Knot Resolver
Knot Resolver is a full (recursive), caching DNS resolver. It is designed to scale from small home-office networks to providing DNS servers at the scale of ISPs. Knot Resolver supports DNSSEC.
Installation
Install the knot-resolverAUR package.
Configuration
Start/enable kresd.socket
.
To use the DNS server locally, use the 127.0.0.1
nameserver, see Domain name resolution.
By default, the resolver will listen on localhost, port 53
. If the resolver should be accessible from other hosts, extend the kresd.socket
definition by editing kresd.socket
or kresd-tls.socket
(for DNS-over-TLS connections) and add the appropriate directives, for example:
[Socket] ListenDatagram=192.0.2.115:53 ListenStream=192.0.2.115:53
If the resolver should respect entries from the /etc/hosts
file, add a hints.add_hosts()
line to /etc/knot-resolver/kresd.conf
.
Knot Resolver and dnsmasq
If dnsmasq is used for managing DHCP, then advertising a kresd instance works like any other external DNS server would: By adding an dhcp-option=option:dns-server,<Server Address>
line to the dnsmasq configuration file.
Note that a default configuration of dnsmasq will clash with the default configuration of kresd, since both will attempt to use port 53
. Disable the dnsmasq DNS functionality (port=0
), or assign a different port to either service.
See also
- kresd.systemd(7)
- Knot Resolver documentation