hello-dns/resolver.md

                <meta charset="utf-8" emacsmode="-*- markdown -*-">
                            **A warm welcome to DNS**

Note: this page is part of the
'[hello-dns](https://powerdns.org/hello-dns/)' documentation effort.

# Resolver
Writing a modern resolver is the hardest part of DNS. A fully standards
compliant DNS resolver is not a resolver that can be used in practice.

In reality, resolvers are expected to process malformed queries coming from
clients (stub-resolvers).  Furthermore, many authoritative servers respond
incorrectly to modern DNS queries.  Zones are frequently misconfigured on
authoritative servers but still expected to work correctly.

Meanwhile, operators desire top performance, with individual CPU cores
expected to satisfy the DNS needs of hundreds of thousands of users.

To top this off, a modern DNS resolver will have to validate DNSSEC
correctly. This may be among the hardest challenges of any widely used
Internet protocol.

Excellent resolvers that are freely available and open source include:

 * [BIND 9](https://www.isc.org/downloads/bind/)
 * [Knot resolver](https://www.knot-resolver.cz/)
 * [Unbound](https://www.unbound.net/)
 * [PowerDNS Recursor](https://www.powerdns.com/recursor.html)

So in short, before attempting to write a DNS resolver, ponder if you really
need to. 

# Resolver algorithm

TBC..

<!-- Markdeep: --><style class="fallback">body{visibility:hidden;white-space:pre;font-family:monospace}</style><script src="ext/markdeep.min.js"></script><script>window.alreadyProcessedMarkdeep||(document.body.style.visibility="visible")</script>
more placeholders 2018-03-29 16:28:29 +07:00			`<meta charset="utf-8" emacsmode="-- markdown --">`
			`A warm welcome to DNS`

rebase 2018-04-01 23:31:41 +07:00			`Note: this page is part of the`
			`'[hello-dns](https://powerdns.org/hello-dns/)' documentation effort.`

more placeholders 2018-03-29 16:28:29 +07:00			`# Resolver`
initial words on resolver 2018-03-30 03:36:26 +07:00			`Writing a modern resolver is the hardest part of DNS. A fully standards`
			`compliant DNS resolver is not a resolver that can be used in practice.`

			`In reality, resolvers are expected to process malformed queries coming from`
			`clients (stub-resolvers). Furthermore, many authoritative servers respond`
			`incorrectly to modern DNS queries. Zones are frequently misconfigured on`
			`authoritative servers but still expected to work correctly.`

			`Meanwhile, operators desire top performance, with individual CPU cores`
			`expected to satisfy the DNS needs of hundreds of thousands of users.`

			`To top this off, a modern DNS resolver will have to validate DNSSEC`
			`correctly. This may be among the hardest challenges of any widely used`
			`Internet protocol.`

add resolvers 2018-03-31 02:42:30 +07:00			`Excellent resolvers that are freely available and open source include:`

			`* [BIND 9](https://www.isc.org/downloads/bind/)`
			`* [Knot resolver](https://www.knot-resolver.cz/)`
			`* [Unbound](https://www.unbound.net/)`
			`* [PowerDNS Recursor](https://www.powerdns.com/recursor.html)`

initial words on resolver 2018-03-30 03:36:26 +07:00			`So in short, before attempting to write a DNS resolver, ponder if you really`
add resolvers 2018-03-31 02:42:30 +07:00			`need to.`

			`# Resolver algorithm`
more placeholders 2018-03-29 16:28:29 +07:00
fix some layout 2018-03-30 04:29:30 +07:00			`TBC..`

add markdeep links to local file, closes issue #9 2018-03-30 20:50:32 +07:00			`<!-- Markdeep: --><style class="fallback">body{visibility:hidden;white-space:pre;font-family:monospace}</style><script src="ext/markdeep.min.js"></script><script>window.alreadyProcessedMarkdeep\|\|(document.body.style.visibility="visible")</script>`