14
14
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15
15
- PERFORMANCE OF THIS SOFTWARE.
17
<!-- $Id: lwresd.html,v 1.4.2.1.4.8 2005/10/13 02:33:47 marka Exp $ -->
17
<!-- $Id: lwresd.html,v 1.23 2007/05/16 06:12:01 marka Exp $ -->
20
20
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
21
21
<title>lwresd</title>
22
<meta name="generator" content="DocBook XSL Stylesheets V1.69.1">
22
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
24
24
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
25
<a name="id2463721"></a><div class="titlepage"></div>
25
<a name="id2476275"></a><div class="titlepage"></div>
26
26
<div class="refnamediv">
28
28
<p><span class="application">lwresd</span> — lightweight resolver daemon</p>
30
30
<div class="refsynopsisdiv">
32
<div class="cmdsynopsis"><p><code class="command">lwresd</code> [<code class="option">-C <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-i <em class="replaceable"><code>pid-file</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-P <em class="replaceable"><code>port</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>]</p></div>
34
<div class="refsect1" lang="en">
35
<a name="id2525920"></a><h2>DESCRIPTION</h2>
37
<span><strong class="command">lwresd</strong></span> is the daemon providing name lookup
38
services to clients that use the BIND 9 lightweight resolver
39
library. It is essentially a stripped-down, caching-only name
40
server that answers queries using the BIND 9 lightweight
41
resolver protocol rather than the DNS protocol.
44
<span><strong class="command">lwresd</strong></span> listens for resolver queries on a
45
UDP port on the IPv4 loopback interface, 127.0.0.1. This
46
means that <span><strong class="command">lwresd</strong></span> can only be used by
47
processes running on the local machine. By default UDP port
48
number 921 is used for lightweight resolver requests and
52
Incoming lightweight resolver requests are decoded by the
53
server which then resolves them using the DNS protocol. When
54
the DNS lookup completes, <span><strong class="command">lwresd</strong></span> encodes
55
the answers in the lightweight resolver format and returns
56
them to the client that made the request.
59
If <code class="filename">/etc/resolv.conf</code> contains any
60
<code class="option">nameserver</code> entries, <span><strong class="command">lwresd</strong></span>
61
sends recursive DNS queries to those servers. This is similar
62
to the use of forwarders in a caching name server. If no
63
<code class="option">nameserver</code> entries are present, or if
64
forwarding fails, <span><strong class="command">lwresd</strong></span> resolves the
65
queries autonomously starting at the root name servers, using
66
a built-in list of root server hints.
69
<div class="refsect1" lang="en">
70
<a name="id2525969"></a><h2>OPTIONS</h2>
32
<div class="cmdsynopsis"><p><code class="command">lwresd</code> [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-C <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-i <em class="replaceable"><code>pid-file</code></em></code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-P <em class="replaceable"><code>port</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-4</code>] [<code class="option">-6</code>]</p></div>
34
<div class="refsect1" lang="en">
35
<a name="id2543461"></a><h2>DESCRIPTION</h2>
36
<p><span><strong class="command">lwresd</strong></span>
37
is the daemon providing name lookup
38
services to clients that use the BIND 9 lightweight resolver
39
library. It is essentially a stripped-down, caching-only name
40
server that answers queries using the BIND 9 lightweight
41
resolver protocol rather than the DNS protocol.
43
<p><span><strong class="command">lwresd</strong></span>
44
listens for resolver queries on a
45
UDP port on the IPv4 loopback interface, 127.0.0.1. This
46
means that <span><strong class="command">lwresd</strong></span> can only be used by
47
processes running on the local machine. By default UDP port
48
number 921 is used for lightweight resolver requests and
52
Incoming lightweight resolver requests are decoded by the
53
server which then resolves them using the DNS protocol. When
54
the DNS lookup completes, <span><strong class="command">lwresd</strong></span> encodes
55
the answers in the lightweight resolver format and returns
56
them to the client that made the request.
59
If <code class="filename">/etc/resolv.conf</code> contains any
60
<code class="option">nameserver</code> entries, <span><strong class="command">lwresd</strong></span>
61
sends recursive DNS queries to those servers. This is similar
62
to the use of forwarders in a caching name server. If no
63
<code class="option">nameserver</code> entries are present, or if
64
forwarding fails, <span><strong class="command">lwresd</strong></span> resolves the
65
queries autonomously starting at the root name servers, using
66
a built-in list of root server hints.
69
<div class="refsect1" lang="en">
70
<a name="id2543508"></a><h2>OPTIONS</h2>
71
71
<div class="variablelist"><dl>
72
<dt><span class="term">-4</span></dt>
74
Use IPv4 only even if the host machine is capable of IPv6.
75
<code class="option">-4</code> and <code class="option">-6</code> are mutually
78
<dt><span class="term">-6</span></dt>
80
Use IPv6 only even if the host machine is capable of IPv4.
81
<code class="option">-4</code> and <code class="option">-6</code> are mutually
84
<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
86
Use <em class="replaceable"><code>config-file</code></em> as the
87
configuration file instead of the default,
88
<code class="filename">/etc/lwresd.conf</code>.
90
<font color="red"><term>-c</term></font> can not be used with <font color="red"><term>-C</term></font>.
72
92
<dt><span class="term">-C <em class="replaceable"><code>config-file</code></em></span></dt>
74
Use <em class="replaceable"><code>config-file</code></em> as the
75
configuration file instead of the default,
76
<code class="filename">/etc/resolv.conf</code>.
94
Use <em class="replaceable"><code>config-file</code></em> as the
95
configuration file instead of the default,
96
<code class="filename">/etc/resolv.conf</code>.
97
<font color="red"><term>-C</term></font> can not be used with <font color="red"><term>-c</term></font>.
78
99
<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
80
Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
81
Debugging traces from <span><strong class="command">lwresd</strong></span> become
82
more verbose as the debug level increases.
101
Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
102
Debugging traces from <span><strong class="command">lwresd</strong></span> become
103
more verbose as the debug level increases.
84
105
<dt><span class="term">-f</span></dt>
86
Run the server in the foreground (i.e. do not daemonize).
107
Run the server in the foreground (i.e. do not daemonize).
88
109
<dt><span class="term">-g</span></dt>
90
Run the server in the foreground and force all logging
91
to <code class="filename">stderr</code>.
111
Run the server in the foreground and force all logging
112
to <code class="filename">stderr</code>.
114
<dt><span class="term">-i <em class="replaceable"><code>pid-file</code></em></span></dt>
116
Use <em class="replaceable"><code>pid-file</code></em> as the
117
PID file instead of the default,
118
<code class="filename">/var/run/lwresd.pid</code>.
120
<dt><span class="term">-m <em class="replaceable"><code>flag</code></em></span></dt>
122
Turn on memory usage debugging flags. Possible flags are
123
<em class="replaceable"><code>usage</code></em>,
124
<em class="replaceable"><code>trace</code></em>,
125
<em class="replaceable"><code>record</code></em>,
126
<em class="replaceable"><code>size</code></em>, and
127
<em class="replaceable"><code>mctx</code></em>.
128
These correspond to the ISC_MEM_DEBUGXXXX flags described in
129
<code class="filename"><isc/mem.h></code>.
93
131
<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
95
Create <em class="replaceable"><code>#cpus</code></em> worker threads
96
to take advantage of multiple CPUs. If not specified,
97
<span><strong class="command">lwresd</strong></span> will try to determine the
98
number of CPUs present and create one thread per CPU.
99
If it is unable to determine the number of CPUs, a
100
single worker thread will be created.
133
Create <em class="replaceable"><code>#cpus</code></em> worker threads
134
to take advantage of multiple CPUs. If not specified,
135
<span><strong class="command">lwresd</strong></span> will try to determine the
136
number of CPUs present and create one thread per CPU.
137
If it is unable to determine the number of CPUs, a
138
single worker thread will be created.
102
140
<dt><span class="term">-P <em class="replaceable"><code>port</code></em></span></dt>
104
Listen for lightweight resolver queries on port
105
<em class="replaceable"><code>port</code></em>. If
106
not specified, the default is port 921.
142
Listen for lightweight resolver queries on port
143
<em class="replaceable"><code>port</code></em>. If
144
not specified, the default is port 921.
108
146
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
110
Send DNS lookups to port <em class="replaceable"><code>port</code></em>. If not
111
specified, the default is port 53. This provides a
112
way of testing the lightweight resolver daemon with a
113
name server that listens for queries on a non-standard
148
Send DNS lookups to port <em class="replaceable"><code>port</code></em>. If not
149
specified, the default is port 53. This provides a
150
way of testing the lightweight resolver daemon with a
151
name server that listens for queries on a non-standard
116
154
<dt><span class="term">-s</span></dt>
119
Write memory usage statistics to <code class="filename">stdout</code>
157
Write memory usage statistics to <code class="filename">stdout</code>
122
160
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
123
161
<h3 class="title">Note</h3>
125
This option is mainly of interest to BIND 9 developers
126
and may be removed or changed in a future release.
163
This option is mainly of interest to BIND 9 developers
164
and may be removed or changed in a future release.
130
168
<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
133
<code class="function">chroot()</code> to <em class="replaceable"><code>directory</code></em> after
134
processing the command line arguments, but before
135
reading the configuration file.
171
to <em class="replaceable"><code>directory</code></em> after
172
processing the command line arguments, but before
173
reading the configuration file.
137
175
<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
138
176
<h3 class="title">Warning</h3>
140
This option should be used in conjunction with the
141
<code class="option">-u</code> option, as chrooting a process
142
running as root doesn't enhance security on most
143
systems; the way <code class="function">chroot()</code> is
144
defined allows a process with root privileges to
145
escape a chroot jail.
178
This option should be used in conjunction with the
179
<code class="option">-u</code> option, as chrooting a process
180
running as root doesn't enhance security on most
181
systems; the way <code class="function">chroot(2)</code> is
182
defined allows a process with root privileges to
183
escape a chroot jail.
149
187
<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
151
<code class="function">setuid()</code> to <em class="replaceable"><code>user</code></em> after completing
152
privileged operations, such as creating sockets that
153
listen on privileged ports.
189
to <em class="replaceable"><code>user</code></em> after completing
190
privileged operations, such as creating sockets that
191
listen on privileged ports.
155
193
<dt><span class="term">-v</span></dt>
157
Report the version number and exit.
195
Report the version number and exit.
161
199
<div class="refsect1" lang="en">
162
<a name="id2526237"></a><h2>FILES</h2>
200
<a name="id2543925"></a><h2>FILES</h2>
163
201
<div class="variablelist"><dl>
164
202
<dt><span class="term"><code class="filename">/etc/resolv.conf</code></span></dt>
166
The default configuration file.
204
The default configuration file.
168
206
<dt><span class="term"><code class="filename">/var/run/lwresd.pid</code></span></dt>
170
The default process-id file.
208
The default process-id file.
174
212
<div class="refsect1" lang="en">
175
<a name="id2526277"></a><h2>SEE ALSO</h2>
177
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
178
<span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
179
<span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
213
<a name="id2543964"></a><h2>SEE ALSO</h2>
214
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
215
<span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
216
<span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
182
219
<div class="refsect1" lang="en">
183
<a name="id2526315"></a><h2>AUTHOR</h2>
185
<span class="corpauthor">Internet Systems Consortium</span>
220
<a name="id2543998"></a><h2>AUTHOR</h2>
221
<p><span class="corpauthor">Internet Systems Consortium</span>