diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:26:00 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:26:00 +0000 |
commit | 830407e88f9d40d954356c3754f2647f91d5c06a (patch) | |
tree | d6a0ece6feea91f3c656166dbaa884ef8a29740e /doc/config-network.rst | |
parent | Initial commit. (diff) | |
download | knot-resolver-830407e88f9d40d954356c3754f2647f91d5c06a.tar.xz knot-resolver-830407e88f9d40d954356c3754f2647f91d5c06a.zip |
Adding upstream version 5.6.0.upstream/5.6.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | doc/config-network.rst | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/doc/config-network.rst b/doc/config-network.rst new file mode 100644 index 0000000..2faac0e --- /dev/null +++ b/doc/config-network.rst @@ -0,0 +1,64 @@ +.. SPDX-License-Identifier: GPL-3.0-or-later + +.. _network-configuration: + +************************ +Networking and protocols +************************ + +This section describes configuration of network interfaces +and protocols. Please keep in mind that DNS resolvers act +as *DNS server* and *DNS client* at the same time, +and that these roles require different configuration. + +This picture illustrates different actors involved DNS resolution process, +supported protocols, and clarifies what we call *server configuration* +and *client configuration*. + +.. image:: server_terminology.svg + +*Attribution: Icons by Bernar Novalyi from the Noun Project* + +For *resolver's clients* the resolver itself acts as a DNS server. + +After receiving a query the resolver will attempt to find +answer in its cache. If the data requested by resolver's +client is not available in resolver's cache (so-called *cache-miss*) +the resolver will attempt to obtain the data from servers *upstream* +(closer to the source of information), so at this point the resolver +itself acts like a DNS client and will send DNS query to other servers. + +By default the Knot Resolver works in recursive mode, i.e. +the resolver will contact authoritative servers on the Internet. +Optionally it can be configured in forwarding mode, +where cache-miss queries are *forwarded to another DNS resolver* +for processing. + +Server (communication with clients) +=================================== + +.. toctree:: + :maxdepth: 2 + + daemon-bindings-net_server + daemon-bindings-net_tlssrv + modules-http + +Client (retrieving answers from servers) +======================================== + +Following chapters describe basic configuration of how resolver retrieves data from other *(upstream)* servers. Data processing is also affected by configured policies, see chapter :ref:`policies` for more advanced usage. + +.. toctree:: + :maxdepth: 2 + + daemon-bindings-net_client + config-network-forwarding + +DNS protocol tweaks +=================== + +.. toctree:: + :maxdepth: 2 + + daemon-bindings-net_dns_tweaks |