2 - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
3 - Copyright (C) 2000, 2001 Internet Software Consortium.
5 - Permission to use, copy, modify, and distribute this software for any
6 - purpose with or without fee is hereby granted, provided that the above
7 - copyright notice and this permission notice appear in all copies.
9 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 - PERFORMANCE OF THIS SOFTWARE.
17 <!-- $Id: lwresd.html,v 1.4.2.1.4.10 2006/06/29 13:02:30 marka Exp $ -->
20 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
22 <meta name="generator" content="DocBook XSL Stylesheets V1.70.1">
24 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
25 <a name="id2482688"></a><div class="titlepage"></div>
26 <div class="refnamediv">
28 <p><span class="application">lwresd</span> — lightweight resolver daemon</p>
30 <div class="refsynopsisdiv">
32 <div class="cmdsynopsis"><p><code class="command">lwresd</code> [<code class="option">-C <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-i <em class="replaceable"><code>pid-file</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-P <em class="replaceable"><code>port</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>]</p></div>
34 <div class="refsect1" lang="en">
35 <a name="id2549484"></a><h2>DESCRIPTION</h2>
37 <span><strong class="command">lwresd</strong></span> is the daemon providing name lookup
38 services to clients that use the BIND 9 lightweight resolver
39 library. It is essentially a stripped-down, caching-only name
40 server that answers queries using the BIND 9 lightweight
41 resolver protocol rather than the DNS protocol.
44 <span><strong class="command">lwresd</strong></span> listens for resolver queries on a
45 UDP port on the IPv4 loopback interface, 127.0.0.1. This
46 means that <span><strong class="command">lwresd</strong></span> can only be used by
47 processes running on the local machine. By default UDP port
48 number 921 is used for lightweight resolver requests and
52 Incoming lightweight resolver requests are decoded by the
53 server which then resolves them using the DNS protocol. When
54 the DNS lookup completes, <span><strong class="command">lwresd</strong></span> encodes
55 the answers in the lightweight resolver format and returns
56 them to the client that made the request.
59 If <code class="filename">/etc/resolv.conf</code> contains any
60 <code class="option">nameserver</code> entries, <span><strong class="command">lwresd</strong></span>
61 sends recursive DNS queries to those servers. This is similar
62 to the use of forwarders in a caching name server. If no
63 <code class="option">nameserver</code> entries are present, or if
64 forwarding fails, <span><strong class="command">lwresd</strong></span> resolves the
65 queries autonomously starting at the root name servers, using
66 a built-in list of root server hints.
69 <div class="refsect1" lang="en">
70 <a name="id2549533"></a><h2>OPTIONS</h2>
71 <div class="variablelist"><dl>
72 <dt><span class="term">-C <em class="replaceable"><code>config-file</code></em></span></dt>
74 Use <em class="replaceable"><code>config-file</code></em> as the
75 configuration file instead of the default,
76 <code class="filename">/etc/resolv.conf</code>.
78 <dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
80 Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
81 Debugging traces from <span><strong class="command">lwresd</strong></span> become
82 more verbose as the debug level increases.
84 <dt><span class="term">-f</span></dt>
86 Run the server in the foreground (i.e. do not daemonize).
88 <dt><span class="term">-g</span></dt>
90 Run the server in the foreground and force all logging
91 to <code class="filename">stderr</code>.
93 <dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
95 Create <em class="replaceable"><code>#cpus</code></em> worker threads
96 to take advantage of multiple CPUs. If not specified,
97 <span><strong class="command">lwresd</strong></span> will try to determine the
98 number of CPUs present and create one thread per CPU.
99 If it is unable to determine the number of CPUs, a
100 single worker thread will be created.
102 <dt><span class="term">-P <em class="replaceable"><code>port</code></em></span></dt>
104 Listen for lightweight resolver queries on port
105 <em class="replaceable"><code>port</code></em>. If
106 not specified, the default is port 921.
108 <dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
110 Send DNS lookups to port <em class="replaceable"><code>port</code></em>. If not
111 specified, the default is port 53. This provides a
112 way of testing the lightweight resolver daemon with a
113 name server that listens for queries on a non-standard
116 <dt><span class="term">-s</span></dt>
119 Write memory usage statistics to <code class="filename">stdout</code>
122 <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
123 <h3 class="title">Note</h3>
125 This option is mainly of interest to BIND 9 developers
126 and may be removed or changed in a future release.
130 <dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
133 <code class="function">chroot()</code> to <em class="replaceable"><code>directory</code></em> after
134 processing the command line arguments, but before
135 reading the configuration file.
137 <div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
138 <h3 class="title">Warning</h3>
140 This option should be used in conjunction with the
141 <code class="option">-u</code> option, as chrooting a process
142 running as root doesn't enhance security on most
143 systems; the way <code class="function">chroot()</code> is
144 defined allows a process with root privileges to
145 escape a chroot jail.
149 <dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
151 <code class="function">setuid()</code> to <em class="replaceable"><code>user</code></em> after completing
152 privileged operations, such as creating sockets that
153 listen on privileged ports.
155 <dt><span class="term">-v</span></dt>
157 Report the version number and exit.
161 <div class="refsect1" lang="en">
162 <a name="id2549939"></a><h2>FILES</h2>
163 <div class="variablelist"><dl>
164 <dt><span class="term"><code class="filename">/etc/resolv.conf</code></span></dt>
166 The default configuration file.
168 <dt><span class="term"><code class="filename">/var/run/lwresd.pid</code></span></dt>
170 The default process-id file.
174 <div class="refsect1" lang="en">
175 <a name="id2549978"></a><h2>SEE ALSO</h2>
177 <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
178 <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
179 <span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
182 <div class="refsect1" lang="en">
183 <a name="id2550017"></a><h2>AUTHOR</h2>
185 <span class="corpauthor">Internet Systems Consortium</span>