0N/A<HTML

0N/A><HEAD

1105N/A><TITLE

1186N/A>lwresd</TITLE

0N/A><META

1186N/A"></HEAD

1186N/A><BODY

1281N/A><H1

1281N/A><A

1281N/A><SPAN

1281N/A>lwresd</SPAN

1281N/A></A

1281N/A></H1

1186N/A><DIV

1186N/A><A

1364N/A></A

1186N/A><H2

1281N/A>Name</H2

1281N/A><SPAN

1186N/A>lwresd</SPAN

1186N/A>&nbsp;--&nbsp;lightweight resolver daemon</DIV

1281N/A><DIV

1281N/A><A

1186N/A></A

1186N/A><H2

1281N/A>Synopsis</H2

1281N/A><P

1281N/A><B

1186N/A>lwresd</B

0N/A> [<TT

1186N/A>-C <TT

1186N/A><I

1186N/A>config-file</I

1186N/A></TT

></TT

>] [<TT

>-d <TT

><I

>debug-level</I

></TT

></TT

>] [<TT

>-f</TT

>] [<TT

>-g</TT

>] [<TT

>-i <TT

><I

>pid-file</I

></TT

></TT

>] [<TT

>-n <TT

><I

>#cpus</I

></TT

></TT

>] [<TT

>-P <TT

><I

>port</I

></TT

></TT

>] [<TT

>-p <TT

><I

>port</I

></TT

></TT

>] [<TT

>-s</TT

>] [<TT

>-t <TT

><I

>directory</I

></TT

></TT

>] [<TT

>-u <TT

><I

>user</I

></TT

></TT

>] [<TT

>-v</TT

>]</P

></DIV

><DIV

><A

></A

><H2

>DESCRIPTION</H2

><P

> <B

>lwresd</B

> is the daemon providing name lookup

services to clients that use the BIND 9 lightweight resolver

library. It is essentially a stripped-down, caching-only name

server that answers queries using the BIND 9 lightweight

resolver protocol rather than the DNS protocol.

</P

><P

> <B

>lwresd</B

> listens for resolver queries on a

UDP port on the IPv4 loopback interface, 127.0.0.1. This

means that <B

>lwresd</B

> can only be used by

processes running on the local machine. By default UDP port

number 921 is used for lightweight resolver requests and

responses.

</P

><P

> Incoming lightweight resolver requests are decoded by the

server which then resolves them using the DNS protocol. When

the DNS lookup completes, <B

>lwresd</B

> encodes

the answers in the lightweight resolver format and returns

them to the client that made the request.

</P

><P

> If <TT

>/etc/resolv.conf</TT

> contains any

<TT

>nameserver</TT

> entries, <B

>lwresd</B

>

sends recursive DNS queries to those servers. This is similar

to the use of forwarders in a caching name server. If no

<TT

>nameserver</TT

> entries are present, or if

forwarding fails, <B

>lwresd</B

> resolves the

queries autonomously starting at the root name servers, using

a built-in list of root server hints.

</P

></DIV

><DIV

><A

></A

><H2

>OPTIONS</H2

><P

></P

><DIV

><DL

><DT

>-C <TT

><I

>config-file</I

></TT

></DT

><DD

><P

> Use <TT

><I

>config-file</I

></TT

> as the

configuration file instead of the default,

<TT

>/etc/resolv.conf</TT

>.

</P

></DD

><DT

>-d <TT

><I

>debug-level</I

></TT

></DT

><DD

><P

> Set the daemon's debug level to <TT

><I

>debug-level</I

></TT

>.

Debugging traces from <B

>lwresd</B

> become

more verbose as the debug level increases.

</P

></DD

><DT

>-f</DT

><DD

><P

> Run the server in the foreground (i.e. do not daemonize).

</P

></DD

><DT

>-g</DT

><DD

><P

> Run the server in the foreground and force all logging

to <TT

>stderr</TT

>.

</P

></DD

><DT

>-n <TT

><I

>#cpus</I

></TT

></DT

><DD

><P

> Create <TT

><I

>#cpus</I

></TT

> worker threads

to take advantage of multiple CPUs. If not specified,

<B

>lwresd</B

> will try to determine the

number of CPUs present and create one thread per CPU.

If it is unable to determine the number of CPUs, a

single worker thread will be created.

</P

></DD

><DT

>-P <TT

><I

>port</I

></TT

></DT

><DD

><P

> Listen for lightweight resolver queries on port

<TT

><I

>port</I

></TT

>. If

not specified, the default is port 921.

</P

></DD

><DT

>-p <TT

><I

>port</I

></TT

></DT

><DD

><P

> Send DNS lookups to port <TT

><I

>port</I

></TT

>. If not

specified, the default is port 53. This provides a

way of testing the lightweight resolver daemon with a

name server that listens for queries on a non-standard

port number.

</P

></DD

><DT

>-s</DT

><DD

><P

> Write memory usage statistics to <TT

>stdout</TT

> on exit.

</P

><DIV

><BLOCKQUOTE

><P

><B

>Note: </B

> This option is mainly of interest to BIND 9 developers

and may be removed or changed in a future release.

</P

></BLOCKQUOTE

></DIV

></DD

><DT

>-t <TT

><I

>directory</I

></TT

></DT

><DD

><P

> <TT

>chroot()</TT

> to <TT

><I

>directory</I

></TT

> after

processing the command line arguments, but before

reading the configuration file.

</P

><DIV

><P

></P

><TABLE

><TR

><TD

><B

>Warning</B

></TD

></TR

><TR

><TD

><P

> This option should be used in conjunction with the

<TT

>-u</TT

> option, as chrooting a process

running as root doesn't enhance security on most

systems; the way <TT

>chroot()</TT

> is

defined allows a process with root privileges to

escape a chroot jail.

</P

></TD

></TR

></TABLE

></DIV

></DD

><DT

>-u <TT

><I

>user</I

></TT

></DT

><DD

><P

> <TT

>setuid()</TT

> to <TT

><I

>user</I

></TT

> after completing

privileged operations, such as creating sockets that

listen on privileged ports.

</P

></DD

><DT

>-v</DT

><DD

><P

> Report the version number and exit.

</P

></DD

></DL

></DIV

></DIV

><DIV

><A

></A

><H2

>FILES</H2

><P

></P

><DIV

><DL

><DT

><TT

>/etc/resolv.conf</TT

></DT

><DD

><P

> The default configuration file.

</P

></DD

><DT

><TT

>/var/run/lwresd.pid</TT

></DT

><DD

><P

> The default process-id file.

</P

></DD

></DL

></DIV

></DIV

><DIV

><A

></A

><H2

>SEE ALSO</H2

><P

> <SPAN

><SPAN

>named</SPAN

>(8)</SPAN

>,

<SPAN

><SPAN

>lwres</SPAN

>(3)</SPAN

>,

<SPAN

><SPAN

>resolver</SPAN

>(5)</SPAN

>.

</P

></DIV

><DIV

><A

></A

><H2

>AUTHOR</H2

><P

> Internet Software Consortium

</P

></DIV

></BODY

></HTML

>