diff --git a/NEWS b/NEWS
index 9a7ef688d535f9595243442147a375c3a78b8eed..f31fa05ae370db75e758bc63b0216c9a038fdabb 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,6 @@
Knot DNS NEWS
-1.5.0 - ?
+1.5.0-alpha - ?
---------------------
Features:
* Split libknot DNS library
diff --git a/configure.ac b/configure.ac
index 69457ce3cc8c41714745a66fc114a0fc42e4d939..ce6d58826f9251df54b49044aec31c9e1eef6717 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8,9 +8,18 @@ AC_CONFIG_SRCDIR([src/knot/main.c])
AC_CONFIG_HEADERS([src/config.h])
AC_CONFIG_MACRO_DIR([m4])
AC_USE_SYSTEM_EXTENSIONS([_GNU_SOURCE])
+AC_CANONICAL_HOST
# Automatically update release date based on configure.ac date
-release_date=`doc/mdate-sh configure.ac`
+case "$host_os" in
+linux*)
+ release_date=`date +"%Y-%m-%d" -r configure.ac`
+ ;;
+*)
+ tmstamp=`stat -f %m configure.ac`
+ release_date=`date -r $tmstamp +"%Y-%m-%d"`
+ ;;
+esac
AC_SUBST([RELEASE_DATE], $release_date)
# Set compiler compatibility flags
@@ -383,21 +392,25 @@ AC_CONFIG_FILES([Makefile
])
AC_OUTPUT
-
-echo "
- Version: ${PACKAGE_VERSION}
- Prefix: ${prefix}
- Run dir: ${run_dir}
- Storage dir: ${storage_dir}
- Config dir: ${config_dir}
- Compiler: ${CC}
- CFlags: ${CFLAGS} ${CPPFLAGS}
- LDFlags: ${LDFLAGS}
- Libs: ${LIBS}
- Fast zone parser: ${enable_fastparser}
- Utils with IDN: ${libidn}
- Systemd notifications: ${enable_systemd}
- Dnstap support: ${opt_dnstap}
- Code coverage: ${enable_code_coverage}
-
- Continue with 'make' command"
+AC_MSG_RESULT([
+ $PACKAGE $VERSION
+
+ Target: $host_os $host_cpu
+ Compiler: ${CC}
+ CFlags: ${CFLAGS} ${CPPFLAGS}
+ LDFlags: ${LDFLAGS}
+ Libs: ${LIBS}
+
+ Prefix: ${prefix}
+ Run dir: ${run_dir}
+ Storage dir: ${storage_dir}
+ Config dir: ${config_dir}
+
+ Fast zone parser: ${enable_fastparser}
+ Utilities with IDN: ${libidn}
+ Systemd notifications: ${enable_systemd}
+ Dnstap support: ${opt_dnstap}
+ Code coverage: ${enable_code_coverage}
+
+ Continue with 'make' command
+])
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 4810e1a4543a47f29df177a3f541085f78f81d4d..ffc9402d9ed928a9249930a801cf315d87e7be24 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -1,26 +1,35 @@
+EXTRA_DIST = \
+ configuration.rst \
+ index.rst \
+ installation.rst \
+ introduction.rst \
+ migration.rst \
+ reference.rst \
+ requirements.rst \
+ running.rst \
+ troubleshooting.rst \
+ \
+ logo.pdf \
+ logo.png
+
SPHINXBUILDDIR = _build
-ALLSPHINXOPTS = -d $(SPHINXBUILDDIR)/doctrees -D latex_paper_size=a4 $(SPHINXOPTS) .
+ALLSPHINXOPTS = -n -d $(SPHINXBUILDDIR)/doctrees -D latex_paper_size=a4 $(SPHINXOPTS) .
-.PHONY: help html dirhtml singlehtml pdf info doctest
+.PHONY: html-local singlehtml pdf-local info-local
if HAVE_SPHINXBUILD
-html:
+html-local:
$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(SPHINXBUILDDIR)/html
@echo
@echo "Build finished. The HTML pages are in $(SPHINXBUILDDIR)/html."
-dirhtml:
- $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(SPHINXBUILDDIR)/dirhtml
- @echo
- @echo "Build finished. The HTML pages are in $(SPHINXBUILDDIR)/dirhtml."
-
singlehtml:
$(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(SPHINXBUILDDIR)/singlehtml
@echo
@echo "Build finished. The HTML page is in $(SPHINXBUILDDIR)/singlehtml."
if HAVE_PDFLATEX
-pdf:
+pdf-local:
$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(SPHINXBUILDDIR)/latex
@echo "Running LaTeX files through pdflatex..."
$(MAKE) -C $(SPHINXBUILDDIR)/latex all-pdf
@@ -32,7 +41,7 @@ pdf:
endif
if HAVE_MAKEINFO
-info:
+info-local:
$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(SPHINXBUILDDIR)/texinfo
@echo "Running Texinfo files through makeinfo..."
make -C $(SPHINXBUILDDIR)/texinfo info
@@ -42,13 +51,8 @@ else
@echo "able to generate info pages."
endif
-doctest:
- $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(SPHINXBUILDDIR)/doctest
- @echo "Testing of doctests in the sources finished, look at the " \
- "results in $(SPHINXBUILDDIR)/doctest/output.txt."
-
else
-html pdf info doctest:
+html-local singlehtml pdf-local info-local:
@echo "Please install sphinx (python-sphinx) to generate Knot DNS documentation."
endif
diff --git a/doc/configuration.rst b/doc/configuration.rst
index d8bb1f2264553e449306f28601b547d72c94a19d..5b050a86182d5a0eb4ace4671de9fb72ef1560ef 100644
--- a/doc/configuration.rst
+++ b/doc/configuration.rst
@@ -21,11 +21,11 @@ which can be used as a base for your Knot DNS setup::
my_interface { address 127.0.0.1@53; }
second_int { address ::1; }
}
-
+
log {
syslog { any notice, warning, error; }
}
-
+
zones {
example.com {
file "/etc/knot/example.com";
@@ -38,14 +38,14 @@ Now let's go step by step through this minimal configuration file:
DNS will listen for incoming connections. We have defined two
interfaces: one IPv4 called ``my_interface`` explicitly listening
on port 53 and second IPv6 called ``second_int`` also listening on
- port 53, which is the default port for the DNS. See @ref{interfaces}.
+ port 53, which is the default port for the DNS. See :ref:`interfaces`.
* The ``log`` statement defines the log facilities for Knot DNS.
In this example we told Knot DNS to send its log messages with the severities
``debug``, ``warning`` and ``notice`` into the syslog.
If you omit this sections, all severities will printed to
either ``stdout`` or ``stderr``, and the severities
from the ``warning`` and more serious to syslog. You can find all
- possible combinations in the @ref{log}.
+ possible combinations in the :ref:`log`.
* The ``zones`` statement is probably the most important one,
because it defines the zones that Knot DNS will serve. In its most simple
form you can define a zone by its name and zone file.
@@ -60,14 +60,12 @@ it as the zone master. If ``update-in`` is set and zone has a master,
any accepted DNS UPDATE will be forwarded to master. Also note that
you need to explicitly allow incoming NOTIFY, otherwise the daemon
would reject them. Also, you can specify paths, relative to the
-storage directory. See @ref{zones} and @ref{storage}. If the zone
+storage directory. See :ref:`zones` and :ref:`storage`. If the zone
file doesn't exist and ``xfr-in`` is set, it will be bootstrapped over
-AXFR.
-
-::
+AXFR::
remotes {
- master { address 127.0.0.1@@53; }
+ master { address 127.0.0.1@53; }
subnet1 { address 192.168.1.0/24; }
}
@@ -84,15 +82,13 @@ AXFR.
You can also use TSIG for access control. For this, you need to configure a TSIG key
and assign it to a remote. Supported algorithms for TSIG key are:
| ``hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, hmac-sha512``
-Key secret is written in a base64 encoded format. See @ref{keys}.
-
-::
+Key secret is written in a base64 encoded format. See :ref:`keys`::
keys {
key0 hmac-md5 "Wg=="; # keyname algorithm secret
}
remotes {
- master { address 127.0.0.1@@53; key key0; }
+ master { address 127.0.0.1@53; key key0; }
}
zones {
example.com {
@@ -107,12 +103,10 @@ As of now it is not possible to associate multiple keys with a remote.
Master configuration
====================
-You can specify which remotes to allow for outgoing XFR and NOTIFY ``zones``.
-
-::
+You can specify which remotes to allow for outgoing XFR and NOTIFY ``zones``::
remotes {
- slave { address 127.0.0.1@@53; }
+ slave { address 127.0.0.1@53; }
any { address 0.0.0.0/0; }
subnet1 { address 192.168.1.0/8; }
subnet2 { address 192.168.2.0/8; }
@@ -125,11 +119,9 @@ You can specify which remotes to allow for outgoing XFR and NOTIFY ``zones``.
update-in subnet1; # only allow DNS UPDATE from subnet1
}
}
- @end example
-
- You can also secure outgoing XFRs with TSIG.
-
- @example
+
+You can also secure outgoing XFRs with TSIG::
+
keys {
key0 hmac-md5 "Wg=="; # keyname algorithm secret
}
@@ -148,13 +140,11 @@ Configuring multiple interfaces
Knot DNS support binding to multiple available interfaces in the
``interfaces`` section. You can also use the special addresses for
-"any address" like ``0.0.0.0`` or ``[::]``.
-
-::
+"any address" like ``0.0.0.0`` or ``[::]``::
interfaces {
- if1 { address 192.168.1.2@@53; }
- anyv6 { address [::]@@53; }
+ if1 { address 192.168.1.2@53; }
+ anyv6 { address [::]@53; }
}
Using DNS UPDATE
@@ -193,15 +183,15 @@ susceptible to replay attack in a short timeframe.
Example configuration::
control {
- listen-on { address 127.0.0.1@@5533; }
+ listen-on { address 127.0.0.1@5533; }
}
Enabling zone semantic checks
=============================
You can turn on more detailed semantic checks of zone file in this
-``zones`` statement (@pxref{zones}). Refer to @ref{zones List of zone
-semantic checks} to see which checks are enabled by default and which
+``zones`` statement :ref:`zones`. Refer to :ref:`zones List of zone
+semantic checks` to see which checks are enabled by default and which
are optional.
Creating IXFR differences from zone file changes
@@ -209,9 +199,9 @@ Creating IXFR differences from zone file changes
If Knot is being run as a master server, feature
``ixfr-from-differences`` can be enabled to create IXFR differences
-from changes made to the master zone file. See @ref{Controlling
-running daemon} for more information. For more about ``zones``
-statement see @ref{zones}.
+from changes made to the master zone file. See :ref:`Controlling
+running daemon` for more information. For more about ``zones``
+statement see :ref:`zones`.
Using Response Rate Limiting
============================
@@ -225,14 +215,14 @@ potentially flooding the victim with a large unsolicited DNS
responses.
As of Knot DNS version 1.2.0, RRL is compiled in, but disabled by
-default. You can enable it with the @ref{rate-limit} option in the
-@ref{system} section. Setting to a value greater than ``0`` means
+default. You can enable it with the :ref:`rate-limit` option in the
+:ref:`system` section. Setting to a value greater than ``0`` means
that every flow is allowed N responses per second, (i.e. ``rate-limit
50;`` means ``50`` responses per second). It is also possible to
configure SLIP interval, which causes every Nth blocked response to be
slipped as a truncated response. Not that some error responses cannot
be truncated and are slipped as-is. For more information, refer to
-@ref{rate-limit-slip}. It is advisable to not set slip interval to a
+:ref:`rate-limit-slip`. It is advisable to not set slip interval to a
value larger than 1.
Example configuration::
@@ -255,21 +245,19 @@ Example configuration
---------------------
The example configuration enables automatic signing for all zones
-using @ref{dnssec-enable} option in the ``zones`` section, but the
+using :ref:`dnssec-enable` option in the ``zones`` section, but the
signing is explicitly disabled for zone ``example.dev`` using the same
option directly in zone configuration. The location of directory with
-signing keys is set globally by option @ref{dnssec-keydir}.
-
-::
+signing keys is set globally by option :ref:`dnssec-keydir`::
zones {
dnssec-enable on;
dnssec-keydir "/var/lib/knot/keys";
-
+
example.com {
file "example.com.zone";
}
-
+
example.dev {
file "example.dev.zone";
dnssec-enable off;
@@ -307,7 +295,7 @@ Currently the signing policy is not configurable, except for signature
lifetime.
* Signature lifetime can be set in configuration globally for all
- zones and for each zone in particular. @xref{signature-lifetime}. If
+ zones and for each zone in particular. :ref:`signature-lifetime`. If
not set, the default value is 30 days.
* Signature is refreshed 2 hours before expiration. The signature
lifetime must thus be set to more than 2 hours.
@@ -358,7 +346,7 @@ extend it or even change it altogether.
it will not be discussed here.
The general syntax for importing a query module is described in the
-@ref{query_module} configuration reference. Basically, each module is
+:ref:`query_module` configuration reference. Basically, each module is
described by a name and a configuration string. Below is a list of
modules and configuration string reference.
@@ -366,42 +354,42 @@ modules and configuration string reference.
----------------------------------------------------
This module is able to synthetise either forward or reverse records for given prefix and subnet.
-The module configuration string looks like this: @code{(forward|reverse) <prefix> <ttl> <address>/<netblock>}.
+The module configuration string looks like this: ``(forward|reverse) <prefix> <ttl> <address>/<netblock>``.
Records are synthetised only if the query can't be satisfied from the zone. Both IPv4 and IPv6 are supported.
-@emph{Note: 'prefix' doesn't allow dots, address parts in the synthetic names are separated with a dash.}
+*Note: 'prefix' doesn't allow dots, address parts in the synthetic names are separated with a dash.*
Here are a few examples:
-@emph{Note: long names are snipped for readability.}
+*Note: long names are snipped for readability.*
-@subsubsection Automatic forward records
+Automatic forward records
+-------------------------
-@code{synth_record "forward dynamic- 400 2620:0:b61::/52"} on @code{example.} zone will result in following
+``synth_record "forward dynamic- 400 2620:0:b61::/52"`` on ``example.`` zone will result in following
answer::
$ kdig AAAA dynamic-2620-0000-0b61-0100-0000-0000-0000-0000.example.
...
;; QUESTION SECTION:
;; dynamic-2620-0000-0b61-0100-0000-0000-0000-0000.example. 0 IN AAAA
-
+
;; ANSWER SECTION:
dynamic-2620-0000-0b61-0100... 400 IN AAAA 2620:0:b61:100::
- @end example
-
- You can also have CNAME aliases to the dynamic records, which are going to be further resoluted.
- @example
+
+You can also have CNAME aliases to the dynamic records, which are going to be further resoluted::
+
$ kdig AAAA hostalias.example.
...
;; QUESTION SECTION:
;hostalias.example. 0 IN AAAA
-
+
;; ANSWER SECTION:
hostalias.example. 3600 IN CNAME dynamic-2620-0000-0b61-0100...
dynamic-2620-0000-0b61-0100... 400 IN AAAA 2620:0:b61:100::
Automatic reverse records
-------------------------
-
+
Module can be configured to synthetise reverse records as well. With
the ``synth_record "reverse dynamic- example. 400 2620:0:b61::/52"``
string in the ``1.6.b.0.0.0.0.0.0.2.6.2.ip6.arpa.`` zone
@@ -411,13 +399,11 @@ configuration::
...
;; QUESTION SECTION:
;; 1.0.0...1.6.b.0.0.0.0.0.0.2.6.2.ip6.arpa. 0 IN PTR
-
+
;; ANSWER SECTION:
... 400 IN PTR dynamic-2620-0000-0b61-0000-0000-0000-0000-0001.example.
-Here's a full configuration of the aforementioned zones. Note that the zone files have to exist.
-
-::
+Here's a full configuration of the aforementioned zones. Note that the zone files have to exist::
example. {
query_module {
@@ -435,10 +421,10 @@ Here's a full configuration of the aforementioned zones. Note that the zone file
synth_record "reverse dynamic- example. 400 2620:0:b61::/52";
}
}
-
+
Limitations
^^^^^^^^^^^
-
+
* As of now, there is no authenticated denial of nonexistence (neither
NSEC or NSEC3 is supported) nor DNSSEC signed records. However,
since the module is hooked in the query processing plan, it will be
diff --git a/doc/installation.rst b/doc/installation.rst
index b968cfb2f9f289ad4e398f66c3946796fe709c1b..2dff7fe2ef111043b391933f6646e7dfc34cb3df 100644
--- a/doc/installation.rst
+++ b/doc/installation.rst
@@ -109,7 +109,7 @@ For example::
$ ./configure --enable-debug=server,packet --enable-debuglevel=brief
$ ./configure --enable-debug=server,packet --enable-debuglevel=verbose
-For more detailed information, see @ref{Debug messages}. ##TODO
+For more detailed information, see :ref:`Debug messages`. ##TODO
In most simple case you can just run configure without any options::
@@ -213,7 +213,7 @@ a following command as the root user::
Using official distribution repository is highly recommended, however you may
want to run ``Knot DNS`` on older releases of Fedora. In this case you can
-set up an unofficial repository by creating @file{/etc/yum.repos.d/knot.conf}
+set up an unofficial repository by creating :file:`/etc/yum.repos.d/knot.conf`
file with the following content::
[knot]
@@ -229,7 +229,7 @@ builds for i686 and x86_64 architecture.
When upgrading to Fedora 18 or higher, backup the configuration and
switch to the latest package provided in the official repository by running the
-following command as the root user:
+following command as the root user::
# yum distro-sync knot
diff --git a/doc/introduction.rst b/doc/introduction.rst
index d19ffbdb565ab60bc29623715925cc7b7c7a15ad..b521a50e93bfca98f679b5da1f48030391da4940 100644
--- a/doc/introduction.rst
+++ b/doc/introduction.rst
@@ -44,7 +44,7 @@ Git repository browser: `gitlab.labs.nic.cz/knot/tree/master <https://gitlab.lab
Knot DNS issue tracker: `gitlab.labs.nic.cz/knot/issues <https://gitlab.labs.nic.cz/knot/issues>`_
-Knot DNS users mailing list: `knot-dns-users@lists.nic.cz <mailto:knot-dns-users@@lists.nic.cz>`_
+Knot DNS users mailing list: `knot-dns-users@lists.nic.cz <mailto:knot-dns-users@lists.nic.cz>`_
Scope of this document
----------------------
diff --git a/doc/knot.texi b/doc/knot.texi
deleted file mode 100644
index 4c37184a88b7090ad6b8e8cec8f6c49b7fb6264b..0000000000000000000000000000000000000000
--- a/doc/knot.texi
+++ /dev/null
@@ -1,251 +0,0 @@
-\input texinfo @c -*-texinfo-*-
-@setfilename knot.info
-@include version.texi
-@documentencoding UTF-8
-@settitle Knot DNS @value{VERSION}
-
-@paragraphindent 0
-
-@defindex st
-@syncodeindex vr st
-
-@copying
-This manual is for Knot DNS (version @value{VERSION}, @value{UPDATED}),
-which is a high-performance authoritative-only DNS server.
-
-Copyright @copyright{} 2012 CZ.NIC, z.s.p.o.
-
-@quotation
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program. If not, see <http://www.gnu.org/licenses/>.
-@end quotation
-@end copying
-
-@dircategory Internet-application/server
-@direntry
-* Knot DNS: (Knot DNS) An authoritative-only DNS server
-@end direntry
-
-@titlepage
-@title Knot DNS Reference Manual
-@subtitle for version @value{VERSION}, @value{UPDATED}
-@author Jan Kadlec (@email{jan.kadlec@@nic.cz})
-@author Daniel Salzman (@email{daniel.salzman@@nic.cz})
-@author Lubos Slovak (@email{lubos.slovak@@nic.cz})
-@author Ondrej Sury (@email{ondrej@@sury.org})
-@author Marek Vavrusa (@email{marek.vavrusa@@nic.cz})
-@author Jan Vcelak (@email{jan.vcelak@@nic.cz})
-@page
-@vskip 0pt plus 1filll
-@insertcopying
-@end titlepage
-
-@contents
-
-@ifnottex
-@node Top, Introduction, (dir), (dir)
-@top Knot DNS
-
-This manual is for Knot DNS (version @value{VERSION}, @value{UPDATED}).
-@end ifnottex
-
-@menu
-* Introduction::
-* Knot DNS Resource Requirements::
-* Knot DNS Installation::
-* Knot DNS Configuration::
-* Running Knot DNS::
-* Troubleshooting::
-* Statement Index::
-* Knot DNS Configuration Reference::
-* Migration from other DNS servers::
-
-@detailmenu
- --- The Detailed Node Listing ---
-
-Introduction
-
-* What is Knot DNS::
-* Knot DNS features::
-* Scope of this document::
-
-Knot DNS Resource Requirements
-
-* Hardware requirements::
-* CPU requirements::
-* Memory requirements::
-* Supported operating system::
-
-Knot DNS Installation
-
-* Required build environment::
-* Required libraries::
-* Installation from the sources::
-* Installation from packages::
-
-Required libraries
-
-* Userspace RCU::
-
-Installation from the sources
-
-* Configuring and generating Makefiles::
-* Compilation::
-* Installation::
-
-Installation from packages
-
-* Installing Knot DNS packages on Debian::
-* Installing Knot DNS packages on Ubuntu::
-* Installing Knot DNS packages on Fedora::
-* Installing Knot DNS from ports on FreeBSD::
-
-Installing Knot DNS packages on Ubuntu
-
-* Adding official PPA repository for Knot DNS::
-
-Knot DNS Configuration
-
-* Minimal configuration::
-* Slave configuration::
-* Master configuration::
-* Configuring multiple interfaces::
-
-Sample Configurations
-
-* Minimal configuration::
-* Slave configuration::
-* Master configuration::
-* Configuring multiple interfaces::
-* Enabling zone semantic checks::
-* Creating IXFR differences from zone file changes::
-
-Running Knot DNS
-
-* Running a slave server::
-* Running a master server::
-* Controlling running daemon::
-
-Troubleshooting
-
-* Submitting a bugreport::
-* Generating backtrace::
-* Debug messages::
-
-Debug messages
-
-* Enabling debug messages in server::
-
-Enabling debug messages in server
-
-* Example::
-
-Knot DNS Configuration Reference
-
-* system::
-* keys::
-* interfaces::
-* remotes::
-* groups::
-* zones::
-* log::
-* include::
-
-@code{system} Statement
-
-* system Syntax::
-* system Statement Definition and Usage::
-* system Example::
-
-Statement Definition and Usage
-
-* identity::
-* version::
-* nsid::
-* storage::
-* rundir::
-* pidfile::
-* workers::
-* user::
-* max-conn-idle::
-* max-conn-handshake::
-* max-conn-reply::
-* rate-limit::
-* rate-limit-size::
-* rate-limit-slip::
-
-@code{keys} Statement
-
-* keys Syntax::
-* keys Statement Definition and Usage::
-* Example::
-
-Statement Definition and Usage
-
-* key_id::
-
-interfaces
-
-* interfaces Syntax::
-* interfaces Statement Definition and Usage::
-* interfaces Examples::
-
-Statement Definition and Usage
-
-* interface_id::
-
-@code{remotes} Statement
-
-* remotes Syntax::
-* remotes Statement Definition and Grammar::
-
-@code{groups} Statement
-
-* groups Syntax::
-* groups Statement Definition and Grammar::
-
-@code{zones} Statement
-
-* zones Syntax::
-* zones Statement Definition and Grammar::
-* zones List of zone semantic checks::
-
-@code{log} Statement
-
-* log Syntax::
-* log Statement Definition and Grammar::
-
-@code{include} Statement
-
-* include Syntax::
-
-@end detailmenu
-@end menu
-
-@c main chapters
-
-@include introduction.texi
-@include requirements.texi
-@include installation.texi
-@include configuration.texi
-@include running.texi
-@include troubleshooting.texi
-
-@c indices
-@include indices.texi
-
-@c appendixes
-@include reference.texi
-@include migration.texi
-
-@bye
diff --git a/doc/migration.rst b/doc/migration.rst
index 4a665532c28295fca5fc83dc82ae8de205a6fe02..1eb415be37fa70e90b787fab8694438555eed688 100644
--- a/doc/migration.rst
+++ b/doc/migration.rst
@@ -21,7 +21,7 @@ generated by Bind.
1. To obtain current content of the zone which is being migrated,
request Bind to flush the zone into the zone file: ``rndc flush
example.com``.
-
+
Note: If dynamic updates (DDNS) are enabled for the given zone, you
might need to freeze the zone before flushing it. That can be done
similarly: ``rndc freeze example.com``
diff --git a/doc/reference.rst b/doc/reference.rst
index 0d1de3b74d528a4d043f43eac9a6a023f1dbe2db..12440c5c6cc1856b6e8ec62f5ede152b49583b6c 100644
--- a/doc/reference.rst
+++ b/doc/reference.rst
@@ -39,7 +39,7 @@ else.
[ rate-limit-slip integer; ]
[ max-udp-payload integer; ]
}
-
+
.. _system Statement Definition and Usage:
``system`` Statement Definition and Usage
@@ -270,7 +270,7 @@ system Example
user knot.knot;
max-udp-payload 4096;
}
-
+
.. _keys:
``keys`` Statement
@@ -347,8 +347,8 @@ keys Example
.. _interfaces:
-interfaces Statement
-====================
+``interfaces`` Statement
+========================
The ``interfaces`` statement contains IP interfaces where Knot DNS
listens for incoming queries.
@@ -398,9 +398,9 @@ Long form::
}
Short form::
-
+
interfaces {
- my_second_ip { address 198.51.100.1@@53; }
+ my_second_ip { address 198.51.100.1@53; }
}
Short form without port (defaults to 53)::
@@ -437,7 +437,7 @@ different zone.
[ via [ interface_id | ip_address ]; ]
}
)
- [ remote_id @dots{}; @dots{}; ]
+ [ remote_id ...; ...; ]
}
.. _remotes Statement Definition and Grammar:
@@ -501,10 +501,10 @@ with this ``remote``. This section is optional.
# via 82.35.64.59; # direct IPv4
# via [::cafe]; # direct IPv6
}
-
+
# Short form:
server1 {
- address 127.0.0.1@@53001;
+ address 127.0.0.1@53001;
}
}
@@ -572,11 +572,11 @@ specified in :ref:`remotes` section.
# ...
}
}
-
+
groups {
admins { alice, bob }
}
-
+
# example usage:
control {
# ...
@@ -603,10 +603,10 @@ default UNIX sockets.
control {
[ listen-on {
- ( address ip_address[@@port_number] |
+ ( address ip_address[@port_number] |
{ address ip_address; [ port port_number; ] } )
} ]
- [ allow remote_id [, remote_id, @dots{} ]; ]
+ [ allow remote_id [, remote_id, ... ]; ]
}
.. _control Statement Definition and Grammar:
@@ -664,16 +664,16 @@ The ``zones`` statement contains definition of zones served by Knot DNS.
[ zone_options ]
zone_id {
file "string";
- [ xfr-in remote_id [, remote_id, @dots{} ]; ]
- [ xfr-out remote_id [, remote_id, @dots{} ]; ]
- [ notify-in remote_id [, remote_id, @dots{} ]; ]
- [ notify-out remote_id [, remote_id, @dots{} ]; ]
- [ update-in remote_id [, remote_id, @dots{} ]; ]
- [ query_module { module_name "string"; [ module_name "string"; @dots{} ] } ]
+ [ xfr-in remote_id [, remote_id, ... ]; ]
+ [ xfr-out remote_id [, remote_id, ... ]; ]
+ [ notify-in remote_id [, remote_id, ... ]; ]
+ [ notify-out remote_id [, remote_id, ... ]; ]
+ [ update-in remote_id [, remote_id, ... ]; ]
+ [ query_module { module_name "string"; [ module_name "string"; ... ] } ]
[ zone_options ]
}
}
-
+
zone_options :=
[ storage "string"; ]
[ semantic-checks boolean; ]
@@ -701,7 +701,7 @@ The ``zones`` statement contains definition of zones served by Knot DNS.
``zone_id`` is a zone origin, and as such is a domain name that may or
may not end with a ".". If no $ORIGIN directive is found inside
-actual zone file, this domain name will be used in place of "@@". SOA
+actual zone file, this domain name will be used in place of "@". SOA
record in the zone must have this name as its owner.
.. _file:
@@ -858,9 +858,9 @@ but zone file on a disk will only be synced after ``zonefile-sync``
time has expired (or synced manually via ``knotc flush`` - see
:ref:`Running Knot DNS`). This is applicable when the zone is updated
via IXFR, DDNS or automatic DNSSEC signing. Possible values are 0 to
-INT_MAX, optionally suffixed by unit size (s/m/h/d) - @emph{1s} is one
-second, @emph{1m} one minute, @emph{1h} one hour and @emph{1d} one day
-with default value set to @emph{0s}.
+INT_MAX, optionally suffixed by unit size (s/m/h/d) - *1s* is one
+second, *1m* one minute, *1h* one hour and *1d* one day
+with default value set to *0s*.
*Important note:* If you are serving large zones with frequent
updates where the immediate sync to zone file is not desirable, set
@@ -941,7 +941,7 @@ Default value: ``increment``
::
zones {
-
+
# Shared options for all listed zones
storage "/var/lib/knot";
ixfr-from-differences off;
@@ -984,7 +984,7 @@ The ``semantic-checks`` statement turns on extra zone file semantic
checks. Several checks are enabled by default and cannot be turned
off. If an error is found using these mandatory checks, the zone file
will not be loaded. Upon loading a zone file, occurred errors and
-counts of their occurrence will be logged to @emph{stderr}. These
+counts of their occurrence will be logged to *stderr*. These
checks are the following:
* An extra record together with CNAME record (except for RRSIG and DS)
@@ -1028,10 +1028,10 @@ an error:
log {
[ log_name {
- [ category severity [, severity @dots{} ]; ]
+ [ category severity [, severity ... ]; ]
} ]
[ log_file filename {
- [ category severity [, severity @dots{} ]; ]
+ [ category severity [, severity ... ]; ]
} ]
}
@@ -1106,17 +1106,17 @@ log Example
::
log {
-
+
syslog {
any error;
zone warning, notice;
server info;
}
-
+
stderr {
any error, warning;
}
-
+
file "/tmp/knot-sample/knotd.debug" {
server debug;
}
@@ -1152,7 +1152,7 @@ configuration file currently being processed.
::
include "keys.conf";
-
+
remotes {
ctl {
address 127.0.0.1;
@@ -1160,5 +1160,5 @@ configuration file currently being processed.
}
include "remotes.conf";
}
-
+
include "zones";
diff --git a/doc/troubleshooting.rst b/doc/troubleshooting.rst
index 7f4847cdef4c9119d09620a76c15fe8e6401cfc3..57cb54627ff7f1e702a7b95b5424eecce9b18b8f 100644
--- a/doc/troubleshooting.rst
+++ b/doc/troubleshooting.rst
@@ -14,7 +14,7 @@ Submitting a bugreport
If you are unable to solve the problem by yourselves, you can submit a
bugreport to the Knot DNS team. For security issues (e.g. crash) do
not use the public mailinglist. Instead, write to
-`knot-dns@labs.nic.cz <mailto:knot-dns@@labs.nic.cz>`_. All other bugs
+`knot-dns@labs.nic.cz <mailto:knot-dns@labs.nic.cz>`_. All other bugs
and questions may be directed to the Knot DNS users mailinglist
(`knot-dns-users@lists.nic.cz <mailto:knot-dns-users@lists.nic.cz>`_).
diff --git a/man/Makefile.am b/man/Makefile.am
index 8b9d5cb7b7d6001e91e3ed61507cd08f11643034..89f81950ba85931fb24a031740000d1571e884a7 100644
--- a/man/Makefile.am
+++ b/man/Makefile.am
@@ -1,2 +1,5 @@
MANPAGES = knot.conf.5 knotc.8 knotd.8 kdig.1 khost.1 knsupdate.1 knsec3hash.1
dist_man_MANS = $(MANPAGES)
+
+clean-local:
+ -rm *.1 *.5 *.8
diff --git a/man/knsec3hash.1.in b/man/knsec3hash.1.in
index 8f3ca808c615b6c763aeaaa16857f4fb99b39445..866cf70a6ab5505f6dcc602b7c6dd41f6a5e980e 100644
--- a/man/knsec3hash.1.in
+++ b/man/knsec3hash.1.in
@@ -1,4 +1,4 @@
-.TH "knsec3hash" "1" "June 2013" "CZ.NIC Labs" "Knot DNS, version @VERSION@"
+.TH "knsec3hash" "1" "@RELEASE_DATE@" "CZ.NIC Labs" "Knot DNS, version @VERSION@"
.SH NAME
.B knsec3hash
\- Simple utility to compute NSEC3 hash (libknot equivalent of ISC nsec3hash)
diff --git a/src/knot/server/net.c b/src/knot/server/net.c
index b3054d08666db51b0f166d4040263ebc9bb6283e..a55cb89d7433c743548254b1eacea93dee8845b7 100644
--- a/src/knot/server/net.c
+++ b/src/knot/server/net.c
@@ -81,6 +81,11 @@ int net_bound_socket(int type, struct sockaddr_storage *ss)
int flag = 1;
(void) setsockopt(socket, SOL_SOCKET, SO_REUSEADDR, &flag, sizeof(flag));
+ /* Reuse port if available. */
+#if defined(SO_REUSEPORT)
+ (void) setsockopt(socket, SOL_SOCKET, SO_REUSEPORT, &flag, sizeof(flag));
+#endif
+
/* Unlink UNIX socket if exists. */
if (ss->ss_family == AF_UNIX) {
unlink(addr_str);
diff --git a/src/knot/server/server.c b/src/knot/server/server.c
index 3f9858f19ae774e17012599465d58565cfe66455..4546c8b77a43e37e29c68bb73c261cadacc58a2f 100644
--- a/src/knot/server/server.c
+++ b/src/knot/server/server.c
@@ -118,12 +118,16 @@ static int server_init_iface(iface_t *new_if, conf_iface_t *cfg_if)
char addr_str[SOCKADDR_STRLEN] = {0};
sockaddr_tostr(&cfg_if->addr, addr_str, sizeof(addr_str));
+#if defined(SO_REUSEPORT)
+ /* Each thread binds own socket. */
+ int sock = -1;
+#else
/* Create bound UDP socket. */
int sock = net_bound_socket(SOCK_DGRAM, &cfg_if->addr);
if (sock < 0) {
return sock;
}
-
+#endif
new_if->fd[IO_UDP] = sock;
/* Create bound TCP socket. */
diff --git a/src/knot/server/udp-handler.c b/src/knot/server/udp-handler.c
index b4f9a5a83e466765223ada0e54dfcf6327c4011b..9223368b04e148119469d86d4ea6c2c3241ee60f 100644
--- a/src/knot/server/udp-handler.c
+++ b/src/knot/server/udp-handler.c
@@ -451,6 +451,30 @@ void __attribute__ ((constructor)) udp_master_init()
#endif /* HAVE_RECVMMSG */
}
+static void unbind_ifaces(ifacelist_t *ifaces, fd_set *set, int maxfd)
+{
+ ref_release((ref_t *)ifaces);
+#if defined(SO_REUSEPORT)
+ for (int fd = 0; fd <= maxfd; ++fd) {
+ if (FD_ISSET(fd, set)) {
+ close(fd);
+ }
+ }
+#endif
+ FD_ZERO(set);
+}
+
+static int bind_iface(iface_t *iface, fd_set *set)
+{
+#if defined(SO_REUSEPORT)
+ int fd = net_bound_socket(SOCK_DGRAM, &iface->addr);
+#else
+ int fd = iface->fd[IO_UDP];
+#endif
+ FD_SET(fd, set);
+ return fd;
+}
+
int udp_master(dthread_t *thread)
{
unsigned cpu = dt_online_cpus();
@@ -506,13 +530,14 @@ int udp_master(dthread_t *thread)
FD_ZERO(&fds);
rcu_read_lock();
- ref_release((ref_t *)ref);
+ unbind_ifaces(ref, &fds, maxfd);
+ maxfd = 0;
+ minfd = INT_MAX;
ref = handler->server->ifaces;
if (ref) {
iface_t *i = NULL;
WALK_LIST(i, ref->l) {
- int fd = i->fd[IO_UDP];
- FD_SET(fd, &fds);
+ int fd = bind_iface(i, &fds);
maxfd = MAX(fd, maxfd);
minfd = MIN(fd, minfd);
}
@@ -548,7 +573,7 @@ int udp_master(dthread_t *thread)
}
_udp_deinit(rq);
- ref_release((ref_t *)ref);
+ unbind_ifaces(ref, &fds, maxfd);
mp_delete(udp.query_ctx.mm.ctx);
return KNOT_EOK;
}