man.named.html revision 91a45a8ad51e9167e674ac5ed9b4c9eb3e7faea6
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - Copyright (C) 2000-2003 Internet Software Consortium.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - Permission to use, copy, modify, and/or distribute this software for any
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - purpose with or without fee is hereby granted, provided that the above
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - copyright notice and this permission notice appear in all copies.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - PERFORMANCE OF THIS SOFTWARE.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<!-- $Id$ -->
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<link rel="prev" href="man.named-checkzone.html" title="named-checkzone">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<link rel="next" href="man.named-journalprint.html" title="named-journalprint">
0fb4093da08d574d3d1b661d4425dfbac8e02aabJames Phillpotts<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<table width="100%" summary="Navigation header">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<tr><th colspan="3" align="center"><span class="application">named</span></th></tr>
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden<a accesskey="p" href="man.named-checkzone.html">Prev</a>�</td>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<th width="60%" align="center">Manual pages</th>
402cd5da45d9182b81c16a13c3568faf78701827Andrew Forrest<td width="20%" align="right">�<a accesskey="n" href="man.named-journalprint.html">Next</a>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<a name="man.named"></a><div class="titlepage"></div>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<p><span class="application">named</span> — Internet domain name server</p>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<div class="cmdsynopsis"><p><code class="command">named</code> [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-D <em class="replaceable"><code>string</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine-name</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-S <em class="replaceable"><code>#max-socks</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-U <em class="replaceable"><code>#listeners</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-V</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<p><span><strong class="command">named</strong></span>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster is a Domain Name System (DNS) server,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster part of the BIND 9 distribution from ISC. For more
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster information on the DNS, see RFCs 1033, 1034, and 1035.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster When invoked without arguments, <span><strong class="command">named</strong></span>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster read the default configuration file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="filename">/etc/named.conf</code>, read any initial
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster data, and listen for queries.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Use IPv4 only even if the host machine is capable of IPv6.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="option">-4</code> and <code class="option">-6</code> are mutually
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Use IPv6 only even if the host machine is capable of IPv4.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="option">-4</code> and <code class="option">-6</code> are mutually
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Use <em class="replaceable"><code>config-file</code></em> as the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster configuration file instead of the default,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="filename">/etc/named.conf</code>. To
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ensure that reloading the configuration file continues
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster to work after the server has changed its working
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster directory due to to a possible
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="option">directory</code> option in the configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster file, <em class="replaceable"><code>config-file</code></em> should be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster an absolute pathname.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Debugging traces from <span><strong class="command">named</strong></span> become
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster more verbose as the debug level increases.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-D <em class="replaceable"><code>string</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Specifies a string that is used to identify a instance of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">named</strong></span> in a process listing. The contents
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster of <em class="replaceable"><code>string</code></em> are
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster not examined.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-E <em class="replaceable"><code>engine-name</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Use a crypto hardware (OpenSSL engine) for the crypto operations
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster it supports, for instance re-signing with private keys from
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster a secure key store. When compiled with PKCS#11 support
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <em class="replaceable"><code>engine-name</code></em>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster defaults to pkcs11, the empty name resets it to no engine.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Run the server in the foreground (i.e. do not daemonize).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Run the server in the foreground and force all logging
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-m <em class="replaceable"><code>flag</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Turn on memory usage debugging flags. Possible flags are
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <em class="replaceable"><code>usage</code></em>,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <em class="replaceable"><code>trace</code></em>,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <em class="replaceable"><code>record</code></em>,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <em class="replaceable"><code>size</code></em>, and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <em class="replaceable"><code>mctx</code></em>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster These correspond to the ISC_MEM_DEBUGXXXX flags described in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="filename"><isc/mem.h></code>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Create <em class="replaceable"><code>#cpus</code></em> worker threads
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster to take advantage of multiple CPUs. If not specified,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">named</strong></span> will try to determine the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster number of CPUs present and create one thread per CPU.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster If it is unable to determine the number of CPUs, a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster single worker thread will be created.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Listen for queries on port <em class="replaceable"><code>port</code></em>. If not
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster specified, the default is port 53.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Write memory usage statistics to <code class="filename">stdout</code> on exit.
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden This option is mainly of interest to BIND 9 developers
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden and may be removed or changed in a future release.
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden<dt><span class="term">-S <em class="replaceable"><code>#max-socks</code></em></span></dt>
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden Allow <span><strong class="command">named</strong></span> to use up to
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden <em class="replaceable"><code>#max-socks</code></em> sockets.
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
2dcb4fe863ae1bed4b9689ec053f951d75335589Neil Madden This option should be unnecessary for the vast majority
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster The use of this option could even be harmful because the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster specified value may exceed the limitation of the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster underlying system API.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster It is therefore set only when the default configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster causes exhaustion of file descriptors and the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster operational environment is known to support the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster specified number of sockets.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Note also that the actual maximum number is normally a little
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster fewer than the specified value because
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">named</strong></span> reserves some file descriptors
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for its internal use.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster to <em class="replaceable"><code>directory</code></em> after
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster processing the command line arguments, but before
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster reading the configuration file.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster This option should be used in conjunction with the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="option">-u</code> option, as chrooting a process
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster running as root doesn't enhance security on most
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster systems; the way <code class="function">chroot(2)</code> is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster defined allows a process with root privileges to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster escape a chroot jail.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-U <em class="replaceable"><code>#listeners</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Use <em class="replaceable"><code>#listeners</code></em>
402cd5da45d9182b81c16a13c3568faf78701827Andrew Forrest worker threads to listen for incoming UDP packets on each
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster address. If not specified, <span><strong class="command">named</strong></span> will
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster use the number of detected CPUs. If <code class="option">-n</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster has been set to a higher value than the number of CPUs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster then <code class="option">-U</code> may be increased as high as that
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster value, but no higher.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster to <em class="replaceable"><code>user</code></em> after completing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster privileged operations, such as creating sockets that
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster listen on privileged ports.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
402cd5da45d9182b81c16a13c3568faf78701827Andrew Forrest On Linux, <span><strong class="command">named</strong></span> uses the kernel's
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster capability mechanism to drop all root privileges
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster except the ability to <code class="function">bind(2)</code> to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster privileged port and set process resource limits.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Unfortunately, this means that the <code class="option">-u</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster option only works when <span><strong class="command">named</strong></span> is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster later, since previous kernels did not allow privileges
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster to be retained after <code class="function">setuid(2)</code>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Report the version number and exit.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Report the version number and build options, and exit.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-x <em class="replaceable"><code>cache-file</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Load data from <em class="replaceable"><code>cache-file</code></em> into the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cache of the default view.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster This option must not be used. It is only of interest
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster to BIND 9 developers and may be removed or changed in a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster future release.