These are chat archives for CZ-NIC/knot-resolver

1st
Aug 2018
edoo
@ookangzheng
Aug 01 2018 11:53 UTC
How to enable Qname minimal in kresd.conf
Vladimír Čunát
@vcunat
Aug 01 2018 11:54 UTC
@ookangzheng it's enabled by default.
(Though there are some cases where it basically gets disabled for some parts of the namespace.)
edoo
@ookangzheng
Aug 01 2018 12:03 UTC
@vcunat I just curios when I saw dnsprivacy-monitoring site said
dns.jp.blahdns.com and dns.de.blahdns.com (Qname shows RED)
Vladimír Čunát
@vcunat
Aug 01 2018 12:05 UTC
I don't know how they test it. Maybe it's some of the cases.
edoo
@ookangzheng
Aug 01 2018 12:05 UTC
@vcunat got it. Thanks
Petr Špaček
@pspacek
Aug 01 2018 12:15 UTC
@ookangzheng You can see that https://dnsprivacy.org/jenkins/job/dnsprivacy-monitoring/ has green tick in QNAME min. column on row 1dot1dot1dot1.cloudflare-dns.com - and Cloudflare is running our Knot Resolver.
Robert Šefr
@robcza
Aug 01 2018 12:16 UTC

I'm struggling with very weird issue with the view module. A very simple view configuration fails (so far tested version 2.3 and 2.4):

modules = { 'policy', 'view' }
net.ipv6 = false
net = {'0.0.0.0'}
view:addr('127.0.0.1/32', policy.PASS)

Simple dig for google on localhost fails:

dig google.com @127.0.0.1

; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.2 <<>> google.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 37090
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.                    IN      A

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Aug 01 12:14:41 UTC 2018
;; MSG SIZE  rcvd: 39

With this error:
error: /usr/local/lib/kdns_modules/view.lua:94: 'struct kr_request' is not callable

Any hints what could be wrong?

Vladimír Čunát
@vcunat
Aug 01 2018 12:18 UTC
@robcza: you are calling it wrong.
edoo
@ookangzheng
Aug 01 2018 12:18 UTC
@pspacek I’m running knot-resolver too
Latest version on Ubuntu 18.04
Vladimír Čunát
@vcunat
Aug 01 2018 12:19 UTC
See docs, e.g.
view:addr('10.0.0.0/8', policy.all(policy.PASS))
view is like adding another layer around policy
Robert Šefr
@robcza
Aug 01 2018 12:21 UTC
@vcunat thanks, it works of course. I got completely blind staring at it for quite a long time. Another layer makes sense.