lwresd.html revision 135446 
1<!--
2 - Copyright (C) 2004  Internet Systems Consortium, Inc. ("ISC")
3 - Copyright (C) 2000, 2001  Internet Software Consortium.
4 -
5 - Permission to use, copy, modify, and distribute this software for any
6 - purpose with or without fee is hereby granted, provided that the above
7 - copyright notice and this permission notice appear in all copies.
8 -
9 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 - AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 - PERFORMANCE OF THIS SOFTWARE.
16-->
17
18<!-- $Id: lwresd.html,v 1.4.2.1.4.3 2004/08/22 23:38:59 marka Exp $ -->
19
20<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
21<HTML
22><HEAD
23><TITLE
24>lwresd</TITLE
25><META
26NAME="GENERATOR"
27CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
28><BODY
29CLASS="REFENTRY"
30BGCOLOR="#FFFFFF"
31TEXT="#000000"
32LINK="#0000FF"
33VLINK="#840084"
34ALINK="#0000FF"
35><H1
36><A
37NAME="AEN1"
38></A
39><SPAN
40CLASS="APPLICATION"
41>lwresd</SPAN
42></H1
43><DIV
44CLASS="REFNAMEDIV"
45><A
46NAME="AEN9"
47></A
48><H2
49>Name</H2
50><SPAN
51CLASS="APPLICATION"
52>lwresd</SPAN
53>&nbsp;--&nbsp;lightweight resolver daemon</DIV
54><DIV
55CLASS="REFSYNOPSISDIV"
56><A
57NAME="AEN13"
58></A
59><H2
60>Synopsis</H2
61><P
62><B
63CLASS="COMMAND"
64>lwresd</B
65>  [<VAR
66CLASS="OPTION"
67>-C <VAR
68CLASS="REPLACEABLE"
69>config-file</VAR
70></VAR
71>] [<VAR
72CLASS="OPTION"
73>-d <VAR
74CLASS="REPLACEABLE"
75>debug-level</VAR
76></VAR
77>] [<VAR
78CLASS="OPTION"
79>-f</VAR
80>] [<VAR
81CLASS="OPTION"
82>-g</VAR
83>] [<VAR
84CLASS="OPTION"
85>-i <VAR
86CLASS="REPLACEABLE"
87>pid-file</VAR
88></VAR
89>] [<VAR
90CLASS="OPTION"
91>-n <VAR
92CLASS="REPLACEABLE"
93>#cpus</VAR
94></VAR
95>] [<VAR
96CLASS="OPTION"
97>-P <VAR
98CLASS="REPLACEABLE"
99>port</VAR
100></VAR
101>] [<VAR
102CLASS="OPTION"
103>-p <VAR
104CLASS="REPLACEABLE"
105>port</VAR
106></VAR
107>] [<VAR
108CLASS="OPTION"
109>-s</VAR
110>] [<VAR
111CLASS="OPTION"
112>-t <VAR
113CLASS="REPLACEABLE"
114>directory</VAR
115></VAR
116>] [<VAR
117CLASS="OPTION"
118>-u <VAR
119CLASS="REPLACEABLE"
120>user</VAR
121></VAR
122>] [<VAR
123CLASS="OPTION"
124>-v</VAR
125>]</P
126></DIV
127><DIV
128CLASS="REFSECT1"
129><A
130NAME="AEN48"
131></A
132><H2
133>DESCRIPTION</H2
134><P
135>	<B
136CLASS="COMMAND"
137>lwresd</B
138> is the daemon providing name lookup
139	services to clients that use the BIND 9 lightweight resolver
140	library.  It is essentially a stripped-down, caching-only name
141	server that answers queries using the BIND 9 lightweight
142	resolver protocol rather than the DNS protocol.
143    </P
144><P
145>	<B
146CLASS="COMMAND"
147>lwresd</B
148> listens for resolver queries on a
149	UDP port on the IPv4 loopback interface, 127.0.0.1.  This
150	means that <B
151CLASS="COMMAND"
152>lwresd</B
153> can only be used by
154	processes running on the local machine.  By default UDP port
155	number 921 is used for lightweight resolver requests and
156	responses.
157    </P
158><P
159>	Incoming lightweight resolver requests are decoded by the
160	server which then resolves them using the DNS protocol.  When
161	the DNS lookup completes, <B
162CLASS="COMMAND"
163>lwresd</B
164> encodes
165	the answers in the lightweight resolver format and returns
166	them to the client that made the request.
167    </P
168><P
169>	If <TT
170CLASS="FILENAME"
171>/etc/resolv.conf</TT
172> contains any
173	<VAR
174CLASS="OPTION"
175>nameserver</VAR
176> entries, <B
177CLASS="COMMAND"
178>lwresd</B
179>
180	sends recursive DNS queries to those servers.  This is similar
181	to the use of forwarders in a caching name server.  If no
182	<VAR
183CLASS="OPTION"
184>nameserver</VAR
185> entries are present, or if
186	forwarding fails, <B
187CLASS="COMMAND"
188>lwresd</B
189> resolves the
190	queries autonomously starting at the root name servers, using
191	a built-in list of root server hints.
192    </P
193></DIV
194><DIV
195CLASS="REFSECT1"
196><A
197NAME="AEN63"
198></A
199><H2
200>OPTIONS</H2
201><P
202></P
203><DIV
204CLASS="VARIABLELIST"
205><DL
206><DT
207>-C <VAR
208CLASS="REPLACEABLE"
209>config-file</VAR
210></DT
211><DD
212><P
213>		Use <VAR
214CLASS="REPLACEABLE"
215>config-file</VAR
216> as the
217		configuration file instead of the default,
218		<TT
219CLASS="FILENAME"
220>/etc/resolv.conf</TT
221>.
222          </P
223></DD
224><DT
225>-d <VAR
226CLASS="REPLACEABLE"
227>debug-level</VAR
228></DT
229><DD
230><P
231>		Set the daemon's debug level to <VAR
232CLASS="REPLACEABLE"
233>debug-level</VAR
234>.
235		Debugging traces from <B
236CLASS="COMMAND"
237>lwresd</B
238> become
239		more verbose as the debug level increases.
240          </P
241></DD
242><DT
243>-f</DT
244><DD
245><P
246>		Run the server in the foreground (i.e. do not daemonize).
247          </P
248></DD
249><DT
250>-g</DT
251><DD
252><P
253>		Run the server in the foreground and force all logging
254		to <TT
255CLASS="FILENAME"
256>stderr</TT
257>.
258          </P
259></DD
260><DT
261>-n <VAR
262CLASS="REPLACEABLE"
263>#cpus</VAR
264></DT
265><DD
266><P
267>		Create <VAR
268CLASS="REPLACEABLE"
269>#cpus</VAR
270> worker threads
271		to take advantage of multiple CPUs.  If not specified,
272		<B
273CLASS="COMMAND"
274>lwresd</B
275> will try to determine the
276		number of CPUs present and create one thread per CPU.
277		If it is unable to determine the number of CPUs, a
278		single worker thread will be created.
279          </P
280></DD
281><DT
282>-P <VAR
283CLASS="REPLACEABLE"
284>port</VAR
285></DT
286><DD
287><P
288>		Listen for lightweight resolver queries on port
289		<VAR
290CLASS="REPLACEABLE"
291>port</VAR
292>.  If
293		not specified, the default is port 921.
294          </P
295></DD
296><DT
297>-p <VAR
298CLASS="REPLACEABLE"
299>port</VAR
300></DT
301><DD
302><P
303>		Send DNS lookups to port <VAR
304CLASS="REPLACEABLE"
305>port</VAR
306>.  If not
307		specified, the default is port 53.  This provides a
308		way of testing the lightweight resolver daemon with a
309		name server that listens for queries on a non-standard
310		port number.
311          </P
312></DD
313><DT
314>-s</DT
315><DD
316><P
317>		Write memory usage statistics to <TT
318CLASS="FILENAME"
319>stdout</TT
320>
321		on exit.
322          </P
323><DIV
324CLASS="NOTE"
325><BLOCKQUOTE
326CLASS="NOTE"
327><P
328><B
329>Note: </B
330>		This option is mainly of interest to BIND 9 developers
331		and may be removed or changed in a future release.
332	    </P
333></BLOCKQUOTE
334></DIV
335></DD
336><DT
337>-t <VAR
338CLASS="REPLACEABLE"
339>directory</VAR
340></DT
341><DD
342><P
343>		<CODE
344CLASS="FUNCTION"
345>chroot()</CODE
346> to <VAR
347CLASS="REPLACEABLE"
348>directory</VAR
349> after
350		processing the command line arguments, but before
351		reading the configuration file.
352          </P
353><DIV
354CLASS="WARNING"
355><P
356></P
357><TABLE
358CLASS="WARNING"
359BORDER="1"
360WIDTH="90%"
361><TR
362><TD
363ALIGN="CENTER"
364><B
365>Warning</B
366></TD
367></TR
368><TR
369><TD
370ALIGN="LEFT"
371><P
372>		This option should be used in conjunction with the
373		<VAR
374CLASS="OPTION"
375>-u</VAR
376> option, as chrooting a process
377		running as root doesn't enhance security on most
378		systems; the way <CODE
379CLASS="FUNCTION"
380>chroot()</CODE
381> is
382		defined allows a process with root privileges to
383		escape a chroot jail.
384	    </P
385></TD
386></TR
387></TABLE
388></DIV
389></DD
390><DT
391>-u <VAR
392CLASS="REPLACEABLE"
393>user</VAR
394></DT
395><DD
396><P
397>		<CODE
398CLASS="FUNCTION"
399>setuid()</CODE
400> to <VAR
401CLASS="REPLACEABLE"
402>user</VAR
403> after completing
404		privileged operations, such as creating sockets that
405		listen on privileged ports.
406          </P
407></DD
408><DT
409>-v</DT
410><DD
411><P
412>		Report the version number and exit.
413          </P
414></DD
415></DL
416></DIV
417></DIV
418><DIV
419CLASS="REFSECT1"
420><A
421NAME="AEN137"
422></A
423><H2
424>FILES</H2
425><P
426></P
427><DIV
428CLASS="VARIABLELIST"
429><DL
430><DT
431><TT
432CLASS="FILENAME"
433>/etc/resolv.conf</TT
434></DT
435><DD
436><P
437>		The default configuration file.
438          </P
439></DD
440><DT
441><TT
442CLASS="FILENAME"
443>/var/run/lwresd.pid</TT
444></DT
445><DD
446><P
447>		The default process-id file.
448          </P
449></DD
450></DL
451></DIV
452></DIV
453><DIV
454CLASS="REFSECT1"
455><A
456NAME="AEN150"
457></A
458><H2
459>SEE ALSO</H2
460><P
461>	<SPAN
462CLASS="CITEREFENTRY"
463><SPAN
464CLASS="REFENTRYTITLE"
465>named</SPAN
466>(8)</SPAN
467>,
468	<SPAN
469CLASS="CITEREFENTRY"
470><SPAN
471CLASS="REFENTRYTITLE"
472>lwres</SPAN
473>(3)</SPAN
474>,
475	<SPAN
476CLASS="CITEREFENTRY"
477><SPAN
478CLASS="REFENTRYTITLE"
479>resolver</SPAN
480>(5)</SPAN
481>.
482    </P
483></DIV
484><DIV
485CLASS="REFSECT1"
486><A
487NAME="AEN162"
488></A
489><H2
490>AUTHOR</H2
491><P
492>	Internet Systems Consortium
493    </P
494></DIV
495></BODY
496></HTML
497>
498