41
42
License, as published by the Free Software Foundation; either version
42
43
3, or (at your option) any later version.<br>
43
44
You can find a copy of the GNU GPL in the file <code>COPYING</code> in the source or documentation directory.<br>
44
This manual is up-to-date for version 1.2.7-par. For older documentation, please refer to the doc
45
This manual is up-to-date for version 1.2.8-par. For older documentation, please refer to the doc
45
46
directory of the respective pdnsd package.<br>
46
47
A somewhat outdated pdnsd HOWTO ("unofficial" step-by-step installation and setup instructions)
47
48
is available at <a href="http://www.geocities.com/sunil_tt/">http://www.geocities.com/sunil_tt/</a>.
904
<b><code>neg_rrs_pol=(on|off|auth);</code></b><br>
905
<b><code>neg_rrs_pol=(on|off|auth|default);</code></b><br>
905
906
This sets the RR set policy for negative caching; this tells pdnsd under which circumstances
906
907
it should cache a record type negatively for a certain domain. <code>off</code> will
907
908
turn the negative caching of record types off, <code>on</code> will always add a negative
908
909
cache entry when a name server did not return a record type we asked it for, and <code>auth</code>
909
910
will only add such entries if the answer came from an authoritative name server for that
910
domain. The preset is <code>auth</code>. This is normally the right thing, as some caching servers
912
<em>New in version 1.2.8:</em> The <code>default</code> setting will add a negatively cached record
913
if either the answer was authoritive or the answer indicated the name server had "recursion available"
914
while the query explicitly requested such recursion.<br>
915
The preset is "<code>default</code>" (used to be <code>auth</code>).
989
<b><code>ignore_cd=(on|off);</code></b><br>
990
<em>New in version 1.2.8:</em> This option lets you specify that the CD bit of a DNS query will be ignored.
991
Otherwise pdnsd will reply FORMERR to clients that set this bit in a query.
992
It is safe to enable this option, as the CD bit refers to 'Checking Disabled'
993
which means that the client will accept non-authenticated data.<br>
994
This option is on by default. Turn it off if you want the old behaviour (before version 1.2.8).
985
999
<b><code>scheme_file=<i>string</i>;</code></b><br>
986
1000
In addition to normal uptests, you may specify that some servers shall only be queried when a certain
987
1001
pcmcia-cs scheme is active (only under linux). For that, pdnsd needs to know where the file resides that
1454
1468
<b><code>purge_cache=(on|off);</code></b><br>
1455
1469
In every fetched dns record, there is a cache timeout given, which
1456
1470
specifies how long the fetched data may be cached until it needs to be
1457
reloaded. If <code>purge_cache</code> is set to <code>off</code>, the cached records are not purged
1471
reloaded. If <code>purge_cache</code> is set to <code>off</code>, the stale records are not purged
1458
1472
(unless the cache size would be exceeded, in this case the oldest records are purged).
1459
1473
Instead, they are still served if they cannot succesfully be
1460
updated (e.g. because all servers are down).
1474
updated (e.g. because all servers are down).<br>
1475
Default is <code>off</code>.
1523
<b><code><a name="rootserver">root_server=(on|off);</a></code></b><br>
1524
<em>New in version 1.2:</em> Set this option to <code>on</code> if the servers
1525
specified in a section are root servers. A root server will typically only give
1526
the name servers for the top-level domain in its reply. Setting <code>root_server=on</code>
1527
will cause pdnsd to try to use cached information about top-level domains to reduce to number
1528
of queries to root servers, making the resolving of new names more efficient.
1538
<b><code><a name="rootserver">root_server=(on|off|discover);</a></code></b><br>
1539
Set this option to <code>on</code> if the servers specified in a section are root servers.
1540
A root server will typically only give the name servers for the top-level domain in its reply.
1541
Setting <code>root_server=on</code> will cause pdnsd to try to use cached information about
1542
top-level domains to reduce to number of queries to root servers, making the resolving of
1543
new names more efficient.
1529
1544
You can get a list of available root servers by running the command
1530
1545
<code>"dig . ns"</code>.<br>
1531
1546
This option is also necessary if you use the <a href="#delegationonly"><code>delegation_only</code></a> option.<br>
1547
<em>New in version 1.2.8:</em> This option may also be set to "<code>discover</code>".
1548
This will cause pdnsd to query the servers provided with the <code>ip=</code> option
1549
to obtain the full list of root servers. The root-server addresses will replace the addresses
1550
specified with the <code>ip=</code> option.
1551
This will only be done once on startup, or after a "<code>pdnsd-ctl config</code>" command.
1552
In this case the name servers specified with the <code>ip=</code> option don't have to be
1553
root servers, they just have to know the names and addresses of the root servers.
1554
After root-server discovery pdnsd will behave just as if <code>root_server=on</code>
1555
had been specified.<br>
1532
1556
Default is <code>off</code>.
2477
2501
Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 <a href="mailto:p.a.rombouts@home.nl">Paul Rombouts</a>
2480
<i>Last revised: 04 September 2008 by Paul Rombouts</i>
2504
<i>Last revised: 24 December 2009 by Paul Rombouts</i>