diff --git a/bin/named/lwresd.8 b/bin/named/lwresd.8 index 400e8a7e53..5a0560acb6 100644 --- a/bin/named/lwresd.8 +++ b/bin/named/lwresd.8 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005, 2007-2009, 2014 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007-2009, 2014, 2015 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and/or distribute this software for any @@ -217,7 +217,7 @@ The default process\-id file. .PP Internet Systems Consortium .SH "COPYRIGHT" -Copyright \(co 2004, 2005, 2007\-2009, 2014 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007\-2009, 2014, 2015 Internet Systems Consortium, Inc. ("ISC") .br Copyright \(co 2000, 2001 Internet Software Consortium. .br diff --git a/bin/named/lwresd.html b/bin/named/lwresd.html index 4bef3e2625..dc1ebbe85c 100644 --- a/bin/named/lwresd.html +++ b/bin/named/lwresd.html @@ -1,5 +1,5 @@ + + +
+ +lwresd — lightweight resolver daemon
+lwresd
[-c
] [config-file
-C
] [config-file
-d
] [debug-level
-f
] [-g
] [-i
] [pid-file
-m
] [flag
-n
] [#cpus
-P
] [port
-p
] [port
-s
] [-t
] [directory
-u
] [user
-v
] [-4
] [-6
]
lwresd + is the daemon providing name lookup + services to clients that use the BIND 9 lightweight resolver + library. It is essentially a stripped-down, caching-only name + server that answers queries using the BIND 9 lightweight + resolver protocol rather than the DNS protocol. +
+lwresd + listens for resolver queries on a + UDP port on the IPv4 loopback interface, 127.0.0.1. This + means that lwresd can only be used by + processes running on the local machine. By default, UDP port + number 921 is used for lightweight resolver requests and + responses. +
++ Incoming lightweight resolver requests are decoded by the + server which then resolves them using the DNS protocol. When + the DNS lookup completes, lwresd encodes + the answers in the lightweight resolver format and returns + them to the client that made the request. +
+
+ If /etc/resolv.conf
contains any
+ nameserver
entries, lwresd
+ sends recursive DNS queries to those servers. This is similar
+ to the use of forwarders in a caching name server. If no
+ nameserver
entries are present, or if
+ forwarding fails, lwresd resolves the
+ queries autonomously starting at the root name servers, using
+ a built-in list of root server hints.
+
+ Use IPv4 only even if the host machine is capable of IPv6.
+ -4
and -6
are mutually
+ exclusive.
+
+ Use IPv6 only even if the host machine is capable of IPv4.
+ -4
and -6
are mutually
+ exclusive.
+
config-file
+ Use config-file
as the
+ configuration file instead of the default,
+ /etc/lwresd.conf
.
+
+ -c
can not be used with -C
.
+
config-file
+ Use config-file
as the
+ configuration file instead of the default,
+ /etc/resolv.conf
.
+ -C
can not be used with -c
.
+
debug-level
+ Set the daemon's debug level to debug-level
.
+ Debugging traces from lwresd become
+ more verbose as the debug level increases.
+
+ Run the server in the foreground (i.e. do not daemonize). +
+ Run the server in the foreground and force all logging
+ to stderr
.
+
pid-file
+ Use pid-file
as the
+ PID file instead of the default,
+ /var/run/lwresd/lwresd.pid
.
+
flag
+ Turn on memory usage debugging flags. Possible flags are
+ usage
,
+ trace
,
+ record
,
+ size
, and
+ mctx
.
+ These correspond to the ISC_MEM_DEBUGXXXX flags described in
+ <isc/mem.h>
.
+
#cpus
+ Create #cpus
worker threads
+ to take advantage of multiple CPUs. If not specified,
+ lwresd will try to determine the
+ number of CPUs present and create one thread per CPU.
+ If it is unable to determine the number of CPUs, a
+ single worker thread will be created.
+
port
+ Listen for lightweight resolver queries on port
+ port
. If
+ not specified, the default is port 921.
+
port
+ Send DNS lookups to port port
. If not
+ specified, the default is port 53. This provides a
+ way of testing the lightweight resolver daemon with a
+ name server that listens for queries on a non-standard
+ port number.
+
+ Write memory usage statistics to stdout
+ on exit.
+
+ This option is mainly of interest to BIND 9 developers + and may be removed or changed in a future release. +
+directory
Chroot
+ to directory
after
+ processing the command line arguments, but before
+ reading the configuration file.
+
+ This option should be used in conjunction with the
+ -u
option, as chrooting a process
+ running as root doesn't enhance security on most
+ systems; the way chroot(2)
is
+ defined allows a process with root privileges to
+ escape a chroot jail.
+
user
Setuid
+ to user
after completing
+ privileged operations, such as creating sockets that
+ listen on privileged ports.
+
+ Report the version number and exit. +
BIND 9.11.0pre-alpha
+ + diff --git a/doc/arm/man.named-journalprint.html b/doc/arm/man.named-journalprint.html index 4a8af088a0..8c347800dc 100644 --- a/doc/arm/man.named-journalprint.html +++ b/doc/arm/man.named-journalprint.html @@ -22,7 +22,7 @@ - + @@ -31,7 +31,7 @@named-journalprint
{journal
}
named-journalprint prints the contents of a zone journal file in a human-readable @@ -76,7 +76,7 @@
-Prev | +PrevUp | Next | diff --git a/doc/arm/man.named-rrchecker.html b/doc/arm/man.named-rrchecker.html index 9eabab6c42..3ade9eda0f 100644 --- a/doc/arm/man.named-rrchecker.html +++ b/doc/arm/man.named-rrchecker.html @@ -50,7 +50,7 @@
nsec3hash
{salt
} {algorithm
} {iterations
} {domain
}
nsec3hash generates an NSEC3 hash based on a set of NSEC3 parameters. This can be used to check the validity @@ -56,7 +56,7 @@
nsupdate
[-d
] [-D
] [-L
] [[level
-g
] | [-o
] | [-l
] | [-y
] | [[hmac:]keyname:secret
-k
]] [keyfile
-t
] [timeout
-u
] [udptimeout
-r
] [udpretries
-R
] [randomdev
-v
] [-T
] [-P
] [-V
] [filename]
nsupdate is used to submit Dynamic DNS Update requests as defined in RFC 2136 to a name server. @@ -108,7 +108,7 @@
The TSIG key is redundantly stored in two separate files. This is a consequence of nsupdate using the DST library diff --git a/doc/arm/man.rndc-confgen.html b/doc/arm/man.rndc-confgen.html index db20afcf55..f2d3087b7c 100644 --- a/doc/arm/man.rndc-confgen.html +++ b/doc/arm/man.rndc-confgen.html @@ -50,7 +50,7 @@
rndc-confgen
[-a
] [-A
] [algorithm
-b
] [keysize
-c
] [keyfile
-h
] [-k
] [keyname
-p
] [port
-r
] [randomfile
-s
] [address
-t
] [chrootdir
-u
]user
rndc-confgen generates configuration files for rndc. It can be used as a @@ -66,7 +66,7 @@
rndc.conf
rndc.conf
is the configuration file
for rndc, the BIND 9 name server control
utility. This file has a similar structure and syntax to
@@ -136,7 +136,7 @@
The name server must be configured to accept rndc connections and
to recognize the key specified in the rndc.conf
@@ -220,7 +220,7 @@
rndc
[-b
] [source-address
-c
] [config-file
-k
] [key-file
-s
] [server
-p
] [port
-q
] [-r
] [-V
] [-y
] {command}key_id
rndc controls the operation of a name server. It supersedes the ndc utility @@ -81,7 +81,7 @@
A list of commands supported by rndc can be seen by running rndc without arguments. @@ -744,7 +744,7 @@