man.named.html revision 4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721
297be3708069ef31814d6d75c0d71a50a78feb03Mark Andrews - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - Permission to use, copy, modify, and/or distribute this software for any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
01b18d4c7c14ccb93708ab7ffdece3ac67b15a7cAutomatic Updater<!-- $Id: man.named.html,v 1.126 2009/07/11 01:12:46 tbox Exp $ -->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.named-checkzone.html" title="named-checkzone">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.nsupdate.html" title="nsupdate">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<tr><th colspan="3" align="center"><span class="application">named</span></th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.named-checkzone.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.nsupdate.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="man.named"></a><div class="titlepage"></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="application">named</span> — Internet domain name server</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">named</code> [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-S <em class="replaceable"><code>#max-socks</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-V</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">named</strong></span>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater is a Domain Name System (DNS) server,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein part of the BIND 9 distribution from ISC. For more
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein information on the DNS, see RFCs 1033, 1034, and 1035.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein When invoked without arguments, <span><strong class="command">named</strong></span>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater read the default configuration file
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="filename">/etc/named.conf</code>, read any initial
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater data, and listen for queries.
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater Use IPv4 only even if the host machine is capable of IPv6.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="option">-4</code> and <code class="option">-6</code> are mutually
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater Use IPv6 only even if the host machine is capable of IPv4.
c6d486af36165da7eb970354981d145249e342e4Mark Andrews <code class="option">-4</code> and <code class="option">-6</code> are mutually
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater Use <em class="replaceable"><code>config-file</code></em> as the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein configuration file instead of the default,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="filename">/etc/named.conf</code>. To
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater ensure that reloading the configuration file continues
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein to work after the server has changed its working
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein directory due to to a possible
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater <code class="option">directory</code> option in the configuration
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein file, <em class="replaceable"><code>config-file</code></em> should be
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater an absolute pathname.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater Debugging traces from <span><strong class="command">named</strong></span> become
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater more verbose as the debug level increases.
507151045be68c671ffd4e2f37e17cdfa0376fc4Automatic Updater Run the server in the foreground (i.e. do not daemonize).
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Run the server in the foreground and force all logging
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-m <em class="replaceable"><code>flag</code></em></span></dt>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews Turn on memory usage debugging flags. Possible flags are
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="replaceable"><code>usage</code></em>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="replaceable"><code>trace</code></em>,
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews <em class="replaceable"><code>record</code></em>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="replaceable"><code>size</code></em>, and
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews These correspond to the ISC_MEM_DEBUGXXXX flags described in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="filename"><isc/mem.h></code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Create <em class="replaceable"><code>#cpus</code></em> worker threads
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein to take advantage of multiple CPUs. If not specified,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">named</strong></span> will try to determine the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein number of CPUs present and create one thread per CPU.
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews If it is unable to determine the number of CPUs, a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein single worker thread will be created.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Listen for queries on port <em class="replaceable"><code>port</code></em>. If not
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein specified, the default is port 53.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Write memory usage statistics to <code class="filename">stdout</code> on exit.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein This option is mainly of interest to BIND 9 developers
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein and may be removed or changed in a future release.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-S <em class="replaceable"><code>#max-socks</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Allow <span><strong class="command">named</strong></span> to use up to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="replaceable"><code>#max-socks</code></em> sockets.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein This option should be unnecessary for the vast majority
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The use of this option could even be harmful because the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein specified value may exceed the limitation of the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein underlying system API.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein It is therefore set only when the default configuration
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein causes exhaustion of file descriptors and the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein operational environment is known to support the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein specified number of sockets.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Note also that the actual maximum number is normally a little
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews fewer than the specified value because
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <span><strong class="command">named</strong></span> reserves some file descriptors
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews for its internal use.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews to <em class="replaceable"><code>directory</code></em> after
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews processing the command line arguments, but before
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews reading the configuration file.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein This option should be used in conjunction with the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="option">-u</code> option, as chrooting a process
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein running as root doesn't enhance security on most
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein systems; the way <code class="function">chroot(2)</code> is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein defined allows a process with root privileges to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein escape a chroot jail.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein to <em class="replaceable"><code>user</code></em> after completing
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein privileged operations, such as creating sockets that
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein listen on privileged ports.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein On Linux, <span><strong class="command">named</strong></span> uses the kernel's
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein capability mechanism to drop all root privileges
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein except the ability to <code class="function">bind(2)</code> to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein privileged port and set process resource limits.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Unfortunately, this means that the <code class="option">-u</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein option only works when <span><strong class="command">named</strong></span> is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein later, since previous kernels did not allow privileges
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein to be retained after <code class="function">setuid(2)</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Report the version number and exit.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Report the version number and build options, and exit.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-x <em class="replaceable"><code>cache-file</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Load data from <em class="replaceable"><code>cache-file</code></em> into the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein cache of the default view.
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews This option must not be used. It is only of interest
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews to BIND 9 developers and may be removed or changed in a
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews future release.
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews In routine operation, signals should not be used to control
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews the nameserver; <span><strong class="command">rndc</strong></span> should be used
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Force a reload of the server.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">SIGINT, SIGTERM</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Shut down the server.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The result of sending any other signals to the server is undefined.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The <span><strong class="command">named</strong></span> configuration file is too complex
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein to describe in detail here. A complete description is provided
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews <span><strong class="command">named</strong></span> inherits the <code class="function">umask</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein (file creation mode mask) from the parent process. If files
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein created by <span><strong class="command">named</strong></span>, such as journal files,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein need to have custom permissions, the <code class="function">umask</code>
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews should be set explicitly in the script used to start the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">named</strong></span> process.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term"><code class="filename">/etc/named.conf</code></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The default configuration file.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term"><code class="filename">/var/run/named/named.pid</code></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The default process-id file.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>,
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews <span class="citerefentry"><span class="refentrytitle">lwresd</span>(8)</span>,
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="corpauthor">Internet Systems Consortium</span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.named-checkzone.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right">�<a accesskey="n" href="man.nsupdate.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<span class="application">named-checkzone</span>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�<span class="application">nsupdate</span>