lwresd.html revision 71c66a876ecca77923638d3f94cc0783152b2f03
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - Copyright (C) 2000, 2001 Internet Software Consortium.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - Permission to use, copy, modify, and distribute this software for any
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - purpose with or without fee is hereby granted, provided that the above
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - copyright notice and this permission notice appear in all copies.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering - PERFORMANCE OF THIS SOFTWARE.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<!-- $Id: lwresd.html,v 1.18 2006/06/29 13:03:32 marka Exp $ -->
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<meta name="generator" content="DocBook XSL Stylesheets V1.70.1">
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<a name="id2482688"></a><div class="titlepage"></div>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<p><span class="application">lwresd</span> — lightweight resolver daemon</p>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<div class="cmdsynopsis"><p><code class="command">lwresd</code> [<code class="option">-C <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-i <em class="replaceable"><code>pid-file</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-P <em class="replaceable"><code>port</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>]</p></div>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<a name="id2549493"></a><h2>DESCRIPTION</h2>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<p><span><strong class="command">lwresd</strong></span>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek is the daemon providing name lookup
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek services to clients that use the BIND 9 lightweight resolver
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek library. It is essentially a stripped-down, caching-only name
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek server that answers queries using the BIND 9 lightweight
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek resolver protocol rather than the DNS protocol.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<p><span><strong class="command">lwresd</strong></span>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek listens for resolver queries on a
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek UDP port on the IPv4 loopback interface, 127.0.0.1. This
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek means that <span><strong class="command">lwresd</strong></span> can only be used by
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek processes running on the local machine. By default UDP port
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek number 921 is used for lightweight resolver requests and
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Incoming lightweight resolver requests are decoded by the
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek server which then resolves them using the DNS protocol. When
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek the DNS lookup completes, <span><strong class="command">lwresd</strong></span> encodes
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek the answers in the lightweight resolver format and returns
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek them to the client that made the request.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek If <code class="filename">/etc/resolv.conf</code> contains any
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering <code class="option">nameserver</code> entries, <span><strong class="command">lwresd</strong></span>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek sends recursive DNS queries to those servers. This is similar
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek to the use of forwarders in a caching name server. If no
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek <code class="option">nameserver</code> entries are present, or if
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek forwarding fails, <span><strong class="command">lwresd</strong></span> resolves the
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek queries autonomously starting at the root name servers, using
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek a built-in list of root server hints.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<a name="id2549540"></a><h2>OPTIONS</h2>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<dt><span class="term">-C <em class="replaceable"><code>config-file</code></em></span></dt>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Use <em class="replaceable"><code>config-file</code></em> as the
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek configuration file instead of the default,
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek <code class="filename">/etc/resolv.conf</code>.
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Debugging traces from <span><strong class="command">lwresd</strong></span> become
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt more verbose as the debug level increases.
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Run the server in the foreground (i.e. do not daemonize).
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering Run the server in the foreground and force all logging
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering Create <em class="replaceable"><code>#cpus</code></em> worker threads
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering to take advantage of multiple CPUs. If not specified,
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering <span><strong class="command">lwresd</strong></span> will try to determine the
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering number of CPUs present and create one thread per CPU.
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering If it is unable to determine the number of CPUs, a
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering single worker thread will be created.
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering<dt><span class="term">-P <em class="replaceable"><code>port</code></em></span></dt>
4bdc60cb6fab336d455abbbd269e5bfccf760c91Lennart Poettering Listen for lightweight resolver queries on port
b72ddf0f4f552dd53d6404b6ddbc9f17d02b8e12Kay Sievers <em class="replaceable"><code>port</code></em>. If
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering not specified, the default is port 921.
b72ddf0f4f552dd53d6404b6ddbc9f17d02b8e12Kay Sievers<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Send DNS lookups to port <em class="replaceable"><code>port</code></em>. If not
b72ddf0f4f552dd53d6404b6ddbc9f17d02b8e12Kay Sievers specified, the default is port 53. This provides a
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering way of testing the lightweight resolver daemon with a
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering name server that listens for queries on a non-standard
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Write memory usage statistics to <code class="filename">stdout</code>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering This option is mainly of interest to BIND 9 developers
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering and may be removed or changed in a future release.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to <em class="replaceable"><code>directory</code></em> after
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering processing the command line arguments, but before
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering reading the configuration file.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering This option should be used in conjunction with the
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <code class="option">-u</code> option, as chrooting a process
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering running as root doesn't enhance security on most
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering systems; the way <code class="function">chroot()</code> is
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering defined allows a process with root privileges to
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering escape a chroot jail.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dd><p><code class="function">setuid()</code>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to <em class="replaceable"><code>user</code></em> after completing
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering privileged operations, such as creating sockets that
5f02e26ca7c039837dbaea63f3d3664fe45c26b9Thomas Hindoe Paaboel Andersen listen on privileged ports.
a1a4a25e7f6b515d0c8c25257714299853f261aaDaniel Mack Report the version number and exit.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term"><code class="filename">/etc/resolv.conf</code></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering The default configuration file.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term"><code class="filename">/var/run/lwresd.pid</code></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering The default process-id file.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<p><span class="corpauthor">Internet Systems Consortium</span>