Add BIND 9.2.4rc7.

[dragonfly.git] / contrib / bind-9.2.4rc7 / bin / named / named.html

<!--
 - Copyright (C) 2004  Internet Systems Consortium, Inc. ("ISC")
 - Copyright (C) 2000, 2001  Internet Software Consortium.
 -
 - Permission to use, copy, modify, and distribute this software for any
 - purpose with or without fee is hereby granted, provided that the above
 - copyright notice and this permission notice appear in all copies.
 -
 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
 - AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 - PERFORMANCE OF THIS SOFTWARE.
-->

<!-- $Id: named.html,v 1.4.2.3 2004/06/03 05:21:14 marka Exp $ -->

<HTML
><HEAD
><TITLE
>named</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
><SPAN
CLASS="APPLICATION"
>named</SPAN
></A
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>named</SPAN
>&nbsp;--&nbsp;Internet domain name server</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>named</B
>  [<TT
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-f</TT
>] [<TT
CLASS="OPTION"
>-g</TT
>] [<TT
CLASS="OPTION"
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-s</TT
>] [<TT
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-v</TT
>] [<TT
CLASS="OPTION"
>-x <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
></TT
>]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN45"
></A
><H2
>DESCRIPTION</H2
><P
>       <B
CLASS="COMMAND"
>named</B
> is a Domain Name System (DNS) server,
        part of the BIND 9 distribution from ISC.  For more
        information on the DNS, see RFCs 1033, 1034, and 1035.
    </P
><P
>       When invoked without arguments, <B
CLASS="COMMAND"
>named</B
> will
        read the default configuration file
        <TT
CLASS="FILENAME"
>/etc/named.conf</TT
>, read any initial
        data, and listen for queries.
    </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN52"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></DT
><DD
><P
>               Use <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> as the
                configuration file instead of the default,
                <TT
CLASS="FILENAME"
>/etc/named.conf</TT
>.  To
                ensure that reloading the configuration file continues
                to work after the server has changed its working
                directory due to to a possible
                <TT
CLASS="OPTION"
>directory</TT
> option in the configuration
                file, <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> should be
                an absolute pathname.
          </P
></DD
><DT
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></DT
><DD
><P
>               Set the daemon's debug level to <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
>.
                Debugging traces from <B
CLASS="COMMAND"
>named</B
> become
                more verbose as the debug level increases.
          </P
></DD
><DT
>-f</DT
><DD
><P
>               Run the server in the foreground (i.e. do not daemonize).
          </P
></DD
><DT
>-g</DT
><DD
><P
>               Run the server in the foreground and force all logging
                to <TT
CLASS="FILENAME"
>stderr</TT
>.
          </P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></DT
><DD
><P
>               Create <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
> worker threads
                to take advantage of multiple CPUs.  If not specified,
                <B
CLASS="COMMAND"
>named</B
> will try to determine the
                number of CPUs present and create one thread per CPU.
                If it is unable to determine the number of CPUs, a
                single worker thread will be created.
          </P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
>               Listen for queries on port <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>.  If not
                specified, the default is port 53.
          </P
></DD
><DT
>-s</DT
><DD
><P
>               Write memory usage statistics to <TT
CLASS="FILENAME"
>stdout</TT
> on exit.
          </P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
>               This option is mainly of interest to BIND 9 developers
                and may be removed or changed in a future release.
            </P
></BLOCKQUOTE
></DIV
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
>               <TT
CLASS="FUNCTION"
>chroot()</TT
> to <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
> after
                processing the command line arguments, but before
                reading the configuration file.
          </P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
>               This option should be used in conjunction with the
                <TT
CLASS="OPTION"
>-u</TT
> option, as chrooting a process
                running as root doesn't enhance security on most
                systems; the way <TT
CLASS="FUNCTION"
>chroot()</TT
> is
                defined allows a process with root privileges to
                escape a chroot jail.
            </P
></TD
></TR
></TABLE
></DIV
></DD
><DT
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></DT
><DD
><P
>               <TT
CLASS="FUNCTION"
>setuid()</TT
> to <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
> after completing
                privileged operations, such as creating sockets that
                listen on privileged ports.
          </P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
>               On Linux, <B
CLASS="COMMAND"
>named</B
> uses the kernel's
                capability mechanism to drop all root privileges
                except the ability to <TT
CLASS="FUNCTION"
>bind()</TT
> to a
                privileged port and set process resource limits.
                Unfortunately, this means that the <TT
CLASS="OPTION"
>-u</TT
>
                option only works when <B
CLASS="COMMAND"
>named</B
> is run
                on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
                later, since previous kernels did not allow privileges
                to be retained after <TT
CLASS="FUNCTION"
>setuid()</TT
>.
            </P
></BLOCKQUOTE
></DIV
></DD
><DT
>-v</DT
><DD
><P
>               Report the version number and exit.
          </P
></DD
><DT
>-x <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
></DT
><DD
><P
>               Load data from <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
> into the
                cache of the default view.
          </P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
>               This option must not be used.  It is only of interest
                to BIND 9 developers and may be removed or changed in a
                future release.
            </P
></TD
></TR
></TABLE
></DIV
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN137"
></A
><H2
>SIGNALS</H2
><P
>       In routine operation, signals should not be used to control
        the nameserver; <B
CLASS="COMMAND"
>rndc</B
> should be used
        instead.
    </P
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>SIGHUP</DT
><DD
><P
>               Force a reload of the server.
          </P
></DD
><DT
>SIGINT, SIGTERM</DT
><DD
><P
>               Shut down the server.
          </P
></DD
></DL
></DIV
><P
>       The result of sending any other signals to the server is undefined.
    </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN151"
></A
><H2
>CONFIGURATION</H2
><P
>       The <B
CLASS="COMMAND"
>named</B
> configuration file is too complex
        to describe in detail here.  A complete description is
        provided in the <I
CLASS="CITETITLE"
>BIND 9 Administrator Reference
        Manual</I
>.
    </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN156"
></A
><H2
>FILES</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><TT
CLASS="FILENAME"
>/etc/named.conf</TT
></DT
><DD
><P
>               The default configuration file.
          </P
></DD
><DT
><TT
CLASS="FILENAME"
>/var/run/named.pid</TT
></DT
><DD
><P
>               The default process-id file.
          </P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN169"
></A
><H2
>SEE ALSO</H2
><P
>       <I
CLASS="CITETITLE"
>RFC 1033</I
>,
        <I
CLASS="CITETITLE"
>RFC 1034</I
>,
        <I
CLASS="CITETITLE"
>RFC 1035</I
>,
        <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc</SPAN
>(8)</SPAN
>,
        <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwresd</SPAN
>(8)</SPAN
>,
        <I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
    </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN182"
></A
><H2
>AUTHOR</H2
><P
>       Internet Systems Consortium
    </P
></DIV
></BODY
></HTML
>