bin/named/lwresd.html

	lwresd.html revision 6ea1b817e31b89a627e146fe69e23ea0a64c89ec
486N/A<!--
486N/A - Copyright (C) 2000, 2001  Internet Software Consortium.
486N/A -
486N/A - Permission to use, copy, modify, and distribute this software for any
486N/A - purpose with or without fee is hereby granted, provided that the above
486N/A - copyright notice and this permission notice appear in all copies.
486N/A -
486N/A - THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
486N/A - DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
486N/A - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
486N/A - INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
486N/A - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
486N/A - FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
486N/A - NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
486N/A - WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
486N/A-->
486N/A<HTML
486N/A><HEAD
486N/A><TITLE
873N/A>lwresd</TITLE
486N/A><META
486N/ANAME="GENERATOR"
486N/ACONTENT="Modular DocBook HTML Stylesheet Version 1.63
486N/A"></HEAD
486N/A><BODY
4362N/ACLASS="REFENTRY"
5306N/ABGCOLOR="#FFFFFF"
486N/ATEXT="#000000"
486N/ALINK="#0000FF"
619N/AVLINK="#840084"
619N/AALINK="#0000FF"
619N/A><H1
619N/A><A
619N/ANAME="AEN1"
3488N/A><SPAN
619N/ACLASS="APPLICATION"
619N/A>lwresd</SPAN
619N/A></A
3824N/A></H1
3824N/A><DIV
3824N/ACLASS="REFNAMEDIV"
619N/A><A
619N/ANAME="AEN9"
486N/A></A
536N/A><H2
2976N/A>Name</H2
2976N/A><SPAN
536N/ACLASS="APPLICATION"
5306N/A>lwresd</SPAN
3972N/A>&nbsp;--&nbsp;lightweight resolver daemon</DIV
5306N/A><DIV
5306N/ACLASS="REFSYNOPSISDIV"
3972N/A><A
5306N/ANAME="AEN13"
3972N/A></A
3978N/A><H2
3972N/A>Synopsis</H2
3972N/A><P
3978N/A><B
3978N/ACLASS="COMMAND"
3978N/A>lwresd</B
3972N/A>  [<TT
3972N/ACLASS="OPTION"
3972N/A>-C <TT
5306N/ACLASS="REPLACEABLE"
3972N/A><I
3972N/A>config-file</I
3972N/A></TT
2976N/A></TT
2976N/A>] [<TT
2976N/ACLASS="OPTION"
3860N/A>-d <TT
3860N/ACLASS="REPLACEABLE"
3824N/A><I
2976N/A>debug-level</I
2976N/A></TT
1181N/A></TT
2976N/A>] [<TT
1181N/ACLASS="OPTION"
536N/A>-f</TT
3860N/A>] [<TT
3860N/ACLASS="OPTION"
3860N/A>-g</TT
3860N/A>] [<TT
3860N/ACLASS="OPTION"
3860N/A>-i <TT
3860N/ACLASS="REPLACEABLE"
2976N/A><I
830N/A>pid-file</I
830N/A></TT
830N/A></TT
830N/A>] [<TT
830N/ACLASS="OPTION"
830N/A>-n <TT
4542N/ACLASS="REPLACEABLE"
830N/A><I
830N/A>#cpus</I
830N/A></TT
2296N/A></TT
830N/A>] [<TT
961N/ACLASS="OPTION"
961N/A>-P <TT
961N/ACLASS="REPLACEABLE"
486N/A><I
2976N/A>port</I
486N/A></TT
486N/A></TT
486N/A>] [<TT
486N/ACLASS="OPTION"
2296N/A>-p <TT
2296N/ACLASS="REPLACEABLE"
4542N/A><I
4362N/A>port</I
2296N/A></TT
4542N/A></TT
4362N/A>] [<TT
2296N/ACLASS="OPTION"
2402N/A>-s</TT
2402N/A>] [<TT
2402N/ACLASS="OPTION"
2402N/A>-t <TT
4542N/ACLASS="REPLACEABLE"
2402N/A><I
2422N/A>directory</I
2402N/A></TT
2402N/A></TT
2402N/A>] [<TT
2402N/ACLASS="OPTION"
2402N/A>-u <TT
2402N/ACLASS="REPLACEABLE"
2402N/A><I
2402N/A>user</I
2402N/A></TT
4362N/A></TT
961N/A>] [<TT
961N/ACLASS="OPTION"
961N/A>-v</TT
961N/A>]</P
961N/A></DIV
961N/A><DIV
961N/ACLASS="REFSECT1"
1024N/A><A
2976N/ANAME="AEN48"
961N/A></A
961N/A><H2
961N/A>DESCRIPTION</H2
3590N/A><P
3590N/A>   <B
3590N/ACLASS="COMMAND"
3590N/A>lwresd</B
3590N/A> is the daemon providing name lookup
3590N/A    services to clients that use the BIND 9 lightweight resolver
3590N/A    library.  It is essentially a stripped-down, caching-only name
3590N/A    server that answers queries using the BIND 9 lightweight
3590N/A    resolver protocol rather than the DNS protocol.
3590N/A    </P
3590N/A><P
961N/A>   <B
961N/ACLASS="COMMAND"
961N/A>lwresd</B
961N/A> listens for resolver queries on a
961N/A    UDP port on the IPv4 loopback interface, 127.0.0.1.  This
961N/A    means that <B
961N/ACLASS="COMMAND"
486N/A>lwresd</B
> can only be used by
    processes running on the local machine.  By default UDP port
    number 921 is used for lightweight resolver requests and
    responses.
    </P
><P
>   Incoming lightweight resolver requests are decoded by the
    server which then resolves them using the DNS protocol.  When
    the DNS lookup completes, <B
CLASS="COMMAND"
>lwresd</B
> encodes
    the answers in the lightweight resolver format and returns
    them to the client that made the request.
    </P
><P
>   If <TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
> contains any
    <TT
CLASS="OPTION"
>nameserver</TT
> entries, <B
CLASS="COMMAND"
>lwresd</B
>
    sends recursive DNS queries to those servers.  This is similar
    to the use of forwarders in a caching name server.  If no
    <TT
CLASS="OPTION"
>nameserver</TT
> entries are present, or if
    forwarding fails, <B
CLASS="COMMAND"
>lwresd</B
> resolves the
    queries autonomously starting at the root name servers, using
    a built-in list of root server hints.
    </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN63"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-C <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></DT
><DD
><P
>       Use <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> as the
        configuration file instead of the default,
        <TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
>.
          </P
></DD
><DT
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></DT
><DD
><P
>       Set the daemon's debug level to <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
>.
        Debugging traces from <B
CLASS="COMMAND"
>lwresd</B
> become
        more verbose as the debug level increases.
          </P
></DD
><DT
>-f</DT
><DD
><P
>       Run the server in the foreground (i.e. do not daemonize).
          </P
></DD
><DT
>-g</DT
><DD
><P
>       Run the server in the foreground and force all logging
        to <TT
CLASS="FILENAME"
>stderr</TT
>.
          </P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></DT
><DD
><P
>       Create <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
> worker threads
        to take advantage of multiple CPUs.  If not specified,
        <B
CLASS="COMMAND"
>lwresd</B
> will try to determine the
        number of CPUs present and create one thread per CPU.
        If it is unable to determine the number of CPUs, a
        single worker thread will be created.
          </P
></DD
><DT
>-P <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
>       Listen for lightweight resolver queries on port
        <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>.  If
        not specified, the default is port 921.
          </P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
>       Send DNS lookups to port <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>.  If not
        specified, the default is port 53.  This provides a
        way of testing the lightweight resolver daemon with a
        name server that listens for queries on a non-standard
        port number.
          </P
></DD
><DT
>-s</DT
><DD
><P
>       Write memory usage statistics to <TT
CLASS="FILENAME"
>stdout</TT
> on exit.
          </P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
>       This option is mainly of interest to BIND 9 developers
        and may be removed or changed in a future release.
        </P
></BLOCKQUOTE
></DIV
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
>       <TT
CLASS="FUNCTION"
>chroot()</TT
> to <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
> after
        processing the command line arguments, but before
        reading the configuration file.
          </P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
>       This option should be used in conjunction with the
        <TT
CLASS="OPTION"
>-u</TT
> option, as chrooting a process
        running as root doesn't enhance security on most
        systems; the way <TT
CLASS="FUNCTION"
>chroot()</TT
> is
        defined allows a process with root privileges to
        escape a chroot jail.
        </P
></TD
></TR
></TABLE
></DIV
></DD
><DT
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></DT
><DD
><P
>       <TT
CLASS="FUNCTION"
>setuid()</TT
> to <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
> after completing
        privileged operations, such as creating sockets that
        listen on privileged ports.
          </P
></DD
><DT
>-v</DT
><DD
><P
>       Report the version number and exit.
          </P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN137"
></A
><H2
>FILES</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
></DT
><DD
><P
>       The default configuration file.
          </P
></DD
><DT
><TT
CLASS="FILENAME"
>/var/run/lwresd.pid</TT
></DT
><DD
><P
>       The default process-id file.
          </P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN150"
></A
><H2
>SEE ALSO</H2
><P
>   <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>,
    <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres</SPAN
>(3)</SPAN
>,
    <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>resolver</SPAN
>(5)</SPAN
>.
    </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN162"
></A
><H2
>AUTHOR</H2
><P
>   Internet Software Consortium
    </P
></DIV
></BODY
></HTML
>