The purpose of this project is to supply an alternative open-source implementation of an authoritative DNS server suitable for TLD operators to increase overall security, stability and resiliency of the Domain Name System.

It is implemented as a multi-threaded daemon, using a number of programming techniques and data structures to make the server very fast,[1] notably Read-copy-update[2] or a special kind of a radix tree.

It is also able to add and remove zones on the fly by changing the configuration file and reloading the server using the 'knotc' utility.

New in 2.4.0:[8] Unified LMDB based journal, new statistics module, automatic deletion of retired DNSSEC keys.

New in 2.8.0:[12] Offline-KSK, multithreaded DNSSEC signing, extended ACL for DDNS, zone update speed-up.