Toralf,

you need knot-resolver (knot-resolver.cz) and not knot-dns (this is the 
authoritative-only part).

Cheers,
Ondrej

--
 Ondřej Surý -- Technical Fellow
 --------------------------------------------
 CZ.NIC, z.s.p.o.    --     Laboratoře CZ.NIC
 Milesovska 5, 130 00 Praha 3, Czech Republic
 mailto:ondrej.s...@nic.cz    https://nic.cz/
 --------------------------------------------

----- Original Message -----
> From: "Toralf Förster" <toralf.foers...@gmx.de>
> To: "Marek Vavruša" <ma...@vavrusa.com>
> Cc: "Ondřej Surý" <ondrej.s...@nic.cz>, "knot-dns-users" 
> <knot-dns-users@lists.nic.cz>
> Sent: Saturday, 15 October, 2016 22:19:27
> Subject: Re: [knot-dns-users] is there a out-of-the-box receipt to use knot 
> as a DNS cache for a Tor exit relay ?

> On 10/15/2016 08:58 PM, Marek Vavruša wrote:
>> As in your 5-step list: you have to install it, modify /etc/resolv.conf
>> as in step 2, and then start it (kresd -k /var/something/root.keys).
> Hhm, not as easy as dnsmasq I must admit.
> 
> The emerged package under Gentoo:
> 
> net-dns/knot-2.3.1::gentoo was built with the following:
> USE="fastparser -caps -debug -dnstap -doc -idn -systemd" ABI_X86="64"
> 
> doesn't have a kresd installed anywhere. After renaming the config file here
> under Gentoo and adding few remote DNS servers:
> 
> remote:
>  - id: n1
>    address: 2a01:4f8:0:a0a1::add@1010
> 
>  - id: n2
>    address: 2a01:4f8:0:a102::add@9999
> 
>  - id: n3
>    address: 2a01:4f8:0:a111::add@9898
> 
>  - id: n4
>    address: 213.133.98.98@53
> 
>  - id: n5
>    address: 213.133.99.99@53
> 
>  - id: n6
>    address: 213.133.100.100@53
> 
> I still get:
> 
> mr-fox knot # dig com. any +dnssec
> 
> ; <<>> DiG 9.10.4-P3 <<>> com. any +dnssec
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 64152
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 4096
> ;; QUESTION SECTION:
> ;com.                           IN      ANY
> 
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Sat Oct 15 22:11:51 CEST 2016
> ;; MSG SIZE  rcvd: 32
> 
> 
> So I do wonder how to convince knot to resolve the name ?
> 
> 
> 
> BTW adding this :
> 
> 
> modules = { 'daf' }
> daf.add 'forward 2a01:4f8:0:a0a1::add'
> daf.add 'forward 2a01:4f8:0:a102::add'
> daf.add 'forward 2a01:4f8:0:a111::add'
> 
> 
> gives :
> 
> Oct 15 22:18:06 mr-fox knot[4363]: error: config, file '/etc/knot/knot.conf',
> line 39, item 'modules', value '' (parser failed)
> Oct 15 22:18:06 mr-fox knot[4363]: critical: failed to load configuration file
> '/etc/knot/knot.conf' (parser failed)
> 
> 
> --
> Toralf
> PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7
_______________________________________________
knot-dns-users mailing list
knot-dns-users@lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users

Reply via email to