.s.p.o. PGP: 6DC2 B0CB 5935 EA7A 3961 4AA7 32B2 2D20 C9B4 E680

10 měsíců

Expired key in upstream repositories

by Vladimír Čunát

Hello. In case you're using our upstream repositories for Debian or Ubuntu, as suggested on https://www.knot-resolver.cz/download/ you'll be running into their signing key expiring since today. As we didn't update it in time, you'll have to update it manually by re-running: wgethttps://secure.nic.cz/files/knot-resolver/knot-resolver-release.deb dpkg -i knot-resolver-release.deb Ticket: https://gitlab.nic.cz/knot/knot-resolver/-/issues/747 We also forgot to add Ubuntu 22.04, so that is fixed now, too. --Vladimir

10 měsíců, 1 týden

CNAME resolution across internal STUB zones

by Paul Furtado

Hello, I am attempting to migrate some internal bind servers to knot+knot-resolver. We have knot acting as the authoritative server for internal views of our public zones and we're attempting to use Knot Resolver to forward to Knot to provide recursive resolution on the internal network. In this configuration, when Knot is resolving a CNAME record from an internal stub zone, it doesn't chase the target of the CNAME for the client. To demonstrate, here are two example zones served by knot: # zone1.com test-a 30 IN A 192.168.1.1 # zone2.com test-cname 30 CNAME test-a.zone1.com. With these configured as stubs in Knot Resolver, if you query test-cname.zone2.com, knot resolver won't chase it across zones to get the A record value like it would for non-stub zones. Both Bind9 and Unbound chase this as expected. Is there any way to configure Knot Resolver to do the same? Thanks! - Paul

10 měsíců, 3 týdny

2025

2024

2023

2022

2021

2020

2019

2018

knot-resolver-users Srpen 2024