From f449f278dd3c70e479a035f50a9bb817a9b433ba Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 17:24:08 +0200 Subject: Adding upstream version 3.2.6. Signed-off-by: Daniel Baumann --- doc/requirements.rst | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 doc/requirements.rst (limited to 'doc/requirements.rst') diff --git a/doc/requirements.rst b/doc/requirements.rst new file mode 100644 index 0000000..ed114b8 --- /dev/null +++ b/doc/requirements.rst @@ -0,0 +1,115 @@ +.. highlight:: none +.. _Requirements: + +************ +Requirements +************ + +Hardware +======== + +Knot DNS requirements are not very demanding for typical +installations, and a commodity server or a virtual solution will be +sufficient in most cases. + +However, please note that there are some scenarios that will require +administrator's attention and some testing of exact requirements before +deploying Knot DNS to a production environment. These cases include +deployment for a large number of zones (DNS hosting), large number +of records in one or more zones (TLD), or large number of requests. + +CPU requirements +---------------- + +The server scales with processing power and also with the number of +available cores/CPUs. Enabling Hyper-threading is convenient if supported. + +There is no lower bound on the CPU requirements, but it should support +memory barriers and atomic instructions (i586 and newer). + +Network card +------------ + +The best results have been achieved with multi-queue network cards. The +number of multi-queues should equal the total number of CPU cores (with +Hyper-threading enabled). + +Memory requirements +------------------- + +The server implementation focuses on performance and thus can be quite +memory demanding. The rough estimate for memory requirements is +3 times the size of the zone in the plain-text format. Again this is only +an estimate and you are advised to do your own measurements before +deploying Knot DNS to production. + +.. NOTE:: + To ensure uninterrupted serving of the zone, Knot DNS + employs the Read-Copy-Update mechanism instead of locking and thus + requires twice the amount of memory for the duration of incoming + transfers. + +Operating system +================ + +Knot DNS itself is written in a portable way and can be compiled +and run on most UNIX-like systems, such as Linux, \*BSD, and macOS. + +Required libraries +================== + +Knot DNS requires a few libraries to be available: + +* libedit +* gnutls >= 3.3 +* liburcu >= 0.5.4 +* lmdb >= 0.9.15 + +.. NOTE:: + The LMDB library is included with Knot DNS source code. However, linking + with the system library is preferred. + +Optional libraries +================== + +International Domain Names support (IDNA2008 or IDNA2003) in :doc:`kdig`: + +* libidn2 (or libidn) + +Systemd's startup notification mechanism and journald logging: + +* libsystemd + +Dnstap support in :doc:`kdig` or module :ref:`dnstap`: + +* fstrm (and protobuf-c if building from source code) + +Linux :manpage:`capabilities(7)` support, which allows the server to be started +as a non-root user/group, binding to privileged ports (53), and giving up all +its capabilities, resulting in a completely unprivileged process: + +* libcap-ng >= 0.6.4 + +MaxMind database for **geodb** support in module :ref:`geoip`: + +* libmaxminddb0 + +DNS-over-HTTPS (DoH) support in :doc:`kdig`: + +* libnghttp2 + +The :ref:`XDP functionality ` and :doc:`kxdpgun ` +tool. These are only supported on Linux operating systems. See the chapter +:ref:`Mode XDP ` for software and hardware +recommendations. + +* libbpf >= 0.0.6 (or embedded one via `--enable-xdp`) +* libxdp (if libbpf >= 1.0) +* libmnl (for kxdpgun) + +DNS-over-QUIC (DoQ) support in :doc:`knotd`, :doc:`kxdpgun`, +and :doc:`kdig`: + +* libngtcp2 >= 0.13.0 (or embedded one via `--enable-quic`) +* gnutls >= 3.7.2 +* :ref:`Mode XDP` (for knotd and kxdpgun) -- cgit v1.2.3