bin/named/lwresd.html

	lwresd.html revision 71c66a876ecca77923638d3f94cc0783152b2f03
0N/A<!--
1472N/A - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
0N/A - Copyright (C) 2000, 2001 Internet Software Consortium.
0N/A -
0N/A - Permission to use, copy, modify, and distribute this software for any
0N/A - purpose with or without fee is hereby granted, provided that the above
0N/A - copyright notice and this permission notice appear in all copies.
0N/A -
0N/A - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
0N/A - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
0N/A - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
0N/A - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
0N/A - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
0N/A - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
0N/A - PERFORMANCE OF THIS SOFTWARE.
0N/A-->
0N/A<!-- $Id: lwresd.html,v 1.18 2006/06/29 13:03:32 marka Exp $ -->
0N/A<html>
1472N/A<head>
1472N/A<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
1472N/A<title>lwresd</title>
0N/A<meta name="generator" content="DocBook XSL Stylesheets V1.70.1">
0N/A</head>
0N/A<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
1879N/A<a name="id2482688"></a><div class="titlepage"></div>
1879N/A<div class="refnamediv">
1879N/A<h2>Name</h2>
1879N/A<p><span class="application">lwresd</span> &#8212; lightweight resolver daemon</p>
1879N/A</div>
1879N/A<div class="refsynopsisdiv">
1879N/A<h2>Synopsis</h2>
1879N/A<div class="cmdsynopsis"><p><code class="command">lwresd</code>  [<code class="option">-C <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-i <em class="replaceable"><code>pid-file</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-P <em class="replaceable"><code>port</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>]</p></div>
1879N/A</div>
1879N/A<div class="refsect1" lang="en">
1879N/A<a name="id2549493"></a><h2>DESCRIPTION</h2>
1879N/A<p><span><strong class="command">lwresd</strong></span>
1879N/A      is the daemon providing name lookup
1879N/A      services to clients that use the BIND 9 lightweight resolver
1879N/A      library.  It is essentially a stripped-down, caching-only name
1879N/A      server that answers queries using the BIND 9 lightweight
1879N/A      resolver protocol rather than the DNS protocol.
1879N/A    </p>
1879N/A<p><span><strong class="command">lwresd</strong></span>
1879N/A      listens for resolver queries on a
1879N/A      UDP port on the IPv4 loopback interface, 127.0.0.1.  This
1879N/A      means that <span><strong class="command">lwresd</strong></span> can only be used by
1879N/A      processes running on the local machine.  By default UDP port
1879N/A      number 921 is used for lightweight resolver requests and
1879N/A      responses.
1879N/A    </p>
1879N/A<p>
1879N/A      Incoming lightweight resolver requests are decoded by the
1879N/A      server which then resolves them using the DNS protocol.  When
1879N/A      the DNS lookup completes, <span><strong class="command">lwresd</strong></span> encodes
1879N/A      the answers in the lightweight resolver format and returns
0N/A      them to the client that made the request.
0N/A    </p>
0N/A<p>
0N/A      If <code class="filename">/etc/resolv.conf</code> contains any
0N/A      <code class="option">nameserver</code> entries, <span><strong class="command">lwresd</strong></span>
0N/A      sends recursive DNS queries to those servers.  This is similar
0N/A      to the use of forwarders in a caching name server.  If no
0N/A      <code class="option">nameserver</code> entries are present, or if
1798N/A      forwarding fails, <span><strong class="command">lwresd</strong></span> resolves the
0N/A      queries autonomously starting at the root name servers, using
0N/A      a built-in list of root server hints.
0N/A    </p>
0N/A</div>
0N/A<div class="refsect1" lang="en">
0N/A<a name="id2549540"></a><h2>OPTIONS</h2>
0N/A<div class="variablelist"><dl>
0N/A<dt><span class="term">-C <em class="replaceable"><code>config-file</code></em></span></dt>
0N/A<dd><p>
0N/A            Use <em class="replaceable"><code>config-file</code></em> as the
0N/A            configuration file instead of the default,
0N/A            <code class="filename">/etc/resolv.conf</code>.
0N/A          </p></dd>
0N/A<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
0N/A<dd><p>
0N/A            Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
1881N/A            Debugging traces from <span><strong class="command">lwresd</strong></span> become
1881N/A                    more verbose as the debug level increases.
0N/A          </p></dd>
0N/A<dt><span class="term">-f</span></dt>
1119N/A<dd><p>
1119N/A            Run the server in the foreground (i.e. do not daemonize).
1119N/A          </p></dd>
1119N/A<dt><span class="term">-g</span></dt>
1119N/A<dd><p>
1119N/A            Run the server in the foreground and force all logging
0N/A            to <code class="filename">stderr</code>.
0N/A          </p></dd>
0N/A<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
0N/A<dd><p>
0N/A            Create <em class="replaceable"><code>#cpus</code></em> worker threads
0N/A            to take advantage of multiple CPUs.  If not specified,
0N/A            <span><strong class="command">lwresd</strong></span> will try to determine the
0N/A            number of CPUs present and create one thread per CPU.
0N/A            If it is unable to determine the number of CPUs, a
0N/A            single worker thread will be created.
0N/A          </p></dd>
0N/A<dt><span class="term">-P <em class="replaceable"><code>port</code></em></span></dt>
0N/A<dd><p>
0N/A            Listen for lightweight resolver queries on port
0N/A            <em class="replaceable"><code>port</code></em>.  If
0N/A                    not specified, the default is port 921.
0N/A          </p></dd>
0N/A<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
0N/A<dd><p>
0N/A            Send DNS lookups to port <em class="replaceable"><code>port</code></em>.  If not
0N/A            specified, the default is port 53.  This provides a
0N/A            way of testing the lightweight resolver daemon with a
0N/A            name server that listens for queries on a non-standard
0N/A            port number.
0N/A          </p></dd>
0N/A<dt><span class="term">-s</span></dt>
0N/A<dd>
0N/A<p>
0N/A            Write memory usage statistics to <code class="filename">stdout</code>
0N/A            on exit.
0N/A          </p>
0N/A<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
0N/A<h3 class="title">Note</h3>
0N/A<p>
0N/A              This option is mainly of interest to BIND 9 developers
0N/A              and may be removed or changed in a future release.
0N/A            </p>
0N/A</div>
0N/A</dd>
0N/A<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
0N/A<dd>
0N/A<p><code class="function">chroot()</code>
0N/A        to <em class="replaceable"><code>directory</code></em> after
0N/A            processing the command line arguments, but before
0N/A            reading the configuration file.
0N/A          </p>
0N/A<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
0N/A<h3 class="title">Warning</h3>
0N/A<p>
0N/A              This option should be used in conjunction with the
0N/A              <code class="option">-u</code> option, as chrooting a process
0N/A              running as root doesn't enhance security on most
0N/A              systems; the way <code class="function">chroot()</code> is
0N/A              defined allows a process with root privileges to
0N/A              escape a chroot jail.
0N/A            </p>
0N/A</div>
0N/A</dd>
0N/A<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
0N/A<dd><p><code class="function">setuid()</code>
0N/A        to <em class="replaceable"><code>user</code></em> after completing
0N/A            privileged operations, such as creating sockets that
0N/A            listen on privileged ports.
0N/A          </p></dd>
0N/A<dt><span class="term">-v</span></dt>
0N/A<dd><p>
0N/A            Report the version number and exit.
0N/A          </p></dd>
0N/A</dl></div>
0N/A</div>
0N/A<div class="refsect1" lang="en">
0N/A<a name="id2549940"></a><h2>FILES</h2>
0N/A<div class="variablelist"><dl>
0N/A<dt><span class="term"><code class="filename">/etc/resolv.conf</code></span></dt>
0N/A<dd><p>
0N/A            The default configuration file.
0N/A          </p></dd>
0N/A<dt><span class="term"><code class="filename">/var/run/lwresd.pid</code></span></dt>
0N/A<dd><p>
0N/A            The default process-id file.
0N/A          </p></dd>
0N/A</dl></div>
0N/A</div>
0N/A<div class="refsect1" lang="en">
0N/A<a name="id2549979"></a><h2>SEE ALSO</h2>
0N/A<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
0N/A      <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
0N/A      <span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
0N/A    </p>
0N/A</div>
0N/A<div class="refsect1" lang="en">
0N/A<a name="id2550013"></a><h2>AUTHOR</h2>
0N/A<p><span class="corpauthor">Internet Systems Consortium</span>
0N/A    </p>
0N/A</div>
0N/A</div></body>
0N/A</html>
0N/A