Hello.

On 09/03/2024 15.45, Michael Grimm via knot-resolver-users wrote:

1) I managed to run 'kres-cache-gc -c /var/run/kresd' but I am unsure whether I do need the garbage collector at all?
I read that after filling up of '/var/run/kresd/data.mdb' that file would become reset to 0 bytes, correct?

Yes, when cache fills up completely, it gets reset to empty. So it is possible to run that way; you'll just temporarily get worse latency whenever the reset happens.

FYI: After 3 days '/var/run/kresd/data.mdb' uses less than 1 MB currently.

I expect your DNS traffic isn't very diverse.

2) Does knot-resolver automatically update 'root.hints' and 'root.keys', or do I have to install a script in crontab doing the updates instead?

That depends on your packaging and configuration. Certainly not something for crontab. Note that rotation of root keys has only happened once in the whole history so far. It's a very slow and careful process.

My preferred way is to use these as read-only files, updated by software updates. But we also have code for automatic maintenance according to RFC 5011. I think in the FreeBSD port it's configurable
https://cgit.freebsd.org/ports/tree/dns/knot-resolver/Makefile?id=e8c9d591eea7f83f47173705b3c76171205c2ef3#n90

3) I am still struggeling to understand, how to get access to the statistics produced by the module 'stats'?

FYI: If I do try to use knotc (I know, it's experimental), I'll get:

|dns> kresc /var/run/kresd/control/17158
|Warning! kresc is highly experimental, use at own risk.
|Please tell authors what features you expect from client utility.
|

FYI: There is no 'kresd>' prompt …

I tried to modify that socket's privileges but to no avail.

kresc was an experiment, incomplete and abandoned years ago. I expect you could use something like
echo 'tojson(stats.list())' | sudo socat - /var/run/knot-resolver/control/0

but usually people consume it by the prometheus format and then feed it to whatever they prefer (e.g. grafana).
https://knot-resolver.readthedocs.io/en/stable/modules-stats.html#prometheus-metrics-endpoint

4) If that socket is the way to get hold on all statistics information, how can one name that socket file? Currently, it is just the PID of kresd.

It is possible to change or add these control sockets. It's just
net.listen('path', nil, { kind = 'control' })

Defaults depend on your init scripts, e.g. with systemd it's typically not named by PID but by service name.

Some of these aspects get improved in versions >= 6.0. Control of the GC and kresd processes is integrated inside, also stats aggregation and there's new kresctl command (and user config gets rewritten completely, from Lua to YAML). But honestly we don't do any BSD ourselves, so I don't expect you want to package and try it at this point...

--Vladimir