16 Říj
2021
16 Říj
'21
15:17
Hi there,
is it actually possible to import a zone file for a locale zone
(yyyyy.xxxx.com.lan) or does it have to be done differently?
In any case, I can't figure out how to do it correctly!
Can someone help with an example i have had some problems with my local
domains since i switched to knot?
Can you actually import the domains from knot into the knot resolver?
I would like to have a stable DNS system on my servers again with knot & knot-
resolver I hope I "think" correctly, a 25 year "bind" damaged person
;-)
--
mit freundlichen Grüßen / best regards
Günther J. Niederwimmer
18 Říj
18 Říj
14:51
Hello.
On 16/10/2021 15.17, Günther J. Niederwimmer wrote:
is it actually possible to import a zone file for a
locale zone
(yyyyy.xxxx.com.lan) or does it have to be done differently?
Currently the options of adding authoritative data are quite limited.
The original zone files can't be used directly, and none of the options
will behave exactly like a real zone. (Except for prefilling the root
zone into cache, but that's not your use case and there's a better way
than doing that manually anyway.)
1. hints module: just addresses (+ automatic PTR), e.g. in /etc/hosts format
https://knot-resolver.readthedocs.io/en/stable/modules-hints.html
2. RPZ: you can individually override almost any record that way.
If your zone file always uses fully qualified owner names, I suspect it
might even work as-is if you used `$ORIGIN .`
Caveats:
- generating CNAMEs by RPZ isn't supported yet
- in kresd <= 5.4.2 you need to specify $ORIGIN unless it's the root
(an issue discovered today)
Docs, also with links to other sites explaining RPZ (as it's quite complex):
https://knot-resolver.readthedocs.io/en/stable/modules-policy.html#response…
--Vladimir
1161
days inactive
1163
days old
knot-resolver-users@lists.nic.cz
1 comments
2 participants
participants (2)
-
Günther J. Niederwimmer -
Vladimír Čunát