1NSD(8)                             NSD 4.3.5                            NSD(8)
2
3
4

NAME

6       nsd - Name Server Daemon (NSD) version 4.3.5.
7

SYNOPSIS

9       nsd [-4] [-6] [-a ip-address[@port]] [-c configfile] [-d] [-f database]
10       [-h] [-i identity] [-I nsid] [-l logfile] [-N server-count] [-n noncur‐
11       rent-tcp-count]  [-P pidfile] [-p port] [-s seconds] [-t chrootdir] [-u
12       username] [-V level] [-v]
13

DESCRIPTION

15       NSD is a complete implementation of an  authoritative  DNS  nameserver.
16       Upon  startup,  NSD  will  read the database specified with -f database
17       argument and put itself into background and answers queries on port  53
18       or a different port specified with -p port option. The database is cre‐
19       ated if it does not exist. By default,  NSD  will  bind  to  all  local
20       interfaces  available. Use the -a ip-address[@port] option to specify a
21       single particular interface address to be  bound.  If  this  option  is
22       given  more than once, NSD will bind its UDP and TCP sockets to all the
23       specified ip-addresses separately. If IPv6 is enabled when NSD is  com‐
24       piled an IPv6 address can also be specified.
25

OPTIONS

27       All  the  options  can  be  specified in the configfile ( -c argument),
28       except for the -v and -h options. If options are specified on the  com‐
29       mandline,  the  options  on  the  commandline  take precedence over the
30       options in the configfile.
31
32       Normally NSD should be started with the `nsd-control(8) start`  command
33       invoked from a /etc/rc.d/nsd.sh script or similar at the operating sys‐
34       tem startup.
35
36       -4     Only listen to IPv4 connections.
37
38       -6     Only listen to IPv6 connections.
39
40       -a ip-address[@port]
41              Listen to the specified  ip-address.   The  ip-address  must  be
42              specified  in  numeric  format  (using the standard IPv4 or IPv6
43              notation). Optionally, a port number can be  given.   This  flag
44              can  be  specified  multiple  times  to  listen  to  multiple IP
45              addresses. If this flag is not specified,  NSD  listens  to  the
46              wildcard interface.
47
48       -c configfile
49              Read    specified    configfile    instead    of   the   default
50              /etc/nsd/nsd.conf.  For format description see nsd.conf(5).
51
52       -d     Do not fork, stay in the foreground.
53
54       -f database
55              Use the specified database instead of the default of ''.   If  a
56              zonesdir: is specified in the config file this path can be rela‐
57              tive to that directory.
58
59       -h     Print help information and exit.
60
61       -i identity
62              Return the specified identity when asked for  CH  TXT  ID.SERVER
63              (This  option is used to determine which server is answering the
64              queries when they are anycast). The default is the name returned
65              by gethostname(3).
66
67       -I nsid
68              Add  the  specified  nsid to the EDNS section of the answer when
69              queried with an NSID EDNS enabled packet.  As a sequence of  hex
70              characters or with ascii_ prefix and then an ascii string.
71
72       -l logfile
73              Log messages to the specified logfile.  The default is to log to
74              stderr and syslog. If a zonesdir: is  specified  in  the  config
75              file this path can be relative to that directory.
76
77       -N count
78              Start  count NSD servers. The default is 1. Starting more than a
79              single server is only useful  on  machines  with  multiple  CPUs
80              and/or network adapters.
81
82       -n number
83              The maximum number of concurrent TCP connection that can be han‐
84              dled by each server. The default is 100.
85
86       -P pidfile
87              Use the specified  pidfile  instead  of  the  platform  specific
88              default,  which  is  mostly /run/nsd/nsd.pid.  If a zonesdir: is
89              specified in the config file, this path can be relative to  that
90              directory.
91
92       -p port
93              Answer the queries on the specified port.  Normally this is port
94              53.
95
96       -s seconds
97              Produce statistics dump every seconds seconds. This is equal  to
98              sending SIGUSR1 to the daemon periodically.
99
100       -t chroot
101              Specifies  a  directory  to  chroot to upon startup. This option
102              requires you to ensure that appropriate syslogd(8) socket  (e.g.
103              chrootdir  /dev/log)  is  available, otherwise NSD won't produce
104              any log output.
105
106       -u username
107              Drop user and group privileges to those of username after  bind‐
108              ing  the  socket.  The username must be one of: username, id, or
109              id.gid. For example: nsd, 80, or 80.80.
110
111       -V level
112              This value specifies the verbosity level  for  (non-debug)  log‐
113              ging.  Default is 0.
114
115       -v     Print the version number of NSD to standard error and exit.
116
117       NSD reacts to the following signals:
118
119       SIGTERM
120              Stop answering queries, shutdown, and exit normally.
121
122       SIGHUP Reload.   Scans zone files and if changed (mtime) reads them in.
123              Also reopens the logfile (assists logrotation).
124
125       SIGUSR1
126              Dump BIND8-style statistics into the log. Ignored otherwise.
127

FILES

129       ""     default NSD database
130
131       /run/nsd/nsd.pid
132              the process id of the name server.
133
134       /etc/nsd/nsd.conf
135              default NSD configuration file
136

DIAGNOSTICS

138       NSD will log all the problems via the standard syslog(8) daemon  facil‐
139       ity, unless the -d option is specified.
140

SEE ALSO

142       nsd.conf(5), nsd-checkconf(8), nsd-control(8)
143

AUTHORS

145       NSD was written by NLnet Labs and RIPE NCC joint team. Please see CRED‐
146       ITS file in the distribution for further details.
147
148
149
150NLnet Labs                       Jan 26, 2021                           NSD(8)
Impressum