High-performance authoritative DNS server
Knot DNS is a high-performance authoritative-only DNS server which supports all key features of the modern domain name system.
News Version 3.4.0
Features:
- knotd: full DNS over TLS (DoT, RFC 7858) implementation (see 'DNS over TLS')
- knotd: bidirectional XFR over TLS (XoT) support with opportunistic, strict, and mutual authentication profiles
- knotd: support …
Version 3.4.0
Features:
- knotd: full DNS over TLS (DoT, RFC 7858) implementation (see 'DNS over TLS')
- knotd: bidirectional XFR over TLS (XoT) support with opportunistic, strict, and mutual authentication profiles
- knotd: support …
Open source
Knot DNS is open-source. It is completely free to download and use. The source code is available under GPL 3+ license. Our development process is transparent and driven by the needs of community and donating users. The target platforms are Linux, BSD's, macOS, and other POSIX operating systems.
Feature-packed
Knot DNS provides essential DNS features including incremental zone transfers (IXFR), dynamic updates (DDNS) and response rate limiting (RRL). More advanced features include automatic DNSSEC signing, dynamic A/AAAA/PTR records synthesis, or rapid on-the-fly reconfiguration.
High performance
The server is suitable for any use case. With its high performace, unmatched DNSSEC implementation, and other features it works exceptionally well as a root or a TLD name server. It's capable of non-stop operation. The responding code is completely lock-free and therefore the server achieves very high response rate.
Secure and stable
In addition to performace, security and stability are the other key goals of the design. The code is being constantly checked by an extensive testing suite to attain stability, assure interoperability with other DNS implementations, avoid performance regressions, and circumvent possible security-related problems.