lwresd.docbook revision 0c27b3fe77ac1d5094ba3521e8142d9e7973133f
c80e152862cc3e3207dc837fde7116bd4c0e4b9dTinderbox User - Copyright (C) 2000, 2001, 2004, 2005, 2007-2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
8d1b3ceb4d491ce32572f1702f37ed585eede993Evan Hunt - This Source Code Form is subject to the terms of the Mozilla Public
8d1b3ceb4d491ce32572f1702f37ed585eede993Evan Hunt - License, v. 2.0. If a copy of the MPL was not distributed with this
d77cb075aae5595e460e3299bfc1e8ea5d42b560Evan Hunt - file, You can obtain one at http://mozilla.org/MPL/2.0/.
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews<!-- Converted by db4-upgrade version 1.0 -->
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews<refentry xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="man.lwresd">
7ec97ae74e42ec21b354fd2d1366313b41d947d6Evan Hunt <refentryinfo>
701a93f5a592e4652343e049aa495d409c3ee133Mark Andrews <corpauthor>Internet Systems Consortium, Inc.</corpauthor>
002f1373374a0b72fc0329baa682917929bef168Tony Finch </refentryinfo>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews <refentrytitle><application>lwresd</application></refentrytitle>
73cf0ba4e82c6baef638ecc4e31321223f841d28Mark Andrews <refnamediv>
73cf0ba4e82c6baef638ecc4e31321223f841d28Mark Andrews <refname><application>lwresd</application></refname>
d8351dfc9b725b0d727be7acab6247d7d501d9a0Mark Andrews <refpurpose>lightweight resolver daemon</refpurpose>
d8351dfc9b725b0d727be7acab6247d7d501d9a0Mark Andrews </refnamediv>
31c7ab4fb3f7710af87dc9c3d64c5daf9a3dea35Mark Andrews <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
ad309e8dfa0601d6053aaa12770a98a6940f89deEvan Hunt </copyright>
fc04365d2f83f197c8a54545dd9cd4ce6a209940Mark Andrews </copyright>
7cbac360bf98c0a52b2d6866ad887616c32d4d3aMark Andrews <refsynopsisdiv>
1cf118a656f5fd210787908b845362077fc507f8Evan Hunt <arg choice="opt" rep="norepeat"><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
1cf118a656f5fd210787908b845362077fc507f8Evan Hunt <arg choice="opt" rep="norepeat"><option>-C <replaceable class="parameter">config-file</replaceable></option></arg>
1cf118a656f5fd210787908b845362077fc507f8Evan Hunt <arg choice="opt" rep="norepeat"><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg>
1cf118a656f5fd210787908b845362077fc507f8Evan Hunt <arg choice="opt" rep="norepeat"><option>-f</option></arg>
1cf118a656f5fd210787908b845362077fc507f8Evan Hunt <arg choice="opt" rep="norepeat"><option>-g</option></arg>
1cf118a656f5fd210787908b845362077fc507f8Evan Hunt <arg choice="opt" rep="norepeat"><option>-i <replaceable class="parameter">pid-file</replaceable></option></arg>
6fb3db01acad7f5c1f4e23789fb0f2ce56cc07deMukund Sivaraman <arg choice="opt" rep="norepeat"><option>-m <replaceable class="parameter">flag</replaceable></option></arg>
6fb3db01acad7f5c1f4e23789fb0f2ce56cc07deMukund Sivaraman <arg choice="opt" rep="norepeat"><option>-n <replaceable class="parameter">#cpus</replaceable></option></arg>
6fb3db01acad7f5c1f4e23789fb0f2ce56cc07deMukund Sivaraman <arg choice="opt" rep="norepeat"><option>-P <replaceable class="parameter">port</replaceable></option></arg>
fd82c70695888c134287b8018296028c252d100eMukund Sivaraman <arg choice="opt" rep="norepeat"><option>-p <replaceable class="parameter">port</replaceable></option></arg>
fd82c70695888c134287b8018296028c252d100eMukund Sivaraman <arg choice="opt" rep="norepeat"><option>-s</option></arg>
fd82c70695888c134287b8018296028c252d100eMukund Sivaraman <arg choice="opt" rep="norepeat"><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
fd82c70695888c134287b8018296028c252d100eMukund Sivaraman <arg choice="opt" rep="norepeat"><option>-u <replaceable class="parameter">user</replaceable></option></arg>
4a53e3c2b83c476a93148eaee0272649beb221caMark Andrews <arg choice="opt" rep="norepeat"><option>-v</option></arg>
4a53e3c2b83c476a93148eaee0272649beb221caMark Andrews <arg choice="opt" rep="norepeat"><option>-4</option></arg>
4a53e3c2b83c476a93148eaee0272649beb221caMark Andrews <arg choice="opt" rep="norepeat"><option>-6</option></arg>
2cf0fe3b8092f64f8f68ae3693fe2e73e90ad1a4Mark Andrews </cmdsynopsis>
2cf0fe3b8092f64f8f68ae3693fe2e73e90ad1a4Mark Andrews </refsynopsisdiv>
2cf0fe3b8092f64f8f68ae3693fe2e73e90ad1a4Mark Andrews <refsection><info><title>DESCRIPTION</title></info>
4221d9cd1d02311fbf9b5f08a038f5af78b10b4aEvan Hunt is the daemon providing name lookup
4221d9cd1d02311fbf9b5f08a038f5af78b10b4aEvan Hunt services to clients that use the BIND 9 lightweight resolver
f9c410d93711fbf312a0162f1e2d3f2a5ede69afFrancis Dupont library. It is essentially a stripped-down, caching-only name
f9c410d93711fbf312a0162f1e2d3f2a5ede69afFrancis Dupont server that answers queries using the BIND 9 lightweight
f9c410d93711fbf312a0162f1e2d3f2a5ede69afFrancis Dupont resolver protocol rather than the DNS protocol.
e526027287b849f0b6ab6e069156697cbafa22c1Michał Kępień listens for resolver queries on a
e526027287b849f0b6ab6e069156697cbafa22c1Michał Kępień UDP port on the IPv4 loopback interface, 127.0.0.1. This
929329d2d66a7e1083c70a9c918381935bf12799Mukund Sivaraman means that <command>lwresd</command> can only be used by
929329d2d66a7e1083c70a9c918381935bf12799Mukund Sivaraman processes running on the local machine. By default, UDP port
929329d2d66a7e1083c70a9c918381935bf12799Mukund Sivaraman number 921 is used for lightweight resolver requests and
afefd754734f896bf3e0590177fff83e7cdfdf35Mark Andrews Incoming lightweight resolver requests are decoded by the
afefd754734f896bf3e0590177fff83e7cdfdf35Mark Andrews server which then resolves them using the DNS protocol. When
afefd754734f896bf3e0590177fff83e7cdfdf35Mark Andrews the DNS lookup completes, <command>lwresd</command> encodes
f0353a586c2bfbae999193cb644b6bc94c7944d8Mark Andrews the answers in the lightweight resolver format and returns
f0353a586c2bfbae999193cb644b6bc94c7944d8Mark Andrews them to the client that made the request.
7ff28f5befbee76048a23e504dcd3f9a44ce6209Evan Hunt If <filename>/etc/resolv.conf</filename> contains any
7ff28f5befbee76048a23e504dcd3f9a44ce6209Evan Hunt <option>nameserver</option> entries, <command>lwresd</command>
7ff28f5befbee76048a23e504dcd3f9a44ce6209Evan Hunt sends recursive DNS queries to those servers. This is similar
7ff28f5befbee76048a23e504dcd3f9a44ce6209Evan Hunt to the use of forwarders in a caching name server. If no
7ff28f5befbee76048a23e504dcd3f9a44ce6209Evan Hunt <option>nameserver</option> entries are present, or if
7ff28f5befbee76048a23e504dcd3f9a44ce6209Evan Hunt forwarding fails, <command>lwresd</command> resolves the
7ff28f5befbee76048a23e504dcd3f9a44ce6209Evan Hunt queries autonomously starting at the root name servers, using
7ff28f5befbee76048a23e504dcd3f9a44ce6209Evan Hunt a built-in list of root server hints.
cad79077bd5b2616bc4a7a6b3cbc0953bef8917fMark Andrews </refsection>
cad79077bd5b2616bc4a7a6b3cbc0953bef8917fMark Andrews <refsection><info><title>OPTIONS</title></info>
adfe58e8e5cd1890585e92b67f1fd01989a1fa7dMark Andrews <variablelist>
c3237dec879f82855403ff7e3ba87b298172efd5Mark Andrews <varlistentry>
cb616c6d5c2ece1fac37fa6e0bca2b53d4043098Mark Andrews Use IPv4 only even if the host machine is capable of IPv6.
cb616c6d5c2ece1fac37fa6e0bca2b53d4043098Mark Andrews <option>-4</option> and <option>-6</option> are mutually
c0a2210466dec0cc81ebf2ffbe21693b57b9c29cMark Andrews </varlistentry>
534057c9f91a3eb6e0541f3526459c716239b337Mark Andrews <varlistentry>
0f14b041328c062b1fa391887376388dfc8b2fe5Mark Andrews Use IPv6 only even if the host machine is capable of IPv4.
0f14b041328c062b1fa391887376388dfc8b2fe5Mark Andrews <option>-4</option> and <option>-6</option> are mutually
1848d38f441ebf70ab21f6151bc3487a92d25b63Mark Andrews </varlistentry>
2d82ed9456e72dc4373bea19d63411afe1c48962Mark Andrews <!-- this is in source but not mentioned? does this matter? -->
2d82ed9456e72dc4373bea19d63411afe1c48962Mark Andrews <varlistentry>
a5a1cbece45e6ca68aafe3b9b995eac6b0f45dd2Mark Andrews <term>-c <replaceable class="parameter">config-file</replaceable></term>
0d6328ce5f6b799f8e7c6cbbb3b965cf29bfb7baMark Andrews Use <replaceable class="parameter">config-file</replaceable> as the
0d6328ce5f6b799f8e7c6cbbb3b965cf29bfb7baMark Andrews configuration file instead of the default,
677f507de7c546c187c1505c48bc7b440545485cMark Andrews <!-- Should this be an absolute path name? -->
677f507de7c546c187c1505c48bc7b440545485cMark Andrews <option>-c</option> can not be used with <option>-C</option>.
e01ef6f01c7e8f80122cd80a2e011425a0135489Mark Andrews </varlistentry>
677f507de7c546c187c1505c48bc7b440545485cMark Andrews <varlistentry>
677f507de7c546c187c1505c48bc7b440545485cMark Andrews <term>-C <replaceable class="parameter">config-file</replaceable></term>
677f507de7c546c187c1505c48bc7b440545485cMark Andrews Use <replaceable class="parameter">config-file</replaceable> as the
bf459d24a117ae2c54c37016430b41cd6d73491cMark Andrews configuration file instead of the default,
bf459d24a117ae2c54c37016430b41cd6d73491cMark Andrews <option>-C</option> can not be used with <option>-c</option>.
677f507de7c546c187c1505c48bc7b440545485cMark Andrews </varlistentry>
f53e0bda467d96dfeeba1b4da30c37b37766bb75Evan Hunt <varlistentry>
f53e0bda467d96dfeeba1b4da30c37b37766bb75Evan Hunt <term>-d <replaceable class="parameter">debug-level</replaceable></term>
f53e0bda467d96dfeeba1b4da30c37b37766bb75Evan Hunt Set the daemon's debug level to <replaceable class="parameter">debug-level</replaceable>.
81e3e3084980afcd61416f572c6e72d38a3808abMichał Kępień Debugging traces from <command>lwresd</command> become
81e3e3084980afcd61416f572c6e72d38a3808abMichał Kępień more verbose as the debug level increases.
64d7fa3ec4785b390665860aa6bdae304b3c1d24Mark Andrews </varlistentry>
64d7fa3ec4785b390665860aa6bdae304b3c1d24Mark Andrews <varlistentry>
75505befa93c993aa5d2df24a2b64eac0c34cbffMark Andrews Run the server in the foreground (i.e. do not daemonize).
a38f07c73790170842e4523b4a474d01ca0dede1Michał Kępień </varlistentry>
a38f07c73790170842e4523b4a474d01ca0dede1Michał Kępień <varlistentry>
39d5523a8afc73cbdb4fa426de2ce071267a5d6fMark Andrews Run the server in the foreground and force all logging
91827e6fd3851a5fe129ef5409ff45833ca01a0eMark Andrews </varlistentry>
91827e6fd3851a5fe129ef5409ff45833ca01a0eMark Andrews <varlistentry>
35aae5884f410180706a89a9715bf9a85eeeb4b7Michał Kępień <term>-i <replaceable class="parameter">pid-file</replaceable></term>
57b1d64d9ae12d56973716e96f9743a00d47af4aMichał Kępień Use <replaceable class="parameter">pid-file</replaceable> as the
57b1d64d9ae12d56973716e96f9743a00d47af4aMichał Kępień PID file instead of the default,
57b1d64d9ae12d56973716e96f9743a00d47af4aMichał Kępień <filename>/var/run/lwresd/lwresd.pid</filename>.
2d517e233ff3b3fcd272eb5b2e2d3db6d31a1681Michał Kępień </varlistentry>
09c3efda414314d7edcfb2aed9463fb935fc95a6Mark Andrews <varlistentry>
86d2f9abc8493321aacb0d540485de4d562fb734Mark Andrews <term>-m <replaceable class="parameter">flag</replaceable></term>
86d2f9abc8493321aacb0d540485de4d562fb734Mark Andrews Turn on memory usage debugging flags. Possible flags are
86d2f9abc8493321aacb0d540485de4d562fb734Mark Andrews <replaceable class="parameter">usage</replaceable>,
86d2f9abc8493321aacb0d540485de4d562fb734Mark Andrews <replaceable class="parameter">trace</replaceable>,
86d2f9abc8493321aacb0d540485de4d562fb734Mark Andrews <replaceable class="parameter">record</replaceable>,
86d2f9abc8493321aacb0d540485de4d562fb734Mark Andrews <replaceable class="parameter">size</replaceable>, and
09c3efda414314d7edcfb2aed9463fb935fc95a6Mark Andrews <replaceable class="parameter">mctx</replaceable>.
86d2f9abc8493321aacb0d540485de4d562fb734Mark Andrews These correspond to the ISC_MEM_DEBUGXXXX flags described in
3ed16e796dba90c96933c8a8a3f5b9404d8d3e61Mark Andrews </varlistentry>
3ed16e796dba90c96933c8a8a3f5b9404d8d3e61Mark Andrews <varlistentry>
14d8a144779b54b103d2da741a2242bf5f9052f7Mark Andrews <term>-n <replaceable class="parameter">#cpus</replaceable></term>
70e041bea19b6ad9522b89c2299ad315a2deaafdMark Andrews Create <replaceable class="parameter">#cpus</replaceable> worker threads
70e041bea19b6ad9522b89c2299ad315a2deaafdMark Andrews to take advantage of multiple CPUs. If not specified,
70e041bea19b6ad9522b89c2299ad315a2deaafdMark Andrews <command>lwresd</command> will try to determine the
67247b4a8304bac790648a351a95b8b0f4c512a6Mark Andrews number of CPUs present and create one thread per CPU.
67247b4a8304bac790648a351a95b8b0f4c512a6Mark Andrews If it is unable to determine the number of CPUs, a
eeb919b6f572e033d97cf001e4cd44aaff54e5dcMichał Kępień single worker thread will be created.
a55438eda32ecebf43ead45b216662b7923a465fMark Andrews </varlistentry>
a55438eda32ecebf43ead45b216662b7923a465fMark Andrews <varlistentry>
8de17f83cafa91a5720dd0b8c1aee5f47f6d7f09Evan Hunt <term>-P <replaceable class="parameter">port</replaceable></term>
9789e54e55b61b669fb31a8b70e9655e8357dda2Mark Andrews Listen for lightweight resolver queries on port
9789e54e55b61b669fb31a8b70e9655e8357dda2Mark Andrews <replaceable class="parameter">port</replaceable>. If
f8362536c647625e602c8450a778a2b7ba90c9f4Mark Andrews not specified, the default is port 921.
24231e53a5c3079431f84dcddfee1e761fec7329Mark Andrews </varlistentry>
24231e53a5c3079431f84dcddfee1e761fec7329Mark Andrews <varlistentry>
24231e53a5c3079431f84dcddfee1e761fec7329Mark Andrews <term>-p <replaceable class="parameter">port</replaceable></term>
4b669b69bae7dedda2faa09a7ade247499c1d49cMichał Kępień Send DNS lookups to port <replaceable class="parameter">port</replaceable>. If not
4b669b69bae7dedda2faa09a7ade247499c1d49cMichał Kępień specified, the default is port 53. This provides a
eb11b39981689e4a20fbe95e533577eacab992b4Mukund Sivaraman way of testing the lightweight resolver daemon with a
eb11b39981689e4a20fbe95e533577eacab992b4Mukund Sivaraman name server that listens for queries on a non-standard
e7c0f978425f45731b08be1363f20626b0344f23Evan Hunt </varlistentry>
01967d183990e44752fe61f193dab9c04c3afd9cEvan Hunt <varlistentry>
575e9d9e4b6beaae688f107814a320b91243a4b2Mark Andrews Write memory usage statistics to <filename>stdout</filename>
7c442d7fe06bc95432af7513764e5cc85e133648Evan Hunt This option is mainly of interest to BIND 9 developers
7c442d7fe06bc95432af7513764e5cc85e133648Evan Hunt and may be removed or changed in a future release.
5e1ca7a326741a8f74e6f2b907c7e1fbf428bf80Michał Kępień </varlistentry>
ba93bc80a7bce5ba07b2f98e68f0f57402f2459cMark Andrews <varlistentry>
8ed107eab48687887d45a1ceb18b712bc7209dbaTinderbox User <term>-t <replaceable class="parameter">directory</replaceable></term>
5f103158280fb2e814db305f917aa42040221623Mark Andrews <para>Chroot
5f103158280fb2e814db305f917aa42040221623Mark Andrews to <replaceable class="parameter">directory</replaceable> after
5f103158280fb2e814db305f917aa42040221623Mark Andrews processing the command line arguments, but before
5f103158280fb2e814db305f917aa42040221623Mark Andrews reading the configuration file.
b7b76d6b855cd4c1152c26d34fb61af05f965c5eEvan Hunt This option should be used in conjunction with the
b7b76d6b855cd4c1152c26d34fb61af05f965c5eEvan Hunt <option>-u</option> option, as chrooting a process
b7b76d6b855cd4c1152c26d34fb61af05f965c5eEvan Hunt running as root doesn't enhance security on most
764e2f3413ca89d09abffb3eb228c8c820bf08b8Mark Andrews systems; the way <function>chroot(2)</function> is
764e2f3413ca89d09abffb3eb228c8c820bf08b8Mark Andrews defined allows a process with root privileges to
764e2f3413ca89d09abffb3eb228c8c820bf08b8Mark Andrews escape a chroot jail.
a06198688faca5c7bc1a35ec0ec18bc68c07691cEvan Hunt </varlistentry>
50433a667cf0ed3ac7807768b745b0d870ff8c8bMark Andrews <varlistentry>
3c12bec945ee71a38c5ba6f624abd12e2da7eea5Mark Andrews <term>-u <replaceable class="parameter">user</replaceable></term>
f44202ab640d22e17b4c74bdad7817622918bd27Mark Andrews <para>Setuid
f44202ab640d22e17b4c74bdad7817622918bd27Mark Andrews to <replaceable class="parameter">user</replaceable> after completing
f44202ab640d22e17b4c74bdad7817622918bd27Mark Andrews privileged operations, such as creating sockets that
ad9772c559c6aa42f8930f4acf1a2d833a08040aMichał Kępień listen on privileged ports.
ad9772c559c6aa42f8930f4acf1a2d833a08040aMichał Kępień </varlistentry>
5d7d67f82a8913fae5f1098e111fe50edb86cd5bEvan Hunt <varlistentry>
6216df5ccded056abd5db4abac4e5cbd78c73f45Evan Hunt Report the version number and exit.
6216df5ccded056abd5db4abac4e5cbd78c73f45Evan Hunt </varlistentry>
56e30ebae6fdb0bdf94419caff3a43fb2d16c5dfEvan Hunt </variablelist>
56e30ebae6fdb0bdf94419caff3a43fb2d16c5dfEvan Hunt </refsection>
0612274565d80e0ad87a19920e561cce5bddb05bEvan Hunt <variablelist>
0612274565d80e0ad87a19920e561cce5bddb05bEvan Hunt <varlistentry>
0612274565d80e0ad87a19920e561cce5bddb05bEvan Hunt <term><filename>/etc/resolv.conf</filename></term>
f592d2f76cac7115038124c510d2ba3050334b4dEvan Hunt The default configuration file.
4ee1fbe056e812e661b856b4b448296331a40249Michał Kępień </varlistentry>
1c8aa38b53a0494fc7d4c3439594d1913987f264Mark Andrews <varlistentry>
1c8aa38b53a0494fc7d4c3439594d1913987f264Mark Andrews <term><filename>/var/run/lwresd.pid</filename></term>
1c8aa38b53a0494fc7d4c3439594d1913987f264Mark Andrews The default process-id file.
43d53a4e4b2f0f9482485a8ab764137a9898ab32Evan Hunt </varlistentry>
b1ce9b3d54cd072adb5275f08a9afac31cfb4c1cMichał Kępień </variablelist>
b1ce9b3d54cd072adb5275f08a9afac31cfb4c1cMichał Kępień </refsection>
b1ce9b3d54cd072adb5275f08a9afac31cfb4c1cMichał Kępień <refsection><info><title>SEE ALSO</title></info>
b1ce9b3d54cd072adb5275f08a9afac31cfb4c1cMichał Kępień <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>
5fa4be41a383cfbf5e1d195b18c04bdbf5603710Evan Hunt </citerefentry>,
5fa4be41a383cfbf5e1d195b18c04bdbf5603710Evan Hunt <citerefentry>
5fa4be41a383cfbf5e1d195b18c04bdbf5603710Evan Hunt <refentrytitle>lwres</refentrytitle><manvolnum>3</manvolnum>
2732d4922c2e72a399204320791acfd2fd3d6c7cMark Andrews </citerefentry>,
2732d4922c2e72a399204320791acfd2fd3d6c7cMark Andrews <citerefentry>
2732d4922c2e72a399204320791acfd2fd3d6c7cMark Andrews <refentrytitle>resolver</refentrytitle><manvolnum>5</manvolnum>
24ffba17f06746257d5c009ca8ebfe6043966d20Evan Hunt </citerefentry>.
24ffba17f06746257d5c009ca8ebfe6043966d20Evan Hunt </refsection>