nsd - Name Server Daemon (NSD) version 4.6.1.
nsd [
-4] [
-6] [
-a ip-address[@port]]
[
-c configfile] [
-d] [
-f database]
[
-h] [
-i identity] [
-I nsid] [
-l
logfile] [
-N server-count] [
-n
noncurrent-tcp-count] [
-P pidfile] [
-p
port] [
-s seconds] [
-t chrootdir]
[
-u username] [
-V level] [
-v]
NSD is a complete implementation of an authoritative DNS nameserver. Upon
startup,
NSD will read the database specified with
-f
database argument and put itself into background and answers queries on
port 53 or a different port specified with
-p port option. The
database is created if it does not exist. By default,
NSD will
bind to all local interfaces available. Use the
-a
ip-address[@port] option to specify a single particular interface
address to be bound. If this option is given more than once,
NSD will
bind its UDP and TCP sockets to all the specified ip-addresses separately. If
IPv6 is enabled when
NSD is compiled an IPv6 address can also be
specified.
All the options can be specified in the configfile (
-c argument), except
for the
-v and
-h options. If options are specified on the
commandline, the options on the commandline take precedence over the options
in the configfile.
Normally
NSD should be started with the `
nsd-control(8) start` command
invoked from a
/etc/rc.d/nsd.sh script or similar at the operating
system startup.
- -4
- Only listen to IPv4 connections.
- -6
- Only listen to IPv6 connections.
- -a ip-address[@port]
- Listen to the specified ip-address. The
ip-address must be specified in numeric format (using the standard
IPv4 or IPv6 notation). Optionally, a port number can be given. This flag
can be specified multiple times to listen to multiple IP addresses. If
this flag is not specified, NSD listens to the wildcard
interface.
- -c configfile
- Read specified configfile instead of the default
/etc/nsd/nsd.conf. For format description see nsd.conf(5).
- -d
- Do not fork, stay in the foreground.
- -f database
- Use the specified database instead of the default of
'/var/lib/nsd/nsd.db'. If a zonesdir: is specified in the
config file this path can be relative to that directory.
- -h
- Print help information and exit.
- -i identity
- Return the specified identity when asked for CH
TXT ID.SERVER (This option is used to determine which server is
answering the queries when they are anycast). The default is the name
returned by gethostname(3).
- -I nsid
- Add the specified nsid to the EDNS section of the
answer when queried with an NSID EDNS enabled packet. As a sequence of hex
characters or with ascii_ prefix and then an ascii string.
- -l logfile
- Log messages to the specified logfile. The default
is to log to stderr and syslog. If a zonesdir: is specified in the
config file this path can be relative to that directory.
- -N count
- Start count NSD servers. The default is 1.
Starting more than a single server is only useful on machines with
multiple CPUs and/or network adapters.
- -n number
- The maximum number of concurrent TCP connection that
can be handled by each server. The default is 100.
- -P pidfile
- Use the specified pidfile instead of the platform
specific default, which is mostly /run/nsd/nsd.pid. If a
zonesdir: is specified in the config file, this path can be
relative to that directory.
- -p port
- Answer the queries on the specified port. Normally
this is port 53.
- -s seconds
- Produce statistics dump every seconds seconds. This
is equal to sending SIGUSR1 to the daemon periodically.
- -t chroot
- Specifies a directory to chroot to upon startup.
This option requires you to ensure that appropriate syslogd(8) socket
(e.g. chrootdir /dev/log) is available, otherwise NSD won't
produce any log output.
- -u username
- Drop user and group privileges to those of username
after binding the socket. The username must be one of: username,
id, or id.gid. For example: nsd, 80, or 80.80.
- -V level
- This value specifies the verbosity level for (non-debug)
logging. Default is 0.
- -v
- Print the version number of NSD to standard error
and exit.
NSD reacts to the following signals:
- SIGTERM
- Stop answering queries, shutdown, and exit normally.
- SIGHUP
- Reload. Scans zone files and if changed (mtime) reads them
in. Also reopens the logfile (assists logrotation).
- SIGUSR1
- Dump BIND8-style statistics into the log. Ignored
otherwise.
- "/var/lib/nsd/nsd.db"
- default NSD database
- /run/nsd/nsd.pid
- the process id of the name server.
- /etc/nsd/nsd.conf
- default NSD configuration file
NSD will log all the problems via the standard
syslog(8) daemon
facility, unless the
-d option is specified.
nsd.conf(5),
nsd-checkconf(8),
nsd-control(8)
NSD was written by NLnet Labs and RIPE NCC joint team. Please see CREDITS
file in the distribution for further details.