1 <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
2 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
3 [<!ENTITY mdash "—">]>
5 - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
6 - Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
8 - Permission to use, copy, modify, and/or distribute this software for any
9 - purpose with or without fee is hereby granted, provided that the above
10 - copyright notice and this permission notice appear in all copies.
12 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
13 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
14 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
15 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
16 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
17 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
18 - PERFORMANCE OF THIS SOFTWARE.
21 <!-- $Id: named.docbook,v 1.23.14.2 2009/12/03 04:49:32 tbox Exp $ -->
22 <refentry id="man.named">
24 <date>May 21, 2009</date>
28 <refentrytitle><application>named</application></refentrytitle>
29 <manvolnum>8</manvolnum>
30 <refmiscinfo>BIND9</refmiscinfo>
34 <refname><application>named</application></refname>
35 <refpurpose>Internet domain name server</refpurpose>
46 <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
52 <holder>Internet Software Consortium.</holder>
58 <command>named</command>
59 <arg><option>-4</option></arg>
60 <arg><option>-6</option></arg>
61 <arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
62 <arg><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg>
63 <arg><option>-f</option></arg>
64 <arg><option>-g</option></arg>
65 <arg><option>-m <replaceable class="parameter">flag</replaceable></option></arg>
66 <arg><option>-n <replaceable class="parameter">#cpus</replaceable></option></arg>
67 <arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
68 <arg><option>-s</option></arg>
69 <arg><option>-S <replaceable class="parameter">#max-socks</replaceable></option></arg>
70 <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
71 <arg><option>-u <replaceable class="parameter">user</replaceable></option></arg>
72 <arg><option>-v</option></arg>
73 <arg><option>-V</option></arg>
74 <arg><option>-x <replaceable class="parameter">cache-file</replaceable></option></arg>
79 <title>DESCRIPTION</title>
80 <para><command>named</command>
81 is a Domain Name System (DNS) server,
82 part of the BIND 9 distribution from ISC. For more
83 information on the DNS, see RFCs 1033, 1034, and 1035.
86 When invoked without arguments, <command>named</command>
88 read the default configuration file
89 <filename>/etc/named.conf</filename>, read any initial
90 data, and listen for queries.
95 <title>OPTIONS</title>
102 Use IPv4 only even if the host machine is capable of IPv6.
103 <option>-4</option> and <option>-6</option> are mutually
113 Use IPv6 only even if the host machine is capable of IPv4.
114 <option>-4</option> and <option>-6</option> are mutually
120 <term>-c <replaceable class="parameter">config-file</replaceable></term>
123 Use <replaceable class="parameter">config-file</replaceable> as the
124 configuration file instead of the default,
125 <filename>/etc/named.conf</filename>. To
126 ensure that reloading the configuration file continues
127 to work after the server has changed its working
128 directory due to to a possible
129 <option>directory</option> option in the configuration
130 file, <replaceable class="parameter">config-file</replaceable> should be
131 an absolute pathname.
137 <term>-d <replaceable class="parameter">debug-level</replaceable></term>
140 Set the daemon's debug level to <replaceable class="parameter">debug-level</replaceable>.
141 Debugging traces from <command>named</command> become
142 more verbose as the debug level increases.
151 Run the server in the foreground (i.e. do not daemonize).
160 Run the server in the foreground and force all logging
161 to <filename>stderr</filename>.
167 <term>-m <replaceable class="parameter">flag</replaceable></term>
170 Turn on memory usage debugging flags. Possible flags are
171 <replaceable class="parameter">usage</replaceable>,
172 <replaceable class="parameter">trace</replaceable>,
173 <replaceable class="parameter">record</replaceable>,
174 <replaceable class="parameter">size</replaceable>, and
175 <replaceable class="parameter">mctx</replaceable>.
176 These correspond to the ISC_MEM_DEBUGXXXX flags described in
177 <filename><isc/mem.h></filename>.
183 <term>-n <replaceable class="parameter">#cpus</replaceable></term>
186 Create <replaceable class="parameter">#cpus</replaceable> worker threads
187 to take advantage of multiple CPUs. If not specified,
188 <command>named</command> will try to determine the
189 number of CPUs present and create one thread per CPU.
190 If it is unable to determine the number of CPUs, a
191 single worker thread will be created.
197 <term>-p <replaceable class="parameter">port</replaceable></term>
200 Listen for queries on port <replaceable class="parameter">port</replaceable>. If not
201 specified, the default is port 53.
210 Write memory usage statistics to <filename>stdout</filename> on exit.
214 This option is mainly of interest to BIND 9 developers
215 and may be removed or changed in a future release.
222 <term>-S <replaceable class="parameter">#max-socks</replaceable></term>
225 Allow <command>named</command> to use up to
226 <replaceable class="parameter">#max-socks</replaceable> sockets.
230 This option should be unnecessary for the vast majority
232 The use of this option could even be harmful because the
233 specified value may exceed the limitation of the
234 underlying system API.
235 It is therefore set only when the default configuration
236 causes exhaustion of file descriptors and the
237 operational environment is known to support the
238 specified number of sockets.
239 Note also that the actual maximum number is normally a little
240 fewer than the specified value because
241 <command>named</command> reserves some file descriptors
242 for its internal use.
249 <term>-t <replaceable class="parameter">directory</replaceable></term>
252 to <replaceable class="parameter">directory</replaceable> after
253 processing the command line arguments, but before
254 reading the configuration file.
258 This option should be used in conjunction with the
259 <option>-u</option> option, as chrooting a process
260 running as root doesn't enhance security on most
261 systems; the way <function>chroot(2)</function> is
262 defined allows a process with root privileges to
263 escape a chroot jail.
270 <term>-u <replaceable class="parameter">user</replaceable></term>
273 to <replaceable class="parameter">user</replaceable> after completing
274 privileged operations, such as creating sockets that
275 listen on privileged ports.
279 On Linux, <command>named</command> uses the kernel's
280 capability mechanism to drop all root privileges
281 except the ability to <function>bind(2)</function> to
283 privileged port and set process resource limits.
284 Unfortunately, this means that the <option>-u</option>
285 option only works when <command>named</command> is
287 on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
288 later, since previous kernels did not allow privileges
289 to be retained after <function>setuid(2)</function>.
299 Report the version number and exit.
308 Report the version number and build options, and exit.
314 <term>-x <replaceable class="parameter">cache-file</replaceable></term>
317 Load data from <replaceable class="parameter">cache-file</replaceable> into the
318 cache of the default view.
322 This option must not be used. It is only of interest
323 to BIND 9 developers and may be removed or changed in a
335 <title>SIGNALS</title>
337 In routine operation, signals should not be used to control
338 the nameserver; <command>rndc</command> should be used
348 Force a reload of the server.
354 <term>SIGINT, SIGTERM</term>
357 Shut down the server.
365 The result of sending any other signals to the server is undefined.
371 <title>CONFIGURATION</title>
373 The <command>named</command> configuration file is too complex
374 to describe in detail here. A complete description is provided
376 <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
380 <command>named</command> inherits the <function>umask</function>
381 (file creation mode mask) from the parent process. If files
382 created by <command>named</command>, such as journal files,
383 need to have custom permissions, the <function>umask</function>
384 should be set explicitly in the script used to start the
385 <command>named</command> process.
396 <term><filename>/etc/named.conf</filename></term>
399 The default configuration file.
405 <term><filename>/var/run/named/named.pid</filename></term>
408 The default process-id file.
418 <title>SEE ALSO</title>
419 <para><citetitle>RFC 1033</citetitle>,
420 <citetitle>RFC 1034</citetitle>,
421 <citetitle>RFC 1035</citetitle>,
423 <refentrytitle>named-checkconf</refentrytitle>
424 <manvolnum>8</manvolnum>
427 <refentrytitle>named-checkzone</refentrytitle>
428 <manvolnum>8</manvolnum>
431 <refentrytitle>rndc</refentrytitle>
432 <manvolnum>8</manvolnum>
435 <refentrytitle>lwresd</refentrytitle>
436 <manvolnum>8</manvolnum>
439 <refentrytitle>named.conf</refentrytitle>
440 <manvolnum>5</manvolnum>
442 <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
447 <title>AUTHOR</title>
448 <para><corpauthor>Internet Systems Consortium</corpauthor>
projects / FreeBSD / releng / 8.1.git / blob