is cache hit rate, i.e. percentage of queries answered from resolver's cache.
Generally the higher cache hit rate the better.
-Performance tunning should start with cache :ref:`cache_sizing`
+Performance tuning should start with cache :ref:`cache_sizing`
and :ref:`cache_persistence`.
It is also recommended to run :ref:`systemd-multiple-instances` (even on a
single machine!) because it allows to utilize multiple CPU threads and
increases overall resiliency.
-Other features described in this section can be used for fine-tunning
+Other features described in this section can be used for fine-tuning
performance and resiliency of the resolver but generally have much smaller
-impact than cache settings and number of instances.
+impact than cache settings and number of workers.
.. toctree::
:maxdepth: 1
================
Knot Resolver can utilize multiple CPUs running multiple independent workers (processes), where each process utilizes at most single CPU core on your machine.
-If your machine handles a lot of DNS traffic configure multiple workers.
+If your machine handles a lot of DNS traffic, configure multiple workers.
All workers typically share the same configuration and cache, and incoming queries are automatically distributed by operating system among all workers.
workers: 4
You can try let the resolver get number of available CPU threads automatically.
-If there is problem, configuration shoul not pass validation process.
+If there is a problem, configuration should not pass the validation process.
.. code-block:: yaml
If an unrelated HTTPS service is running on the same port with REUSEPORT enabled, you will end up with both services malfunctioning.
-.. _dot-doh-config-options:
-
HTTP status codes
"""""""""""""""""
``GET``, ``POST``, or ``HEAD``
+.. _dot-doh-config-options:
+
Configuration options for DoT and DoH
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:header: "Protocol/service", :option:`kind <kind: dns|xdp|dot|doh2|doh-legacy>`
"DNS (unencrypted UDP+TCP, :rfc:`1034`)","``dns``"
- "DNS (unencrypted UDP, `using XDP Linux API <./dev/daemon-bindings-net_server.html#dns-over-xdp>`_)","``xdp``"
+ "DNS (unencrypted UDP, `using XDP Linux API <./dev/daemon-bindings-net_xdpsrv.html#dns-over-xdp>`_)","``xdp``"
":ref:`dns-over-tls`","``dot``"
":ref:`dns-over-https`","``doh2``"
"`Legacy DNS-over-HTTPS (DoH) <./dev/modules-http.html#mod-http-doh>`_","``doh-legacy``"
[/management/interface] invalid port number 66000
[/logging/level] 'noticed' does not match any of the expected values ('crit', 'err', 'warning', 'notice', 'info', 'debug')
- If you happen to find a rejected configuration with unhelpful or confusing error message, please report it as a bug.
+ If you happen to find a rejected configuration with an unhelpful or confusing error message, please report it as a bug.
JSON Schema
is cache hit rate, i.e. percentage of queries answered from resolver's cache.
Generally the higher cache hit rate the better.
-Performance tunning should start with cache :ref:`config-cache-sizing`
+Performance tuning should start with cache :ref:`config-cache-sizing`
and :ref:`config-cache-persistence`.
.. It is also recommended to run :ref:`systemd-multiple-instances` (even on a
.. single machine!) because it allows to utilize multiple CPU threads and
.. increases overall resiliency.
-Other features described in this section can be used for fine-tunning
+Other features described in this section can be used for fine-tuning
performance and resiliency of the resolver but generally have much smaller
-impact than cache settings and number of instances.
+impact than cache settings and number of workers.
.. toctree::
:maxdepth: 1
:local:
Complete example configuration files can be found `in Knot Resolver's source repository <https://gitlab.nic.cz/knot/knot-resolver/tree/master/etc/config>`_.
-Examples are also installed as documentation files, typically in the ``/usr/share/doc/knot-resolver/examples/`` directory (the location may differ based on your Linux distribution).
+Examples are also installed as documentation files, typically in the ``/usr/share/doc/knot-resolver*/examples/`` directory (the location may differ based on your Linux distribution).
.. tip::
``knot-resolver.service`` may not be enabled by default after installation, thus Knot Resolver might not start automatically after reboot.
To start and enable service in one command use ``systemctl enable --now knot-resolver.service``
-Unfortunately, for some cases (typically Docker and minimalistic systems), ``systemd`` is not available, therefore it is not possible to use ``knot-resolver.service``.
+Unfortunately, for some cases (typically Docker, minimalistic and non-Linux systems), ``systemd`` is not available, therefore it is not possible to use ``knot-resolver.service``.
If you have this problem, look at :ref:`usage without systemd <deployment-no-systemd>` section.
.. note::
- If for some reason you need to use Knot Resolver as it was before version 6, check out :ref:`usage without the manager <advanced-no-manager>`
+ If for some reason you need to use Knot Resolver as it was before version 6, check out :ref:`usage without the manager <advanced-no-manager>`.
Otherwise, it is recommended to stick to this chapter.
===============
.. note::
- Managemnet API has other useful endpoints (metrics, schema, ...), see the detailed :ref:`API documentation <manager-api>`.
+ Management API has other useful endpoints (metrics, schema, ...), see the detailed :ref:`API documentation <manager-api>`.
**path:**
Determines specific configuration option or configuration subtree on that path.
.. note::
- Some configuration options cannot be configured via the API for stability and security reasons(e.g. API configuration itself).
+ Some configuration options cannot be configured via the API for stability and security reasons (e.g. API configuration itself).
In the case of an attempt to configure such an option, the operation is rejected.
Dynamically changing configuration
===================================
-Knot Resolver Manager is capable of dynamically changing its configuration via an HTTP API or by reloading its config file. Both methods are equivalent in terms of its capabilities. The ``kresctl`` utility uses the HTTP API and provides a convinient command line interface.
+Knot Resolver Manager is capable of dynamically changing its configuration via an HTTP API or by reloading its config file. Both methods are equivalent in terms of its capabilities. The ``kresctl`` utility uses the HTTP API and provides a convenient command line interface.
Reloading configuration file
============================
projects / thirdparty / knot-resolver.git / commitdiff
