Install knot-resolver on Rocky Linux 9

Author

Sami Ait Ali Oulahcen

Published

September 28, 2022

How to install knot dns resolver on rocky linux 9

Intro

Knot Resolver is a DNS caching resolver from CZ.NIC. It has a small core architecture with features implemented as optional modules and doesn’t do any threading . Knot resolver is written in C and Lua(JIT) with the source code available under GPL license. Source code can be found at https://github.com/CZ-NIC/knot-resolver.

Prerequisites

We assume you have a frechly installed Rocky Linux 9. * Update and reboot the system

yum -y upgrade
reboot

Don’t forget to set static IP addresses for the server. We’ll use 2001:db8::53 and 192.0.2.53 as examples.

Installation and configuration

Install knot-resolver from the epel repository:

yum install epel-release 
yum install knot-resolver

Allow DNS through firewall:

firewall-cmd --permanent --add-service=dns
firewall-cmd --reload

Configure kresd: the configuration file is rather overloaded wich makes knot DNS resolver highly costumizable. To make it simple, let’s override the initial file and only set the most important parts. Edit the file /etc/knot-resolver/kresd.conf with the following:

/etc/knot-resolver/kresd.conf

net.listen('127.0.0.1', 53, { kind = 'dns' })
net.listen('::1', 53, { kind = 'dns', freebind = true })
net.listen('192.0.2.53', 53, { kind = 'dns' })
net.listen('2001:db8::53', 53, { kind = 'dns', freebind = true })

modules = {
        'hints > iterate',  -- Allow loading /etc/hosts or custom root hints
        'stats',            -- Track internal statistics
        'predict',          -- Prefetch expiring/frequent records
}

-- Cache size
cache.size = 3300 * MB

Start kred server

Now you can start and enable the server: You can match the number of instances of kresd to the number CPUs you have

systemctl enable --now kresd@1-4

Sauce

https://knot-resolver.readthedocs.org/en/stable/