-from typing import List, Optional, Union
+from typing import Any, List, Optional, Union
from typing_extensions import Literal
dry_run: bool = False
-class CacheSchema(ConfigSchema):
+class PredictionSchema(ConfigSchema):
"""
- DNS resolver cache configuration.
+ Helps keep the cache hot by prefetching expiring records and learning usage patterns and repetitive queries.
---
- storage: Cache storage of the DNS resolver.
- size_max: Maximum size of the cache.
- garbage_collector: Use the garbage collector (kres-cache-gc) to periodically clear cache.
- ttl_min: Minimum time-to-live for the cache entries.
- ttl_max: Maximum time-to-live for the cache entries.
- ns_timeout: Time interval for which a nameserver address will be ignored after determining that it does not return (useful) answers.
- prefill: Prefill the cache periodically by importing zone data obtained over HTTP.
+ window: Sampling window length.
+ period: Number of windows that can be kept in memory.
"""
- storage: Dir = lazy_default(Dir, "/var/cache/knot-resolver")
- size_max: SizeUnit = SizeUnit("100M")
- garbage_collector: Union[GarbageCollectorSchema, Literal[False]] = GarbageCollectorSchema()
- ttl_min: TimeUnit = TimeUnit("5s")
- ttl_max: TimeUnit = TimeUnit("6d")
- ns_timeout: TimeUnit = TimeUnit("1000ms")
- prefill: Optional[List[PrefillSchema]] = None
+ window: TimeUnit = TimeUnit("15m")
+ period: IntNonNegative = IntNonNegative(24)
+
+
+class CacheSchema(ConfigSchema):
+ class Raw(ConfigSchema):
+ """
+ DNS resolver cache configuration.
+
+ ---
+ storage: Cache storage of the DNS resolver.
+ size_max: Maximum size of the cache.
+ garbage_collector: Use the garbage collector (kres-cache-gc) to periodically clear cache.
+ ttl_min: Minimum time-to-live for the cache entries.
+ ttl_max: Maximum time-to-live for the cache entries.
+ ns_timeout: Time interval for which a nameserver address will be ignored after determining that it does not return (useful) answers.
+ prefill: Prefill the cache periodically by importing zone data obtained over HTTP.
+ prediction: Helps keep the cache hot by prefetching expiring records and learning usage patterns and repetitive queries.
+ """
+
+ storage: Dir = lazy_default(Dir, "/var/cache/knot-resolver")
+ size_max: SizeUnit = SizeUnit("100M")
+ garbage_collector: Union[GarbageCollectorSchema, Literal[False]] = GarbageCollectorSchema()
+ ttl_min: TimeUnit = TimeUnit("5s")
+ ttl_max: TimeUnit = TimeUnit("6d")
+ ns_timeout: TimeUnit = TimeUnit("1000ms")
+ prefill: Optional[List[PrefillSchema]] = None
+ prediction: Union[bool, PredictionSchema] = False
+
+ _LAYER = Raw
+
+ storage: Dir
+ size_max: SizeUnit
+ garbage_collector: Union[GarbageCollectorSchema, Literal[False]]
+ ttl_min: TimeUnit
+ ttl_max: TimeUnit
+ ns_timeout: TimeUnit
+ prefill: Optional[List[PrefillSchema]]
+ prediction: Union[Literal[False], PredictionSchema]
+
+ def _prediction(self, obj: Raw) -> Any:
+ if obj.prediction is True:
+ return PredictionSchema()
+ return obj.prediction
def _validate(self):
if self.ttl_min.seconds() >= self.ttl_max.seconds():
-from typing import Any, Union
-
from typing_extensions import Literal
-from knot_resolver_manager.datamodel.types import IntNonNegative, TimeUnit
from knot_resolver_manager.utils.modeling import ConfigSchema
GlueCheckingEnum = Literal["normal", "strict", "permissive"]
-class PredictionSchema(ConfigSchema):
+class OptionsSchema(ConfigSchema):
"""
- Helps keep the cache hot by prefetching expiring records and learning usage patterns and repetitive queries.
+ Fine-tuning global parameters of DNS resolver operation.
---
- window: Sampling window length.
- period: Number of windows that can be kept in memory.
+ glue_checking: Glue records scrictness checking level.
+ minimize: Send minimum amount of information in recursive queries to enhance privacy.
+ query_loopback: Permits queries to loopback addresses.
+ reorder_rrset: Controls whether resource records within a RRSet are reordered each time it is served from the cache.
+ query_case_randomization: Randomize Query Character Case.
+ priming: Initializing DNS resolver cache with Priming Queries (RFC 8109)
+ rebinding_protection: Protection against DNS Rebinding attack.
+ refuse_no_rd: Queries without RD (recursion desired) bit set in query are answered with REFUSED.
+ time_jump_detection: Detection of difference between local system time and expiration time bounds in DNSSEC signatures for '. NS' records.
+ violators_workarounds: Workarounds for known DNS protocol violators.
+ serve_stale: Allows using timed-out records in case DNS resolver is unable to contact upstream servers.
"""
- window: TimeUnit = TimeUnit("15m")
- period: IntNonNegative = IntNonNegative(24)
-
-
-class OptionsSchema(ConfigSchema):
- class Raw(ConfigSchema):
- """
- Fine-tuning global parameters of DNS resolver operation.
-
- ---
- glue_checking: Glue records scrictness checking level.
- minimize: Send minimum amount of information in recursive queries to enhance privacy.
- query_loopback: Permits queries to loopback addresses.
- reorder_rrset: Controls whether resource records within a RRSet are reordered each time it is served from the cache.
- query_case_randomization: Randomize Query Character Case.
- priming: Initializing DNS resolver cache with Priming Queries (RFC 8109)
- rebinding_protection: Protection against DNS Rebinding attack.
- refuse_no_rd: Queries without RD (recursion desired) bit set in query are answered with REFUSED.
- time_jump_detection: Detection of difference between local system time and expiration time bounds in DNSSEC signatures for '. NS' records.
- violators_workarounds: Workarounds for known DNS protocol violators.
- serve_stale: Allows using timed-out records in case DNS resolver is unable to contact upstream servers.
- prediction: Helps keep the cache hot by prefetching expiring records and learning usage patterns and repetitive queries.
- """
-
- glue_checking: GlueCheckingEnum = "normal"
- minimize: bool = True
- query_loopback: bool = False
- reorder_rrset: bool = True
- query_case_randomization: bool = True
- priming: bool = True
- rebinding_protection: bool = False
- refuse_no_rd: bool = True
- time_jump_detection: bool = True
- violators_workarounds: bool = False
- serve_stale: bool = False
- prediction: Union[bool, PredictionSchema] = False
-
- _LAYER = Raw
-
- glue_checking: GlueCheckingEnum
- minimize: bool
- query_loopback: bool
- reorder_rrset: bool
- query_case_randomization: bool
- priming: bool
- rebinding_protection: bool
- refuse_no_rd: bool
- time_jump_detection: bool
- violators_workarounds: bool
- serve_stale: bool
- prediction: Union[Literal[False], PredictionSchema]
-
- def _prediction(self, obj: Raw) -> Any:
- if obj.prediction is True:
- return PredictionSchema()
- return obj.prediction
+ glue_checking: GlueCheckingEnum = "normal"
+ minimize: bool = True
+ query_loopback: bool = False
+ reorder_rrset: bool = True
+ query_case_randomization: bool = True
+ priming: bool = True
+ rebinding_protection: bool = False
+ refuse_no_rd: bool = True
+ time_jump_detection: bool = True
+ violators_workarounds: bool = False
+ serve_stale: bool = False
projects / thirdparty / knot-resolver.git / commitdiff
