<!-- - Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001, 2003 Internet Software Consortium. - - Permission to use, copy, modify, and distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> <!-- $Id: named.html,v 1.4.2.1.4.4 2004/08/22 23:38:59 marka Exp $ --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML ><HEAD ><TITLE >named</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD ><BODY CLASS="REFENTRY" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><H1 ><A NAME="AEN1" ></A ><SPAN CLASS="APPLICATION" >named</SPAN ></H1 ><DIV CLASS="REFNAMEDIV" ><A NAME="AEN9" ></A ><H2 >Name</H2 ><SPAN CLASS="APPLICATION" >named</SPAN > -- Internet domain name server</DIV ><DIV CLASS="REFSYNOPSISDIV" ><A NAME="AEN13" ></A ><H2 >Synopsis</H2 ><P ><B CLASS="COMMAND" >named</B > [<VAR CLASS="OPTION" >-4</VAR >] [<VAR CLASS="OPTION" >-6</VAR >] [<VAR CLASS="OPTION" >-c <VAR CLASS="REPLACEABLE" >config-file</VAR ></VAR >] [<VAR CLASS="OPTION" >-d <VAR CLASS="REPLACEABLE" >debug-level</VAR ></VAR >] [<VAR CLASS="OPTION" >-f</VAR >] [<VAR CLASS="OPTION" >-g</VAR >] [<VAR CLASS="OPTION" >-n <VAR CLASS="REPLACEABLE" >#cpus</VAR ></VAR >] [<VAR CLASS="OPTION" >-p <VAR CLASS="REPLACEABLE" >port</VAR ></VAR >] [<VAR CLASS="OPTION" >-s</VAR >] [<VAR CLASS="OPTION" >-t <VAR CLASS="REPLACEABLE" >directory</VAR ></VAR >] [<VAR CLASS="OPTION" >-u <VAR CLASS="REPLACEABLE" >user</VAR ></VAR >] [<VAR CLASS="OPTION" >-v</VAR >] [<VAR CLASS="OPTION" >-x <VAR CLASS="REPLACEABLE" >cache-file</VAR ></VAR >]</P ></DIV ><DIV CLASS="REFSECT1" ><A NAME="AEN49" ></A ><H2 >DESCRIPTION</H2 ><P > <B CLASS="COMMAND" >named</B > is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more information on the DNS, see RFCs 1033, 1034, and 1035. </P ><P > When invoked without arguments, <B CLASS="COMMAND" >named</B > will read the default configuration file <TT CLASS="FILENAME" >/etc/named.conf</TT >, read any initial data, and listen for queries. </P ></DIV ><DIV CLASS="REFSECT1" ><A NAME="AEN56" ></A ><H2 >OPTIONS</H2 ><P ></P ><DIV CLASS="VARIABLELIST" ><DL ><DT >-4</DT ><DD ><P > Use IPv4 only even if the host machine is capable of IPv6. <VAR CLASS="OPTION" >-4</VAR > and <VAR CLASS="OPTION" >-6</VAR > are mutually exclusive. </P ></DD ><DT >-6</DT ><DD ><P > Use IPv6 only even if the host machine is capable of IPv4. <VAR CLASS="OPTION" >-4</VAR > and <VAR CLASS="OPTION" >-6</VAR > are mutually exclusive. </P ></DD ><DT >-c <VAR CLASS="REPLACEABLE" >config-file</VAR ></DT ><DD ><P > Use <VAR CLASS="REPLACEABLE" >config-file</VAR > as the configuration file instead of the default, <TT CLASS="FILENAME" >/etc/named.conf</TT >. To ensure that reloading the configuration file continues to work after the server has changed its working directory due to to a possible <VAR CLASS="OPTION" >directory</VAR > option in the configuration file, <VAR CLASS="REPLACEABLE" >config-file</VAR > should be an absolute pathname. </P ></DD ><DT >-d <VAR CLASS="REPLACEABLE" >debug-level</VAR ></DT ><DD ><P > Set the daemon's debug level to <VAR CLASS="REPLACEABLE" >debug-level</VAR >. Debugging traces from <B CLASS="COMMAND" >named</B > become more verbose as the debug level increases. </P ></DD ><DT >-f</DT ><DD ><P > Run the server in the foreground (i.e. do not daemonize). </P ></DD ><DT >-g</DT ><DD ><P > Run the server in the foreground and force all logging to <TT CLASS="FILENAME" >stderr</TT >. </P ></DD ><DT >-n <VAR CLASS="REPLACEABLE" >#cpus</VAR ></DT ><DD ><P > Create <VAR CLASS="REPLACEABLE" >#cpus</VAR > worker threads to take advantage of multiple CPUs. If not specified, <B CLASS="COMMAND" >named</B > will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. </P ></DD ><DT >-p <VAR CLASS="REPLACEABLE" >port</VAR ></DT ><DD ><P > Listen for queries on port <VAR CLASS="REPLACEABLE" >port</VAR >. If not specified, the default is port 53. </P ></DD ><DT >-s</DT ><DD ><P > Write memory usage statistics to <TT CLASS="FILENAME" >stdout</TT > on exit. </P ><DIV CLASS="NOTE" ><BLOCKQUOTE CLASS="NOTE" ><P ><B >Note: </B > This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release. </P ></BLOCKQUOTE ></DIV ></DD ><DT >-t <VAR CLASS="REPLACEABLE" >directory</VAR ></DT ><DD ><P > <CODE CLASS="FUNCTION" >chroot()</CODE > to <VAR CLASS="REPLACEABLE" >directory</VAR > after processing the command line arguments, but before reading the configuration file. </P ><DIV CLASS="WARNING" ><P ></P ><TABLE CLASS="WARNING" BORDER="1" WIDTH="90%" ><TR ><TD ALIGN="CENTER" ><B >Warning</B ></TD ></TR ><TR ><TD ALIGN="LEFT" ><P > This option should be used in conjunction with the <VAR CLASS="OPTION" >-u</VAR > option, as chrooting a process running as root doesn't enhance security on most systems; the way <CODE CLASS="FUNCTION" >chroot()</CODE > is defined allows a process with root privileges to escape a chroot jail. </P ></TD ></TR ></TABLE ></DIV ></DD ><DT >-u <VAR CLASS="REPLACEABLE" >user</VAR ></DT ><DD ><P > <CODE CLASS="FUNCTION" >setuid()</CODE > to <VAR CLASS="REPLACEABLE" >user</VAR > after completing privileged operations, such as creating sockets that listen on privileged ports. </P ><DIV CLASS="NOTE" ><BLOCKQUOTE CLASS="NOTE" ><P ><B >Note: </B > On Linux, <B CLASS="COMMAND" >named</B > uses the kernel's capability mechanism to drop all root privileges except the ability to <CODE CLASS="FUNCTION" >bind()</CODE > to a privileged port and set process resource limits. Unfortunately, this means that the <VAR CLASS="OPTION" >-u</VAR > option only works when <B CLASS="COMMAND" >named</B > is run on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or later, since previous kernels did not allow privileges to be retained after <CODE CLASS="FUNCTION" >setuid()</CODE >. </P ></BLOCKQUOTE ></DIV ></DD ><DT >-v</DT ><DD ><P > Report the version number and exit. </P ></DD ><DT >-x <VAR CLASS="REPLACEABLE" >cache-file</VAR ></DT ><DD ><P > Load data from <VAR CLASS="REPLACEABLE" >cache-file</VAR > into the cache of the default view. </P ><DIV CLASS="WARNING" ><P ></P ><TABLE CLASS="WARNING" BORDER="1" WIDTH="90%" ><TR ><TD ALIGN="CENTER" ><B >Warning</B ></TD ></TR ><TR ><TD ALIGN="LEFT" ><P > This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release. </P ></TD ></TR ></TABLE ></DIV ></DD ></DL ></DIV ></DIV ><DIV CLASS="REFSECT1" ><A NAME="AEN153" ></A ><H2 >SIGNALS</H2 ><P > In routine operation, signals should not be used to control the nameserver; <B CLASS="COMMAND" >rndc</B > should be used instead. </P ><P ></P ><DIV CLASS="VARIABLELIST" ><DL ><DT >SIGHUP</DT ><DD ><P > Force a reload of the server. </P ></DD ><DT >SIGINT, SIGTERM</DT ><DD ><P > Shut down the server. </P ></DD ></DL ></DIV ><P > The result of sending any other signals to the server is undefined. </P ></DIV ><DIV CLASS="REFSECT1" ><A NAME="AEN167" ></A ><H2 >CONFIGURATION</H2 ><P > The <B CLASS="COMMAND" >named</B > configuration file is too complex to describe in detail here. A complete description is provided in the <I CLASS="CITETITLE" >BIND 9 Administrator Reference Manual</I >. </P ></DIV ><DIV CLASS="REFSECT1" ><A NAME="AEN172" ></A ><H2 >FILES</H2 ><P ></P ><DIV CLASS="VARIABLELIST" ><DL ><DT ><TT CLASS="FILENAME" >/etc/named.conf</TT ></DT ><DD ><P > The default configuration file. </P ></DD ><DT ><TT CLASS="FILENAME" >/var/run/named.pid</TT ></DT ><DD ><P > The default process-id file. </P ></DD ></DL ></DIV ></DIV ><DIV CLASS="REFSECT1" ><A NAME="AEN185" ></A ><H2 >SEE ALSO</H2 ><P > <I CLASS="CITETITLE" >RFC 1033</I >, <I CLASS="CITETITLE" >RFC 1034</I >, <I CLASS="CITETITLE" >RFC 1035</I >, <SPAN CLASS="CITEREFENTRY" ><SPAN CLASS="REFENTRYTITLE" >rndc</SPAN >(8)</SPAN >, <SPAN CLASS="CITEREFENTRY" ><SPAN CLASS="REFENTRYTITLE" >lwresd</SPAN >(8)</SPAN >, <I CLASS="CITETITLE" >BIND 9 Administrator Reference Manual</I >. </P ></DIV ><DIV CLASS="REFSECT1" ><A NAME="AEN198" ></A ><H2 >AUTHOR</H2 ><P > Internet Systems Consortium </P ></DIV ></BODY ></HTML >