Toralf, you need knot-resolver (knot-resolver.cz) and not knot-dns (this is the authoritative-only part).
Cheers, Ondrej -- Ondřej Surý -- Technical Fellow -------------------------------------------- CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC Milesovska 5, 130 00 Praha 3, Czech Republic mailto:[email protected] https://nic.cz/ -------------------------------------------- ----- Original Message ----- > From: "Toralf Förster" <[email protected]> > To: "Marek Vavruša" <[email protected]> > Cc: "Ondřej Surý" <[email protected]>, "knot-dns-users" > <[email protected]> > Sent: Saturday, 15 October, 2016 22:19:27 > Subject: Re: [knot-dns-users] is there a out-of-the-box receipt to use knot > as a DNS cache for a Tor exit relay ? > On 10/15/2016 08:58 PM, Marek Vavruša wrote: >> As in your 5-step list: you have to install it, modify /etc/resolv.conf >> as in step 2, and then start it (kresd -k /var/something/root.keys). > Hhm, not as easy as dnsmasq I must admit. > > The emerged package under Gentoo: > > net-dns/knot-2.3.1::gentoo was built with the following: > USE="fastparser -caps -debug -dnstap -doc -idn -systemd" ABI_X86="64" > > doesn't have a kresd installed anywhere. After renaming the config file here > under Gentoo and adding few remote DNS servers: > > remote: > - id: n1 > address: 2a01:4f8:0:a0a1::add@1010 > > - id: n2 > address: 2a01:4f8:0:a102::add@9999 > > - id: n3 > address: 2a01:4f8:0:a111::add@9898 > > - id: n4 > address: 213.133.98.98@53 > > - id: n5 > address: 213.133.99.99@53 > > - id: n6 > address: 213.133.100.100@53 > > I still get: > > mr-fox knot # dig com. any +dnssec > > ; <<>> DiG 9.10.4-P3 <<>> com. any +dnssec > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 64152 > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 > ;; WARNING: recursion requested but not available > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags: do; udp: 4096 > ;; QUESTION SECTION: > ;com. IN ANY > > ;; Query time: 0 msec > ;; SERVER: 127.0.0.1#53(127.0.0.1) > ;; WHEN: Sat Oct 15 22:11:51 CEST 2016 > ;; MSG SIZE rcvd: 32 > > > So I do wonder how to convince knot to resolve the name ? > > > > BTW adding this : > > > modules = { 'daf' } > daf.add 'forward 2a01:4f8:0:a0a1::add' > daf.add 'forward 2a01:4f8:0:a102::add' > daf.add 'forward 2a01:4f8:0:a111::add' > > > gives : > > Oct 15 22:18:06 mr-fox knot[4363]: error: config, file '/etc/knot/knot.conf', > line 39, item 'modules', value '' (parser failed) > Oct 15 22:18:06 mr-fox knot[4363]: critical: failed to load configuration file > '/etc/knot/knot.conf' (parser failed) > > > -- > Toralf > PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7 _______________________________________________ knot-dns-users mailing list [email protected] https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users
