Domain name System (DNS) is a crucial part of the whole Interet ecosystem which allows to access
websites and other online services by using user-friendly domain names instead of having to remember
the numerical internet protocol (IP) addresses. The main role of the CZ.NIC Association within the
DNS4EU project is to design, develop, test and deliver its own Knot Resolver which is modern and
advanced implementation of DNS protocol.
CZ.NIC, z. s. p. o., is an interest association of legal entities, founded in 1998 by leading providers of
Internet services. The association currently has 117 members. Our key activities include operation of the
domain name registry for the .CZ domain, providing the CZ top-level domain and public education in the
area of domain names. As of today, the association is intensively working on development of the
DNSSEC technology and MojeID service, extension and improvements of the domain administration
system as well as support of new technologies and projects beneficial to the Internet infrastructure in the
Czech Republic. The Association also operates the CZ.NIC-CSIRT internal security team and, since
2011, the Czech CSIRT team ā CSIRT.CZ.
As for the DNS resolver, we plan to improve support for Express Data Path, ensure performance
optimisations, especially for DoH and DNS traffic filtering and prepare the framework for automated tests
of realistic performance, compliance to standards and operational robustness.
The Knot Resolver, it is a modern open-source DNS recursive server written in the āCā language. The
uniqueness of the server is in that it adopts a different scalling strategy than other DNS recursors - no
thread-ing, shared-nothing architecture (except cache that may be shared). Since its inception in 2014, it
has been maintained and coordinated by CZ.NIC, with contributions from more than two dozen external
developers. The software is distributed with the GNU GPLv3 license.
To achieve the DNS4EU project goal, which is to deploy a recursive European DNS resolver service
infrastructure based on a highly federated and distributed protective DNS ecosystem, CZ.NIC adopted a
specific development plan. Its core elements are the following: an RRL Modul (response rate limiting
module); cache synchronization (to improve overall hit rates of DNS caches); a robust algorithm for
authoritative server selection (to extend it with a fallback mechanism); and tailored DNS resolver running
improvements (to prevent performance bottlenecks).
As the CZ.NIC Association, we support the idea of open-source. Our development process is therefore
transparent and driven by the needs of the community and users.
This blog post was written by CZ.NIC, a member of DNS4EU consortium.