-- ref: https://www.knot-resolver.cz/documentation/stable/config-overview.html
log_level("info")

-- load non-default modules
modules.load("view")
modules.load("prefill")

-- define list of internal-only domains
ehDomains = policy.todnames({'noc.eh22.intern'})

-- for the mgmt-network, forward ehDomains to our authorative server
view:addr('94.45.255.0/24', policy.suffix(policy.FLAGS({'NO_CACHE'}), ehDomains))
view:addr('94.45.255.0/24', policy.suffix(policy.STUB({'94.45.255.3'}), ehDomains))

-- allow resolution from the event net
view:addr('94.45.224.0/19', policy.all(policy.PASS))

-- precache the root zone to reduce traffic load to it
prefill.config({
  ["."] = {
    url = "https://www.internic.net/domain/root.zone",
    interval = 24 * 60 * 60,
  }
})