diff --git a/Knot.files b/Knot.files
index 61b6366ec5dd5354e33291b7b78b956b9a806617..485878abdb1ee9ee0d990d86b4bd09803cb577d5 100644
--- a/Knot.files
+++ b/Knot.files
@@ -211,6 +211,7 @@ src/knot/modules/noudp/noudp.c
src/knot/modules/onlinesign/nsec_next.c
src/knot/modules/onlinesign/nsec_next.h
src/knot/modules/onlinesign/onlinesign.c
+src/knot/modules/probe/probe.c
src/knot/modules/queryacl/queryacl.c
src/knot/modules/rrl/functions.c
src/knot/modules/rrl/functions.h
@@ -387,6 +388,10 @@ src/libknot/packet/pkt.h
src/libknot/packet/rrset-wire.c
src/libknot/packet/rrset-wire.h
src/libknot/packet/wire.h
+src/libknot/probe/data.c
+src/libknot/probe/data.h
+src/libknot/probe/probe.c
+src/libknot/probe/probe.h
src/libknot/rdata.h
src/libknot/rdataset.c
src/libknot/rdataset.h
diff --git a/configure.ac b/configure.ac
index 2a13e4139a03417b3a5c2a97bd8fab6936018339..13e5d1d3149aa47fead824e8c6c4414d50224266 100644
--- a/configure.ac
+++ b/configure.ac
@@ -393,6 +393,7 @@ KNOT_MODULE([dnstap], "no")
KNOT_MODULE([geoip], "yes")
KNOT_MODULE([noudp], "yes")
KNOT_MODULE([onlinesign], "yes", "non-shareable")
+KNOT_MODULE([probe], "yes")
KNOT_MODULE([queryacl], "yes")
KNOT_MODULE([rrl], "yes")
KNOT_MODULE([stats], "yes")
diff --git a/src/knot/Makefile.inc b/src/knot/Makefile.inc
index 4075803c62d0ed99fb717edcefd83abe4bd94bb2..9d2d065d2ae393c62497fc972a7361d4f943103f 100644
--- a/src/knot/Makefile.inc
+++ b/src/knot/Makefile.inc
@@ -216,6 +216,7 @@ include $(srcdir)/knot/modules/dnstap/Makefile.inc
include $(srcdir)/knot/modules/geoip/Makefile.inc
include $(srcdir)/knot/modules/noudp/Makefile.inc
include $(srcdir)/knot/modules/onlinesign/Makefile.inc
+include $(srcdir)/knot/modules/probe/Makefile.inc
include $(srcdir)/knot/modules/queryacl/Makefile.inc
include $(srcdir)/knot/modules/rrl/Makefile.inc
include $(srcdir)/knot/modules/stats/Makefile.inc
diff --git a/src/knot/modules/probe/Makefile.inc b/src/knot/modules/probe/Makefile.inc
new file mode 100644
index 0000000000000000000000000000000000000000..db14fc4334b4089e8a796f2f6dd7b64adafdaf37
--- /dev/null
+++ b/src/knot/modules/probe/Makefile.inc
@@ -0,0 +1,12 @@
+knot_modules_probe_la_SOURCES = knot/modules/probe/probe.c
+EXTRA_DIST += knot/modules/probe/probe.rst
+
+if STATIC_MODULE_probe
+libknotd_la_SOURCES += $(knot_modules_probe_la_SOURCES)
+endif
+
+if SHARED_MODULE_probe
+knot_modules_probe_la_LDFLAGS = $(KNOTD_MOD_LDFLAGS)
+knot_modules_probe_la_CPPFLAGS = $(KNOTD_MOD_CPPFLAGS)
+pkglib_LTLIBRARIES += knot/modules/probe.la
+endif
diff --git a/src/knot/modules/probe/probe.c b/src/knot/modules/probe/probe.c
new file mode 100644
index 0000000000000000000000000000000000000000..ad6d0c179dc392c1cf38a157f6a75c0d29259921
--- /dev/null
+++ b/src/knot/modules/probe/probe.c
@@ -0,0 +1,151 @@
+/* Copyright (C) 2021 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include <stdio.h>
+
+#include "knot/conf/schema.h"
+#include "knot/include/module.h"
+#include "contrib/string.h"
+#include "libknot/libknot.h"
+
+#define MOD_PATH "\x04""path"
+#define MOD_CHANNELS "\x08""channels"
+
+const yp_item_t probe_conf[] = {
+ { MOD_PATH, YP_TSTR, YP_VNONE },
+ { MOD_CHANNELS, YP_TINT, YP_VINT = { 1, UINT16_MAX, 1 } },
+ { NULL }
+};
+
+typedef struct {
+ knot_probe_t **probes;
+ size_t probe_count;
+ char *path;
+} probe_ctx_t;
+
+static void free_probe_ctx(probe_ctx_t *ctx)
+{
+ for (int i = 0; ctx->probes != NULL && i < ctx->probe_count; ++i) {
+ knot_probe_free(ctx->probes[i]);
+ }
+ free(ctx->probes);
+ free(ctx->path);
+ free(ctx);
+}
+
+static knotd_state_t export(knotd_state_t state, knot_pkt_t *pkt,
+ knotd_qdata_t *qdata, knotd_mod_t *mod)
+{
+ assert(pkt && qdata);
+
+ probe_ctx_t *ctx = knotd_mod_ctx(mod);
+ knot_probe_t *probe = ctx->probes[qdata->params->thread_id % ctx->probe_count];
+ bool tcp = !(qdata->params->flags & KNOTD_QUERY_FLAG_LIMIT_SIZE);
+
+ // Prepare data sources.
+ struct sockaddr_storage buff;
+ const struct sockaddr_storage *local = knotd_qdata_local_addr(qdata, &buff);
+ const struct sockaddr_storage *remote = knotd_qdata_remote_addr(qdata);
+
+ knot_probe_proto_t proto = (tcp ? KNOT_PROBE_PROTO_TCP : KNOT_PROBE_PROTO_UDP);
+ const knot_pkt_t *reply = (state != KNOTD_STATE_NOOP ? pkt : NULL);
+
+ uint16_t rcode = qdata->rcode;
+ if (qdata->rcode_tsig != KNOT_RCODE_NOERROR) {
+ rcode = qdata->rcode_tsig;
+ }
+
+ // Fill out and export the data structure.
+ knot_probe_data_t d;
+ int ret = knot_probe_data_set(&d, proto, local, remote, qdata->query, reply, rcode);
+ if (ret == KNOT_EOK) {
+ if (tcp) {
+ d.tcp_rtt = knot_probe_tcp_rtt(qdata->params->socket);
+ }
+ (void)knot_probe_produce(probe, &d, 1);
+ }
+
+ return state;
+}
+
+int probe_load(knotd_mod_t *mod)
+{
+ probe_ctx_t *ctx = calloc(1, sizeof(*ctx));
+ if (ctx == NULL) {
+ return KNOT_ENOMEM;
+ }
+
+ knotd_conf_t conf = knotd_conf_mod(mod, MOD_CHANNELS);
+ ctx->probe_count = conf.single.integer;
+
+ conf = knotd_conf_mod(mod, MOD_PATH);
+ if (conf.count == 0) {
+ conf = knotd_conf(mod, C_SRV, C_RUNDIR, NULL);
+ }
+ if (conf.single.string[0] != '/') {
+ char *cwd = realpath("./", NULL);
+ ctx->path = sprintf_alloc("%s/%s", cwd, conf.single.string);
+ free(cwd);
+ } else {
+ ctx->path = strdup(conf.single.string);
+ }
+ if (ctx->path == NULL) {
+ free_probe_ctx(ctx);
+ return KNOT_ENOMEM;
+ }
+
+ ctx->probes = calloc(ctx->probe_count, sizeof(knot_probe_t *));
+ if (ctx->probes == NULL) {
+ free_probe_ctx(ctx);
+ return KNOT_ENOMEM;
+ }
+
+ for (int i = 0; i < ctx->probe_count; i++) {
+ knot_probe_t *probe = knot_probe_alloc();
+ if (probe == NULL) {
+ free_probe_ctx(ctx);
+ return KNOT_ENOMEM;
+ }
+
+ int ret = knot_probe_set_producer(probe, ctx->path, i + 1);
+ switch (ret) {
+ case KNOT_ECONN:
+ knotd_mod_log(mod, LOG_NOTICE, "channel %i not connected", i + 1);
+ case KNOT_EOK:
+ break;
+ default:
+ free_probe_ctx(ctx);
+ return ret;
+ }
+
+ ctx->probes[i] = probe;
+ }
+
+ knotd_mod_ctx_set(mod, ctx);
+
+ return knotd_mod_hook(mod, KNOTD_STAGE_END, export);
+}
+
+void probe_unload(knotd_mod_t *mod)
+{
+ probe_ctx_t *ctx = knotd_mod_ctx(mod);
+ if (ctx != NULL) {
+ free_probe_ctx(ctx);
+ }
+}
+
+KNOTD_MOD_API(probe, KNOTD_MOD_FLAG_SCOPE_ANY | KNOTD_MOD_FLAG_OPT_CONF,
+ probe_load, probe_unload, probe_conf, NULL);
diff --git a/src/knot/modules/probe/probe.rst b/src/knot/modules/probe/probe.rst
new file mode 100644
index 0000000000000000000000000000000000000000..a8fb4e4e0be45b4f1848e94eb7469d091575b5cc
--- /dev/null
+++ b/src/knot/modules/probe/probe.rst
@@ -0,0 +1,61 @@
+.. _mod-probe:
+
+``probe`` — DNS traffic probe
+=============================
+
+The module allows the server to send simplified information about regular DNS
+traffic through *UNIX* sockets. The exported information consists of data blocks
+where each data block (datagram) describes one query/response pair. The response
+part can be empty. The receiver can be an arbitrary program using *libknot* interface
+(C or Python). In case of high traffic, more channels (sockets) can be configured
+to allow parallel processing.
+
+Example
+-------
+
+Default module configuration::
+
+ template:
+ - id: default
+ global-module: mod-probe
+
+Module reference
+----------------
+
+::
+
+ mod-probe:
+ - id: STR
+ path: STR
+ channels: INT
+
+.. _mod-probe_id:
+
+id
+..
+
+A module identifier.
+
+.. _mod-probe_path:
+
+path
+....
+
+A directory path the UNIX sockets are located.
+
+.. NOTE::
+ It's recommended to use a directory with the execute permission resctricted
+ to the intended probe consumer process owner only.
+
+*Default:* :ref:`rundir<server_rundir>`
+
+.. _mod-probe_channels:
+
+channels
+........
+
+Number of channels (UNIX sockets) the traffic is distributed to. In case of
+high DNS traffic which is beeing processed by many UDP/XDP/TCP workers,
+using more channels reduced the module overhead.
+
+*Default:* 1