lwresd.html revision 135446
1<!-- 2 - Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") 3 - Copyright (C) 2000, 2001 Internet Software Consortium. 4 - 5 - Permission to use, copy, modify, and distribute this software for any 6 - purpose with or without fee is hereby granted, provided that the above 7 - copyright notice and this permission notice appear in all copies. 8 - 9 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 - PERFORMANCE OF THIS SOFTWARE. 16--> 17 18<!-- $Id: lwresd.html,v 1.4.2.1.4.3 2004/08/22 23:38:59 marka Exp $ --> 19 20<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 21<HTML 22><HEAD 23><TITLE 24>lwresd</TITLE 25><META 26NAME="GENERATOR" 27CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD 28><BODY 29CLASS="REFENTRY" 30BGCOLOR="#FFFFFF" 31TEXT="#000000" 32LINK="#0000FF" 33VLINK="#840084" 34ALINK="#0000FF" 35><H1 36><A 37NAME="AEN1" 38></A 39><SPAN 40CLASS="APPLICATION" 41>lwresd</SPAN 42></H1 43><DIV 44CLASS="REFNAMEDIV" 45><A 46NAME="AEN9" 47></A 48><H2 49>Name</H2 50><SPAN 51CLASS="APPLICATION" 52>lwresd</SPAN 53> -- lightweight resolver daemon</DIV 54><DIV 55CLASS="REFSYNOPSISDIV" 56><A 57NAME="AEN13" 58></A 59><H2 60>Synopsis</H2 61><P 62><B 63CLASS="COMMAND" 64>lwresd</B 65> [<VAR 66CLASS="OPTION" 67>-C <VAR 68CLASS="REPLACEABLE" 69>config-file</VAR 70></VAR 71>] [<VAR 72CLASS="OPTION" 73>-d <VAR 74CLASS="REPLACEABLE" 75>debug-level</VAR 76></VAR 77>] [<VAR 78CLASS="OPTION" 79>-f</VAR 80>] [<VAR 81CLASS="OPTION" 82>-g</VAR 83>] [<VAR 84CLASS="OPTION" 85>-i <VAR 86CLASS="REPLACEABLE" 87>pid-file</VAR 88></VAR 89>] [<VAR 90CLASS="OPTION" 91>-n <VAR 92CLASS="REPLACEABLE" 93>#cpus</VAR 94></VAR 95>] [<VAR 96CLASS="OPTION" 97>-P <VAR 98CLASS="REPLACEABLE" 99>port</VAR 100></VAR 101>] [<VAR 102CLASS="OPTION" 103>-p <VAR 104CLASS="REPLACEABLE" 105>port</VAR 106></VAR 107>] [<VAR 108CLASS="OPTION" 109>-s</VAR 110>] [<VAR 111CLASS="OPTION" 112>-t <VAR 113CLASS="REPLACEABLE" 114>directory</VAR 115></VAR 116>] [<VAR 117CLASS="OPTION" 118>-u <VAR 119CLASS="REPLACEABLE" 120>user</VAR 121></VAR 122>] [<VAR 123CLASS="OPTION" 124>-v</VAR 125>]</P 126></DIV 127><DIV 128CLASS="REFSECT1" 129><A 130NAME="AEN48" 131></A 132><H2 133>DESCRIPTION</H2 134><P 135> <B 136CLASS="COMMAND" 137>lwresd</B 138> is the daemon providing name lookup 139 services to clients that use the BIND 9 lightweight resolver 140 library. It is essentially a stripped-down, caching-only name 141 server that answers queries using the BIND 9 lightweight 142 resolver protocol rather than the DNS protocol. 143 </P 144><P 145> <B 146CLASS="COMMAND" 147>lwresd</B 148> listens for resolver queries on a 149 UDP port on the IPv4 loopback interface, 127.0.0.1. This 150 means that <B 151CLASS="COMMAND" 152>lwresd</B 153> can only be used by 154 processes running on the local machine. By default UDP port 155 number 921 is used for lightweight resolver requests and 156 responses. 157 </P 158><P 159> Incoming lightweight resolver requests are decoded by the 160 server which then resolves them using the DNS protocol. When 161 the DNS lookup completes, <B 162CLASS="COMMAND" 163>lwresd</B 164> encodes 165 the answers in the lightweight resolver format and returns 166 them to the client that made the request. 167 </P 168><P 169> If <TT 170CLASS="FILENAME" 171>/etc/resolv.conf</TT 172> contains any 173 <VAR 174CLASS="OPTION" 175>nameserver</VAR 176> entries, <B 177CLASS="COMMAND" 178>lwresd</B 179> 180 sends recursive DNS queries to those servers. This is similar 181 to the use of forwarders in a caching name server. If no 182 <VAR 183CLASS="OPTION" 184>nameserver</VAR 185> entries are present, or if 186 forwarding fails, <B 187CLASS="COMMAND" 188>lwresd</B 189> resolves the 190 queries autonomously starting at the root name servers, using 191 a built-in list of root server hints. 192 </P 193></DIV 194><DIV 195CLASS="REFSECT1" 196><A 197NAME="AEN63" 198></A 199><H2 200>OPTIONS</H2 201><P 202></P 203><DIV 204CLASS="VARIABLELIST" 205><DL 206><DT 207>-C <VAR 208CLASS="REPLACEABLE" 209>config-file</VAR 210></DT 211><DD 212><P 213> Use <VAR 214CLASS="REPLACEABLE" 215>config-file</VAR 216> as the 217 configuration file instead of the default, 218 <TT 219CLASS="FILENAME" 220>/etc/resolv.conf</TT 221>. 222 </P 223></DD 224><DT 225>-d <VAR 226CLASS="REPLACEABLE" 227>debug-level</VAR 228></DT 229><DD 230><P 231> Set the daemon's debug level to <VAR 232CLASS="REPLACEABLE" 233>debug-level</VAR 234>. 235 Debugging traces from <B 236CLASS="COMMAND" 237>lwresd</B 238> become 239 more verbose as the debug level increases. 240 </P 241></DD 242><DT 243>-f</DT 244><DD 245><P 246> Run the server in the foreground (i.e. do not daemonize). 247 </P 248></DD 249><DT 250>-g</DT 251><DD 252><P 253> Run the server in the foreground and force all logging 254 to <TT 255CLASS="FILENAME" 256>stderr</TT 257>. 258 </P 259></DD 260><DT 261>-n <VAR 262CLASS="REPLACEABLE" 263>#cpus</VAR 264></DT 265><DD 266><P 267> Create <VAR 268CLASS="REPLACEABLE" 269>#cpus</VAR 270> worker threads 271 to take advantage of multiple CPUs. If not specified, 272 <B 273CLASS="COMMAND" 274>lwresd</B 275> will try to determine the 276 number of CPUs present and create one thread per CPU. 277 If it is unable to determine the number of CPUs, a 278 single worker thread will be created. 279 </P 280></DD 281><DT 282>-P <VAR 283CLASS="REPLACEABLE" 284>port</VAR 285></DT 286><DD 287><P 288> Listen for lightweight resolver queries on port 289 <VAR 290CLASS="REPLACEABLE" 291>port</VAR 292>. If 293 not specified, the default is port 921. 294 </P 295></DD 296><DT 297>-p <VAR 298CLASS="REPLACEABLE" 299>port</VAR 300></DT 301><DD 302><P 303> Send DNS lookups to port <VAR 304CLASS="REPLACEABLE" 305>port</VAR 306>. If not 307 specified, the default is port 53. This provides a 308 way of testing the lightweight resolver daemon with a 309 name server that listens for queries on a non-standard 310 port number. 311 </P 312></DD 313><DT 314>-s</DT 315><DD 316><P 317> Write memory usage statistics to <TT 318CLASS="FILENAME" 319>stdout</TT 320> 321 on exit. 322 </P 323><DIV 324CLASS="NOTE" 325><BLOCKQUOTE 326CLASS="NOTE" 327><P 328><B 329>Note: </B 330> This option is mainly of interest to BIND 9 developers 331 and may be removed or changed in a future release. 332 </P 333></BLOCKQUOTE 334></DIV 335></DD 336><DT 337>-t <VAR 338CLASS="REPLACEABLE" 339>directory</VAR 340></DT 341><DD 342><P 343> <CODE 344CLASS="FUNCTION" 345>chroot()</CODE 346> to <VAR 347CLASS="REPLACEABLE" 348>directory</VAR 349> after 350 processing the command line arguments, but before 351 reading the configuration file. 352 </P 353><DIV 354CLASS="WARNING" 355><P 356></P 357><TABLE 358CLASS="WARNING" 359BORDER="1" 360WIDTH="90%" 361><TR 362><TD 363ALIGN="CENTER" 364><B 365>Warning</B 366></TD 367></TR 368><TR 369><TD 370ALIGN="LEFT" 371><P 372> This option should be used in conjunction with the 373 <VAR 374CLASS="OPTION" 375>-u</VAR 376> option, as chrooting a process 377 running as root doesn't enhance security on most 378 systems; the way <CODE 379CLASS="FUNCTION" 380>chroot()</CODE 381> is 382 defined allows a process with root privileges to 383 escape a chroot jail. 384 </P 385></TD 386></TR 387></TABLE 388></DIV 389></DD 390><DT 391>-u <VAR 392CLASS="REPLACEABLE" 393>user</VAR 394></DT 395><DD 396><P 397> <CODE 398CLASS="FUNCTION" 399>setuid()</CODE 400> to <VAR 401CLASS="REPLACEABLE" 402>user</VAR 403> after completing 404 privileged operations, such as creating sockets that 405 listen on privileged ports. 406 </P 407></DD 408><DT 409>-v</DT 410><DD 411><P 412> Report the version number and exit. 413 </P 414></DD 415></DL 416></DIV 417></DIV 418><DIV 419CLASS="REFSECT1" 420><A 421NAME="AEN137" 422></A 423><H2 424>FILES</H2 425><P 426></P 427><DIV 428CLASS="VARIABLELIST" 429><DL 430><DT 431><TT 432CLASS="FILENAME" 433>/etc/resolv.conf</TT 434></DT 435><DD 436><P 437> The default configuration file. 438 </P 439></DD 440><DT 441><TT 442CLASS="FILENAME" 443>/var/run/lwresd.pid</TT 444></DT 445><DD 446><P 447> The default process-id file. 448 </P 449></DD 450></DL 451></DIV 452></DIV 453><DIV 454CLASS="REFSECT1" 455><A 456NAME="AEN150" 457></A 458><H2 459>SEE ALSO</H2 460><P 461> <SPAN 462CLASS="CITEREFENTRY" 463><SPAN 464CLASS="REFENTRYTITLE" 465>named</SPAN 466>(8)</SPAN 467>, 468 <SPAN 469CLASS="CITEREFENTRY" 470><SPAN 471CLASS="REFENTRYTITLE" 472>lwres</SPAN 473>(3)</SPAN 474>, 475 <SPAN 476CLASS="CITEREFENTRY" 477><SPAN 478CLASS="REFENTRYTITLE" 479>resolver</SPAN 480>(5)</SPAN 481>. 482 </P 483></DIV 484><DIV 485CLASS="REFSECT1" 486><A 487NAME="AEN162" 488></A 489><H2 490>AUTHOR</H2 491><P 492> Internet Systems Consortium 493 </P 494></DIV 495></BODY 496></HTML 497> 498