Developer(s) CZ.NIC Type DNS server | Operating system License GPL license | |
Initial release November 3, 2011; 5 years ago (2011-11-03) Stable release 2.4.1 / February 10, 2017; 24 days ago (2017-02-10) | ||
Knot DNS is an open-source server program for the Domain Name System. It was developed by CZ.NIC, the .CZ domain registry, from scratch as an authoritative name server. The goal was to add one more open-source implementation suitable for TLD operators to increase overall security, stability and resiliency of Domain Name System. It is implemented as threaded daemon which uses number of programming techniques to make it very fast. Notably Read-copy-update.
Knot DNS uses a zone parser written in Ragel to achieve very fast loading of the zones at the startup. It is also able to add and remove zones on the fly by changing the configuration file and reloading the server using 'knotc' utility.
New in 1.2.0: Response Rate Limiting, Dynamic DNS, and new remote control utility.
New in 1.3.0: new zone parser in Ragel (replaces zone compilation) and client utilities (kdig, khost and knsupdate).
New in 1.4.0: automatic DNSSEC signing of the managed zones.
New in 1.5.0: query modules with two new modules: "Automatic forward/reverse records" and dnstap.
New in 1.6.0: persistent timers for slave zones (expire, refresh, and flush) using LMDB.
New in 2.0.0: new YAML-based configuration, and new DNSSEC implementation using GnuTLS.
New in 2.1.0: dynamic configuration, PKCS#11 interface, and online DNSSEC signing.
New in 2.2.0: Response Rate Limiting white listing, support for URI (RFC 7553) and CAA (RFC 6844) resource record types, interactive mode for 'knotc', new control interface for the server including simple Python bindings.
New in 2.3.0: DNSSEC signing configured in server configuration, automatic NSEC3 resalting, zone operations over server control interface, TLS in kdig.
New in 2.4.0: Unified LMDB based journal, new statistics module, automatic deletion of retired DNSSEC keys.