1PDNS_RECURSOR(1)               PowerDNS Recursor              PDNS_RECURSOR(1)
2
3
4

NAME

6       pdns_recursor - The PowerDNS Recursor binary
7

SYNOPSIS

9       pdns_recursor [OPTION]...
10

DESCRIPTION

12       pdns_recursor  is a high performance, simple and secure recursing name‐
13       server. It currently powers hundreds of millions internet connections.
14
15       The recursor is configured via a configuration file, but each  item  in
16       that file can be overridden on the command line.
17
18       This  manpage lists the core set of features needed to get the PowerDNS
19       Recursor  working,  for  full  and  up  to   date   details   head   to
20       https://doc.powerdns.com/.
21

EXAMPLES

23       To  listen  on 192.0.2.53 and allow the 192.0.2.0/24 subnet to recurse,
24       and run as in the background, execute:
25
26          # pdns_recursor --local-address=192.0.2.53 --allow-from=192.0.2.0/24 --daemon
27
28       To stop the recursor by hand, run:
29
30          # rec_control quit
31
32       However, the recommended way of starting and stopping the  recursor  is
33       to use the init.d script or systemctl(1).
34

OPTIONS

36       For  authoritative listing of options, consult the online documentation
37       at <https://doc.powerdns.com/>
38
39       --allow-from=<networks>
40              If set, only allow these comma separated networks, with  network
41              mask to recurse. For example: 192.0.2.0/24,203.0.113.128/25.
42
43       --auth-zones=<authzones>
44              Where  authzone  is  <zonename>=<filename>.  Serve zonename from
45              filename         authoritatively.          For          example:
46              ds9a.nl=/var/zones/ds9a.nl,powerdns.com=/var/zones/powerdns.com.
47
48       --chroot=<directory>
49              chroot the process to directory.
50
51       --client-tcp-timeout=<num>
52              Timeout in seconds when talking to TCP clients.
53
54       --config-dir=<directory>
55              Location of configuration directory (recursor.conf), the default
56              depends on the SYSCONFDIR option at build-time, which is usually
57              /etc/powerdns.  The  default  can  be  found  with pdns_recursor
58              --config | grep ' config-dir='.
59
60       --daemon
61              Operate as a daemon.
62
63       --delegation-only
64              Which domains we only accept delegations from (a  Verisign  spe‐
65              cial).
66
67       --entropy-source=<file>
68              Read new entropy from file, defaults to /dev/urandom.
69
70       --export-etc-hosts
71              If  set,  this  flag  will export the hostnames and IP addresses
72              mentioned in /etc/hosts.
73
74       --forward-zones=<forwardzones>
75              Where forwardzone is <zonename>=<address>.  Queries for zonename
76              will  be  forwarded to address. address should be an IP address,
77              not a hostname (to prevent chicken and egg  problems).  Example:
78              forward-zones= ds9a.nl=213.244.168.210, powerdns.com=127.0.0.1.
79
80       --forward-zones-file=<filename>
81              Similar  to --forward-zones, but read the options from filename.
82              filename   should   contain   one   zone   per    line,    like:
83              ds9a.nl=213.244.168.210.
84
85       --help Show a summary of options.
86
87       --hint-file=<filename>
88              Load root hints from this filename
89
90       --local-address=<address>
91              Listen on address, separated by spaces or commas.
92
93       --local-port=<port>
94              Listen on port.
95
96       --log-common-errors
97              If we should log rather common errors.
98
99       --max-cache-entries=<num>
100              Maximum number of entries in the main cache.
101
102       --max-negative-ttl=<num>
103              maximum  number  of  seconds  to keep a negative cached entry in
104              memory.
105
106       --max-tcp-clients=<num>
107              Maximum number of simultaneous TCP clients.
108
109       --max-tcp-per-client=<num>
110              If set, maximum number of TCP sessions per client (IP address).
111
112       --query-local-address=<address>
113              Use address as Source IP address when sending queries.
114
115       --query-local-address6=<address>
116              Send out local IPv6 queries from address. Disabled  by  default,
117              which  also  disables outgoing IPv6 support. A useful setting is
118              '::0'.
119
120       --quiet
121              Suppress logging of questions and answers.
122
123       --server-id=<text>
124              Return text WHen queried for 'id.server' TXT, defaults to  host‐
125              name.
126
127       --serve-rfc1918
128              On  by  default, this makes the server authoritatively aware of:
129              10.in-addr.arpa,            168.192.in-addr.arpa             and
130              16-31.172.in-addr.arpa,  which  saves load on the AS112 servers.
131              Individual parts of these zones can  still  be  loaded  or  for‐
132              warded.
133
134       --setgid=<gid>
135              If set, change group id to gid for more security.
136
137       --setuid=<uid>
138              If set, change user id to uid for more security.
139
140       --single-socket
141              If set, only use a single socket for outgoing queries.
142
143       --socket-dir=<directory>
144              The controlsocket will live in directory.
145
146       --spoof-nearmiss-max=<num>
147              If non-zero, assume spoofing after this many near misses.
148
149       --trace
150              if we should output heaps of logging.
151
152       --version-string=<text>
153              text WILL be reported on version.pdns or version.bind queries.
154

SEE ALSO

156       rec_control(1) systemctl(1)
157

AUTHOR

159       PowerDNS.COM BV
160
162       2001-2019, PowerDNS.COM BV
163
164
165
166
167                                 Nov 24, 2020                 PDNS_RECURSOR(1)
Impressum