Easiest way to configure Knot Resolver is to put configuration to ``/etc/knot-resolver/config.yml`` file.
The first thing you will probably want to configure are the network interfaces to listen to.
-
The following example instructs the resolver to receive standard unencrypted DNS queries on ``192.0.2.1`` and ``2001:db8::1`` IP addresses.
Encrypted DNS queries using ``DNS-over-TLS`` protocol are accepted on all IP addresses of ``eth0`` network interface, TCP port ``853``.
-For more details look at the :ref:`network configuration <config-network>`.
.. code-block:: yaml
port: 853
kind: 'dot' # DNS-over-TLS
+For more details look at the :ref:`network configuration <config-network>`.
+
+.. warning::
+
+ On machines with multiple IP addresses on the same interface avoid listening on wildcards ``0.0.0.0`` or ``::``.
+ Knot Resolver could answer from different IP addresses if the network address ranges overlap, and clients would refuse such a response.
+
You can also start exploring the configuration by reading about :ref:`common use cases <usecases-chapter>` or look at the complete :ref:`configuration <configuration-chapter>` documentation.
Complete configurations files examples can be found `here <https://gitlab.nic.cz/knot/knot-resolver/tree/master/etc/config>`_.
.. tip::
- An easy way to see the complete configuration structure is to look at the `JSON Schema <https://json-schema.org/>`_ of the configuration format with some graphical visualizer such as `this one <https://json-schema.app/>`_.
- The raw schema is accessible from every running Knot Resolver at the HTTP API socket at path ``/schema`` or on `this link <_static/config.schema.json>`_ (valid only for the version of resolver this documentation was generated for)
-
+ An easy way to see the complete configuration structure is to look at the `JSON schema <https://json-schema.org/>`_ represention.
+ The raw JSON schema is available at `this link <_static/config.schema.json>`_ (valid only for the version of resolver this documentation was generated for).
+ For the schema readability, some graphical visualizer can be used, for example `this one <https://json-schema.app/>`_.
==========
Validation
Knot Resolver's configuration follows strict schema for validation.
-You can use :ref:` kresctl <manager-client>` utility to validate your configuration before pushing it into the running resolver.
+You can use :ref:`kresctl <manager-client>` utility to validate your configuration before pushing it into the running resolver.
It should help prevent many typos in the configuration.
.. code-block::
.. _gettingstarted-install:
-************************
-Installation and Startup
-************************
+************
+Installation
+************
As a first step, configure your system to use upstream repositories which have
the **latest version** of Knot Resolver. Follow the instructions below for your
.. note::
- If for some reason you need to **install Knot Resolver from source**, check out :ref:`building from sources <build>` documentation for developers.
\ No newline at end of file
+ If for some reason you need to **install Knot Resolver from source**, check out :ref:`building from sources <build>` documentation for developers.
.. _gettingstarted:
-Getting Started chapter introduces Knot Resolver and guide you through installation and basic setup recommended for your use-case.
+Welcome to Knot Resolver's documentation for getting started!
+This chapter will introduce Knot Resolver and will guide you through :ref:`installation <gettingstarted-install>` to first :ref:`startup <gettingstarted-startup>` and basic insight into :ref:`configuration <gettingstarted-config>`.
+
.. _gettingstarted-intro:
************
Introduction
************
+
+==================
+Basic architecture
+==================
+
+The resolver is made up of several singlethread processes:
+
+:kresd:
+ The resolving daemon that is the core of the resolver, written in C.
+ Most of its functionalities are implemented in a separate modules written in C or Lua.
+
+:kres-cache-gc:
+ Garbage collector that takes care of maintaining the resolver's cache, written in C.
+
+:kres-manager:
+ A new process since version ``6.x`` that is used to manage other processes, written in Python.
+ The manager starts and setups other processes based on the configuration.
+ It is the only process that a user should directly interact with.
+
+For a detailed info see :ref:`internal architectire <architecture>`.
To start and enable service in one command use ``systemctl enable --now knot-resolver.service``
Unfortunately, for some cases (typically Docker and minimalistic systems), ``systemd`` is not available, therefore it is not possible to use ``knot-resolver.service``.
-If you have this problem, look at :ref:`usage without systemd <config-no-systemd>` section.
+If you have this problem, look at :ref:`usage without systemd <manager-no-systemd>` section.
===============
--- /dev/null
+.. SPDX-License-Identifier: GPL-3.0-or-later
+
+.. _manager-no-systemd:
+
+*********************
+Usage without systemd
+*********************
projects / thirdparty / knot-resolver.git / commitdiff
