named.docbook revision d4ef65050feac78554addf6e16a06c6e2e0bd331
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - Copyright (C) 2000, 2001 Internet Software Consortium.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - Permission to use, copy, modify, and distribute this software for any
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - purpose with or without fee is hereby granted, provided that the above
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - copyright notice and this permission notice appear in all copies.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync - WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync<!-- $Id: named.docbook,v 1.3 2001/04/10 21:50:44 bwelling Exp $ -->
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync<!-- $Id: named.docbook,v 1.3 2001/04/10 21:50:44 bwelling Exp $ -->
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <refentryinfo>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </refentryinfo>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <refentrytitle><application>named</application></refentrytitle>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <refnamediv>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <refname><application>named</application></refname>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <refpurpose>Internet domain name server</refpurpose>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </refnamediv>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <refsynopsisdiv>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <cmdsynopsis>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <arg><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <arg><option>-n <replaceable class="parameter">#cpus</replaceable></option></arg>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <arg><option>-u <replaceable class="parameter">user</replaceable></option></arg>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <arg><option>-x <replaceable class="parameter">cache-file</replaceable></option></arg>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </cmdsynopsis>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </refsynopsisdiv>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <command>named</command> is a Domain Name System (DNS) server,
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync part of the BIND 9 distribution from ISC. For more
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync information on the DNS, see RFCs 1033, 1034, and 1035.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync When invoked without arguments, <command>named</command> will
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync read the default configuration file
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <filename>/etc/named.conf</filename>, read any initial
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync data, and listen for queries.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </refsect1>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <variablelist>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <term>-c <replaceable class="parameter">config-file</replaceable></term>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Use <replaceable
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync configuration file instead of the default,
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync ensure that reloading the configuration file continues
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync to work after the server has changed its working
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync directory due to to a possible
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <option>directory</option> option in the configuration
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync file, <replaceable
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync class="parameter">config-file</replaceable> should be
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync an absolute pathname.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <term>-d <replaceable class="parameter">debug-level</replaceable></term>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Set the daemon's debug level to <replaceable
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Debugging traces from <command>named</command> become
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync more verbose as the debug level increases.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Run the server in the foreground (i.e. do not daemonize).
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Run the server in the foreground and force all logging
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <term>-n <replaceable class="parameter">#cpus</replaceable></term>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Create <replaceable
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync class="parameter">#cpus</replaceable> worker threads
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync to take advantage of multiple CPUs. If not specified,
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync number of CPUs present and create one thread per CPU.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync If it is unable to determine the number of CPUs, a
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync single worker thread will be created.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <term>-p <replaceable class="parameter">port</replaceable></term>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Listen for queries on port <replaceable
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync specified, the default is port 53.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Write memory usage statistics to <filename>stdout</filename> on exit.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync This option is mainly of interest to BIND 9 developers
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync and may be removed or changed in a future release.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <term>-t <replaceable class="parameter">directory</replaceable></term>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync processing the command line arguments, but before
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync reading the configuration file.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync This option should be used in conjunction with the
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync running as root doesn't enhance security on most
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync defined allows a process with root privileges to
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync escape a chroot jail.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <term>-u <replaceable class="parameter">user</replaceable></term>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync class="parameter">user</replaceable> after completing
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync privileged operations, such as creating sockets that
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync listen on privileged ports.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync On Linux, <command>named</command> uses the kernel's
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync capability mechanism to drop all root privileges
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync except the ability to <function>bind()</function> to a
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync privileged port and set process resource limits.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Unfortunately, this means that the <option>-u</option>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync option only works when <command>named</command> is run
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync later, since previous kernels did not allow privileges
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync to be retained after <function>setuid()</function>.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Report the version number and exit.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <term>-x <replaceable class="parameter">cache-file</replaceable></term>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Load data from <replaceable
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync class="parameter">cache-file</replaceable> into the
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync cache of the default view.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync This option must not be used. It is only of interest
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync to BIND 9 developers and may be removed or changed in a
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync future release.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </variablelist>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </refsect1>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync In routine operation, signals should not be used to control
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync the nameserver; <command>rndc</command> should be used
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <variablelist>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Force a reload of the server.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Shut down the server.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </variablelist>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync The result of sending any other signals to the server is undefined.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </refsect1>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync The <command>named</command> configuration file is too complex
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync to describe in detail here. A complete description is
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync provided in the <citetitle>BIND 9 Administrator Reference
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync Manual</citetitle>.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </refsect1>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <variablelist>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync The default configuration file.
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </listitem>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync </varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <varlistentry>
1b33c96954667ba382fa595baf7b31290bfdd517vboxsync <term><filename>/var/run/named.pid</filename></term>