man.named.html revision dba3c818ae00b10388d31703e86a28415db398ac
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - Copyright (C) 2000-2003 Internet Software Consortium.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - Permission to use, copy, modify, and/or distribute this software for any
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - purpose with or without fee is hereby granted, provided that the above
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - copyright notice and this permission notice appear in all copies.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens - PERFORMANCE OF THIS SOFTWARE.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
6d52f363e3b2c0c5da672c5b8c8adec99d345f38Lori Alt<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<link rel="prev" href="man.named-checkzone.html" title="named-checkzone">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<link rel="next" href="man.named-journalprint.html" title="named-journalprint">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<table width="100%" summary="Navigation header">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<tr><th colspan="3" align="center"><span class="application">named</span></th></tr>
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby<a accesskey="p" href="man.named-checkzone.html">Prev</a>�</td>
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby<td width="20%" align="right">�<a accesskey="n" href="man.named-journalprint.html">Next</a>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<a name="man.named"></a><div class="titlepage"></div>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<p><span class="application">named</span> — Internet domain name server</p>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<div class="cmdsynopsis"><p><code class="command">named</code> [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine-name</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-S <em class="replaceable"><code>#max-socks</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-U <em class="replaceable"><code>#listeners</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-V</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<p><span><strong class="command">named</strong></span>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens is a Domain Name System (DNS) server,
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens part of the BIND 9 distribution from ISC. For more
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens information on the DNS, see RFCs 1033, 1034, and 1035.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens When invoked without arguments, <span><strong class="command">named</strong></span>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens read the default configuration file
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <code class="filename">/etc/named.conf</code>, read any initial
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens data, and listen for queries.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Use IPv4 only even if the host machine is capable of IPv6.
e4d060fb4c00d44cd578713eb9a921f594b733b8Sam Falkner <code class="option">-4</code> and <code class="option">-6</code> are mutually
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Use IPv6 only even if the host machine is capable of IPv4.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <code class="option">-4</code> and <code class="option">-6</code> are mutually
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Use <em class="replaceable"><code>config-file</code></em> as the
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens configuration file instead of the default,
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <code class="filename">/etc/named.conf</code>. To
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens ensure that reloading the configuration file continues
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens to work after the server has changed its working
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens directory due to to a possible
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <code class="option">directory</code> option in the configuration
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens file, <em class="replaceable"><code>config-file</code></em> should be
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens an absolute pathname.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Debugging traces from <span><strong class="command">named</strong></span> become
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens more verbose as the debug level increases.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-E <em class="replaceable"><code>engine-name</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Use a crypto hardware (OpenSSL engine) for the crypto operations
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby it supports, for instance re-signing with private keys from
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby a secure key store. When compiled with PKCS#11 support
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <em class="replaceable"><code>engine-name</code></em>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens defaults to pkcs11, the empty name resets it to no engine.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Run the server in the foreground (i.e. do not daemonize).
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Run the server in the foreground and force all logging
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-m <em class="replaceable"><code>flag</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Turn on memory usage debugging flags. Possible flags are
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <em class="replaceable"><code>usage</code></em>,
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <em class="replaceable"><code>trace</code></em>,
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <em class="replaceable"><code>record</code></em>,
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <em class="replaceable"><code>size</code></em>, and
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <em class="replaceable"><code>mctx</code></em>.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens These correspond to the ISC_MEM_DEBUGXXXX flags described in
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <code class="filename"><isc/mem.h></code>.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Create <em class="replaceable"><code>#cpus</code></em> worker threads
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens to take advantage of multiple CPUs. If not specified,
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <span><strong class="command">named</strong></span> will try to determine the
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens number of CPUs present and create one thread per CPU.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens If it is unable to determine the number of CPUs, a
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens single worker thread will be created.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Listen for queries on port <em class="replaceable"><code>port</code></em>. If not
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens specified, the default is port 53.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Write memory usage statistics to <code class="filename">stdout</code> on exit.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens This option is mainly of interest to BIND 9 developers
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens and may be removed or changed in a future release.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-S <em class="replaceable"><code>#max-socks</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Allow <span><strong class="command">named</strong></span> to use up to
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <em class="replaceable"><code>#max-socks</code></em> sockets.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens This option should be unnecessary for the vast majority
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens The use of this option could even be harmful because the
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens specified value may exceed the limitation of the
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens underlying system API.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens It is therefore set only when the default configuration
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens causes exhaustion of file descriptors and the
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens operational environment is known to support the
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens specified number of sockets.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Note also that the actual maximum number is normally a little
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens fewer than the specified value because
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <span><strong class="command">named</strong></span> reserves some file descriptors
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens for its internal use.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens to <em class="replaceable"><code>directory</code></em> after
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens processing the command line arguments, but before
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens reading the configuration file.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens This option should be used in conjunction with the
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <code class="option">-u</code> option, as chrooting a process
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens running as root doesn't enhance security on most
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens systems; the way <code class="function">chroot(2)</code> is
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens defined allows a process with root privileges to
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens escape a chroot jail.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-U <em class="replaceable"><code>#listeners</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Use <em class="replaceable"><code>#listeners</code></em>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens worker threads to listen for incoming UDP packets on each
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens address. If not specified, <span><strong class="command">named</strong></span> will
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens use all of the worker threads for this purpose; the
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens <code class="option">-U</code> option allows the number to be
e4d060fb4c00d44cd578713eb9a921f594b733b8Sam Falkner decreased but not increased.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens to <em class="replaceable"><code>user</code></em> after completing
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens privileged operations, such as creating sockets that
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens listen on privileged ports.
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens On Linux, <span><strong class="command">named</strong></span> uses the kernel's
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens capability mechanism to drop all root privileges
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens except the ability to <code class="function">bind(2)</code> to
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby privileged port and set process resource limits.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Unfortunately, this means that the <code class="option">-u</code>
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens option only works when <span><strong class="command">named</strong></span> is
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens later, since previous kernels did not allow privileges
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens to be retained after <code class="function">setuid(2)</code>.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Report the version number and exit.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens Report the version number and build options, and exit.
148434217c040ea38dc844384f6ba68d9b325906Matthew Ahrens<dt><span class="term">-x <em class="replaceable"><code>cache-file</code></em></span></dt>
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby Load data from <em class="replaceable"><code>cache-file</code></em> into the
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby cache of the default view.
842727c2f41f01b380de4f5e787d905702870f23Chris Kirby<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">