named.html revision f051d76c87e055c6ea3879e0c97a76609df915cc
220a21d38f675eb835f5758e3d23e896573aa5eaLennart Poettering - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC")
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - Permission to use, copy, modify, and distribute this software for any
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - purpose with or without fee is hereby granted, provided that the above
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - copyright notice and this permission notice appear in all copies.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek - PERFORMANCE OF THIS SOFTWARE.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<!-- $Id: named.html,v 1.18 2006/03/11 02:07:52 marka Exp $ -->
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<meta name="generator" content="DocBook XSL Stylesheets V1.69.1">
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<a name="man.named"></a><div class="titlepage"></div>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<p><span class="application">named</span> — Internet domain name server</p>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<div class="cmdsynopsis"><p><code class="command">named</code> [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<a name="id2525937"></a><h2>DESCRIPTION</h2>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<p><span><strong class="command">named</strong></span>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek is a Domain Name System (DNS) server,
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek part of the BIND 9 distribution from ISC. For more
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek information on the DNS, see RFCs 1033, 1034, and 1035.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek When invoked without arguments, <span><strong class="command">named</strong></span>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek read the default configuration file
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek <code class="filename">/etc/named.conf</code>, read any initial
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek data, and listen for queries.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<a name="id2525961"></a><h2>OPTIONS</h2>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<dt><span class="term">-4</span></dt>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Use IPv4 only even if the host machine is capable of IPv6.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek <code class="option">-4</code> and <code class="option">-6</code> are mutually
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<dt><span class="term">-6</span></dt>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Use IPv6 only even if the host machine is capable of IPv4.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek <code class="option">-4</code> and <code class="option">-6</code> are mutually
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek Use <em class="replaceable"><code>config-file</code></em> as the
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek configuration file instead of the default,
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek <code class="filename">/etc/named.conf</code>. To
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek ensure that reloading the configuration file continues
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek to work after the server has changed its working
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek directory due to to a possible
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek <code class="option">directory</code> option in the configuration
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek file, <em class="replaceable"><code>config-file</code></em> should be
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek an absolute pathname.
b62a309a47dd11e11729616767421397b6ca7053Zbigniew Jędrzejewski-Szmek<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Debugging traces from <span><strong class="command">named</strong></span> become
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt more verbose as the debug level increases.
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Run the server in the foreground (i.e. do not daemonize).
e6c253e363dee77ef7e5c5f44c4ca55cded3fd47Michal Schmidt Run the server in the foreground and force all logging
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Create <em class="replaceable"><code>#cpus</code></em> worker threads
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to take advantage of multiple CPUs. If not specified,
b72ddf0f4f552dd53d6404b6ddbc9f17d02b8e12Kay Sievers <span><strong class="command">named</strong></span> will try to determine the
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering number of CPUs present and create one thread per CPU.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering If it is unable to determine the number of CPUs, a
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering single worker thread will be created.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Listen for queries on port <em class="replaceable"><code>port</code></em>. If not
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering specified, the default is port 53.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Write memory usage statistics to <code class="filename">stdout</code> on exit.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering This option is mainly of interest to BIND 9 developers
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering and may be removed or changed in a future release.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to <em class="replaceable"><code>directory</code></em> after
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering processing the command line arguments, but before
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering reading the configuration file.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering This option should be used in conjunction with the
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <code class="option">-u</code> option, as chrooting a process
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering running as root doesn't enhance security on most
daa05349dfefb12638c96e034c11be613bdc39b7Ansgar Burchardt systems; the way <code class="function">chroot()</code> is
daa05349dfefb12638c96e034c11be613bdc39b7Ansgar Burchardt defined allows a process with root privileges to
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering escape a chroot jail.
5f02e26ca7c039837dbaea63f3d3664fe45c26b9Thomas Hindoe Paaboel Andersen<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to <em class="replaceable"><code>user</code></em> after completing
a1a4a25e7f6b515d0c8c25257714299853f261aaDaniel Mack privileged operations, such as creating sockets that
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering listen on privileged ports.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering On Linux, <span><strong class="command">named</strong></span> uses the kernel's
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering capability mechanism to drop all root privileges
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering except the ability to <code class="function">bind()</code> to
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering privileged port and set process resource limits.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Unfortunately, this means that the <code class="option">-u</code>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering option only works when <span><strong class="command">named</strong></span> is
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering later, since previous kernels did not allow privileges
5f02e26ca7c039837dbaea63f3d3664fe45c26b9Thomas Hindoe Paaboel Andersen to be retained after <code class="function">setuid()</code>.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Report the version number and exit.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term">-x <em class="replaceable"><code>cache-file</code></em></span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Load data from <em class="replaceable"><code>cache-file</code></em> into the
a1a4a25e7f6b515d0c8c25257714299853f261aaDaniel Mack cache of the default view.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering This option must not be used. It is only of interest
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to BIND 9 developers and may be removed or changed in a
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering future release.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering In routine operation, signals should not be used to control
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering the nameserver; <span><strong class="command">rndc</strong></span> should be used
01da80b1aa0e21f8785d467afc295e37fd00ffa1Lennart Poettering Force a reload of the server.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<dt><span class="term">SIGINT, SIGTERM</span></dt>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering Shut down the server.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering The result of sending any other signals to the server is undefined.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<a name="id2526422"></a><h2>CONFIGURATION</h2>
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering The <span><strong class="command">named</strong></span> configuration file is too complex
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering to describe in detail here. A complete description is provided
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen<dt><span class="term"><code class="filename">/etc/named.conf</code></span></dt>
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen The default configuration file.
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen<dt><span class="term"><code class="filename">/var/run/named.pid</code></span></dt>
265684034fac5f2674723ab7ace55b2485a1b29fTom Gundersen The default process-id file.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <span class="citerefentry"><span class="refentrytitle">lwresd</span>(8)</span>,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
b2ca0d63277b10c9382d5bcfcdf320dbb712511bLennart Poettering<p><span class="corpauthor">Internet Systems Consortium</span>