Commit d74ae3ac authored by Marek Vavruša's avatar Marek Vavruša

rose: added documentation

parent cfc63b39
......@@ -469,3 +469,66 @@ Limitations
NSEC or NSEC3 is supported) nor DNSSEC signed records. However,
since the module is hooked in the query processing plan, it will be
possible to do online signing in the future.
``rose`` - Static resource records
The module provides a mean to override responses for certain queries before the record is searched in
the available zones. The modules comes with a tool ``rosedb_tool`` to manipulate with the database
of static records.
*Note: An entry in the database matches anything at or below it, i.e. '' matches '' as well.
This can be exploited to create a catch-all entries.*
For example, suppose we have a database of following records:: 3600 IN A 3600 IN A 3600 IN AAAA ::1
And we query the nameserver with following::
$ kdig IN A
... returns NOERROR,
$ kdig IN A
... returns NOERROR,
$ kdig IN A
... returns NOERROR,
$ kdig IN AAAA
... returns NXDOMAIN
$ kdig IN AAAA
... returns NOERROR, ::1
In addition the module is able to log matching queries via remote syslog if you specify a syslog address endpoint and an
optional string code.
Here is an example on how to use the module:
* Create the entries in the database::
$ mkdir /tmp/static_rrdb
$ rosedb_tool /tmp/static_rrdb add A 3600 "" "-" "-" # No logging
$ rosedb_tool /tmp/static_rrdb add A 3600 "" "www_query" "" # Syslog @
$ rosedb_tool /tmp/static_rrdb add AAAA 3600 "::1" "ipv6_query" "" # Syslog @
$ rosedb_tool /tmp/static_rrdb list # Verify A RDATA=10B www_query AAAA RDATA=22B ipv6_query A RDATA=10B - -
*Note: the database may be modified while the server is running later on.*
* Configure the query module and start the server::
$ vim knot.conf
zones {
query_module {
rosedb "/tmp/static_rrdb";
$ knotd -c knot.conf
* Verify the running instance::
$ kdig @ A
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment