Commit 82464724 authored by Zuzana Lena Ansorgova's avatar Zuzana Lena Ansorgova

doc: documentation fixes

parent 319992c8
......@@ -8,7 +8,7 @@ Configuration
Simple configuration
====================
The following configuration presents a simple configuration file
The following example presents a simple configuration file
which can be used as a base for your Knot DNS setup::
# Example of a very simple Knot DNS configuration.
......@@ -26,17 +26,17 @@ which can be used as a base for your Knot DNS setup::
- target: syslog
any: info
Now let's go step by step through this configuration:
Now let's walk through this configuration step by step:
- The :ref:`server_listen` statement in the :ref:`server section<Server section>`
defines where the server will listen for incoming connections.
We have defined the server to listen on all available IPv4 and IPv6 addresses
We have defined the server to listen on all available IPv4 and IPv6 addresses,
all on port 53.
- The :ref:`zone section<Zone section>` defines the zones that the server will
serve. In this case we defined one zone named *example.com* which is stored
serve. In this case, we defined one zone named *example.com* which is stored
in the zone file :file:`/var/lib/knot/zones/example.com.zone`.
- The :ref:`log section<Logging section>` defines the log facilities for
the server. In this example we told Knot DNS to send its log messages with
the server. In this example, we told Knot DNS to send its log messages with
the severity ``info`` or more serious to the syslog.
For detailed description of all configuration items see
......@@ -45,8 +45,8 @@ For detailed description of all configuration items see
Zone templates
==============
A zone template allows single zone configuration to be shared among more zones.
Each template option can be explicitly overridden in the zone configuration.
A zone template allows a single zone configuration to be shared among several zones.
Each template option can be explicitly overridden in zone-specific configurations.
A ``default`` template identifier is reserved for the default template::
template:
......@@ -82,9 +82,9 @@ A ``default`` template identifier is reserved for the default template::
Access control list (ACL)
=========================
ACL list specifies which remotes are allowed to send the server a specific
An ACL list specifies which remotes are allowed to send the server a specific
request. A remote can be a single IP address or a network subnet. Also a TSIG
key can be specified::
key can be assigned::
acl:
- id: address_rule
......@@ -110,7 +110,7 @@ Slave zone
==========
Knot DNS doesn't strictly differ between master and slave zones. The
only requirement is to have :ref:`master<zone_master>` statement set for
only requirement is to have a :ref:`master<zone_master>` statement set for
the given zone. Also note that you need to explicitly allow incoming zone
changed notifications via ``notify`` :ref:`acl_action` through zone's
:ref:`zone_acl` list, otherwise the update will be rejected by the server.
......@@ -184,7 +184,7 @@ transfers. An ACL rule consists of a single address or a network subnet::
notify: slave1
acl: [slave1_acl, others_acl]
Optionally a TSIG key can be specified::
Optionally, a TSIG key can be specified::
key:
- id: slave1_key
......@@ -210,11 +210,11 @@ Dynamic updates
===============
Dynamic updates for the zone are allowed via proper ACL rule with the
``update`` action. If the zone is configured as a slave and DNS update
``update`` action. If the zone is configured as a slave and a DNS update
message is accepted, the server forwards the message to its primary master.
The master's response is then forwarded back to the originator.
However, if the zone is configured as master, the update is accepted and
However, if the zone is configured as a master, the update is accepted and
processed::
acl:
......@@ -264,7 +264,7 @@ can operate in two modes:
operator.
2. :ref:`Automatic key management <dnssec-automatic-key-management>`.
In this mode, the server also maintains singing keys. New keys are generated
In this mode, the server also maintains signing keys. New keys are generated
according to assigned policy and are rolled automatically in a safe manner.
No zone operator intervention is necessary.
......@@ -301,7 +301,7 @@ DNSSEC KASP database
--------------------
The configuration for DNSSEC is stored in a :abbr:`KASP (Key And Signature
Policy)` database. The database is simply a directory on the file-system
Policy)` database. The database is simply a directory in the file-system
containing files in the JSON format. The database contains
- definitions of signing policies;
......@@ -398,7 +398,7 @@ Create a zone entry for the zone *myzone.test* without a policy:
$ keymgr zone add myzone.test
Generate a signing keys for the zone. Let's use the Single-Type Signing scheme
Generate signing keys for the zone. Let's use the Single-Type Signing scheme
with two algorithms (this scheme is not supported in automatic key management).
Run:
......@@ -507,7 +507,7 @@ The signing process consists of the following steps:
manually will be removed. To add an extra DNSKEY record into the set, the
key must be imported into the KASP database (possibly deactivated).
#. Removing expired signatures, invalid signatures, signatures expiring
in a short time, and signatures issued by unknown key.
in a short time, and signatures issued by an unknown key.
#. Creating missing signatures. Unless the Single-Type Signing Scheme
is used, DNSKEY records in a zone apex are signed by KSK keys and
all other records are signed by ZSK keys.
......@@ -521,7 +521,7 @@ The signing is initiated on the following occasions:
- Received DDNS update
- Forced zone resign issued with ``knotc signzone``
On forced zone resign, all signatures in the zone are dropped and recreated.
On a forced zone resign, all signatures in the zone are dropped and recreated.
The ``knotc zonestatus`` command can be used to see when the next scheduled
DNSSEC resign will happen.
......
......@@ -61,7 +61,7 @@ You can find the source code for the latest release on `www.knot-dns.cz <https:/
Alternatively, you can fetch the whole project from the git repository
`git://git.nic.cz/knot-dns.git <https://gitlab.labs.nic.cz/labs/knot/tree/master>`_.
After obtaining the source code the compilation and installation is a
After obtaining the source code, the compilation and installation is a
quite straightforward process using autotools.
.. _Configuring and generating Makefiles:
......@@ -73,7 +73,7 @@ If compiling from the git source, you need to bootstrap the ``./configure`` file
$ autoreconf -i -f
In most cases you can just run configure without any options::
In most cases, you can just run configure without any options::
$ ./configure
......@@ -99,7 +99,7 @@ You can do so by executing::
$ make install
When installing as a non-root user you might have to gain elevated privileges by
When installing as a non-root user, you might have to gain elevated privileges by
switching to root user, e.g. ``sudo make install`` or ``su -c 'make install'``.
.. _OS specific installation:
......@@ -113,7 +113,7 @@ repository.
Debian Linux
------------
Knot DNS is already available from Debian wheezy upwards. In addition
Knot DNS is already available from Debian 7 (Wheezy) upwards. In addition
to the official packages we also provide custom repository, which can
be used by adding::
......@@ -123,7 +123,7 @@ be used by adding::
to your ``/etc/apt/sources.list`` or into separate file in
``/etc/apt/sources.list.d/``.
As an example, for Debian jessie the Knot DNS packages can be added by
As an example, for Debian 8 (Jessie) the Knot DNS packages can be added by
executing following command as the root user::
# cat >/etc/apt/sources.list.d/knot.list <<EOF
......@@ -139,7 +139,7 @@ Ubuntu Linux
Prepackaged version of Knot DNS can be found in Ubuntu from
version 12.10 (Quantal Quetzal). In addition to the package included
in the main archive, we provide Personal Package Archive (PPA) as an
option to upgrade to the last stable version of Knot DNS or to install
option in order to upgrade to the last stable version of Knot DNS or to install
it on older versions of Ubuntu Linux.
Adding official PPA repository for Knot DNS
......@@ -169,7 +169,7 @@ the following command as the root user::
Arch Linux
----------
Knot DNS is available official package repository (AUR). To install the
Knot DNS is available in the official package repository (AUR). To install the
package, run::
# pacman -S knot
......@@ -177,8 +177,8 @@ package, run::
Gentoo Linux
------------
Knot DNS is also available in Gentoo package repository. However, you will
probably need to unmask the package prior starting the installation::
Knot DNS is also available in the Gentoo package repository. However, you will
probably need to unmask the package prior to starting the installation::
# emerge -a knot
......
......@@ -8,9 +8,9 @@ Introduction
What is Knot DNS
================
Knot DNS is a high-performance open source DNS server. It
implements only authoritative domain name service. Knot DNS
is best suited for use on TLD domains but can reliably serve
Knot DNS is a high-performance open-source DNS server. It
implements only the authoritative domain name service. Knot DNS
is best suited for use on TLD domains but it can reliably serve
any other zones as well.
Knot DNS benefits from its multi-threaded and mostly lock-free
......@@ -24,7 +24,7 @@ DNS features:
* IN class and partially CH class
* TCP/UDP protocols
* AXFR, IXFR - master, slave
* AXFR, IXFR master, slave
* TSIG
* EDNS0
* DNSSEC, including NSEC3
......@@ -58,6 +58,6 @@ Knot DNS users mailing list: `knot-dns-users@lists.nic.cz <mailto:knot-dns-users
License
=======
Knot DNS is licensed under `GNU General Public License <https://www.gnu.org/copyleft/gpl.html>`_
Knot DNS is licensed under the `GNU General Public License <https://www.gnu.org/copyleft/gpl.html>`_
version 3 or (at your option) any later version. The full text of the license
is available in the ``COPYING`` file distributed with the source code.
is available in the ``COPYING`` file distributed with source code.
......@@ -13,9 +13,9 @@ installations, and a commodity server or a virtual solution will be
sufficient in most cases.
However, please note that there are some scenarios that will require
administrator attention and testing of exact requirements before
deploying Knot DNS in production. These cases include deployment for a
large number of zones (DNS hosting), a large number of records in one
administrator's attention and a testing of exact requirements before
deploying Knot DNS to a production environment. These cases include deployment for a
large number of zones (DNS hosting), large number of records in one
or more zones (TLD) or large number of requests.
CPU requirements
......@@ -31,10 +31,10 @@ Memory requirements
-------------------
Knot DNS implementation focuses on performance and thus can be quite
demanding for memory. The rough estimate for memory requirements is
3 times of the size of the zone in text format. Again this is only
memory demanding. The rough estimate for memory requirements is
3 times the size of the zone in text format. Again this is only
an estimate and you are advised to do your own measurements before
deploying Knot DNS into production.
deploying Knot DNS to production.
Also note that to ensure uninterrupted serving of the zone, Knot DNS
employs a Read-Copy-Update mechanism instead of locking and thus
......@@ -47,4 +47,4 @@ Operating system
Knot DNS itself is written in a portable way, but it depends on
several libraries. Namely userspace-rcu, which could be a constraint
when it comes to the operating system support. Knot DNS can be compiled
and run on most of UNIX-like systems, such as Linux, \*BSD, and OS X.
and run on most UNIX-like systems, such as Linux, \*BSD, and OS X.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment