1NSD(8) NSD 3.2.8 NSD(8)
2
3
4
6 nsd - Name Server Daemon (NSD) version 3.2.8.
7
9 nsd [-4] [-6] [-a ip-address[@port]] [-c configfile] [-d] [-f database]
10 [-h] [-i identity] [-I nsid] [-l logfile] [-N server-count] [-n noncur‐
11 rent-tcp-count] [-P pidfile] [-p port] [-s seconds] [-t chrootdir] [-u
12 username] [-V level] [-v]
13
15 NSD is a complete implementation of an authoritative DNS nameserver.
16 Upon startup, NSD will read the database specified with -f database
17 argument and put itself into background and answers queries on port 53
18 or a different port specified with -p port option. The database must be
19 generated beforehand with zonec(8). By default, NSD will bind to all
20 local interfaces available. Use the -a ip-address[@port] option to
21 specify a single particular interface address to be bound. If this
22 option is given more than once, NSD will bind its UDP and TCP sockets
23 to all the specified ip-addresses separately. If IPv6 is enabled when
24 NSD is compiled an IPv6 address can also be specified.
25
27 All the options can be specified in the configfile ( -c argument),
28 except for the -v and -h options. If options are specified on the com‐
29 mandline, the options on the commandline take precedence over the
30 options in the configfile.
31
32 Normally NSD should be started with the `nsdc(8) start` command invoked
33 from a /etc/rc.d/nsd.sh script or similar at the operating system
34 startup.
35
36 -4 Only listen to IPv4 connections.
37
38 -6 Only listen to IPv6 connections.
39
40 -a ip-address[@port]
41 Listen to the specified ip-address. The ip-address must be
42 specified in numeric format (using the standard IPv4 or IPv6
43 notation). Optionally, a port number can be given. This flag
44 can be specified multiple times to listen to multiple IP
45 addresses. If this flag is not specified, NSD listens to the
46 wildcard interface.
47
48 -c configfile
49 Read specified configfile instead of the default
50 /etc/nsd/nsd.conf. For format description see nsd.conf(5).
51
52 -d Turn on debugging mode, do not fork, stay in the foreground.
53
54 -f database
55 Use the specified database instead of the default of
56 /var/lib/nsd/nsd.db. If a zonesdir: is specified in the config
57 file this path can be relative to that directory.
58
59 -h Print help information and exit.
60
61 -i identity
62 Return the specified identity when asked for CH TXT ID.SERVER
63 (This option is used to determine which server is answering the
64 queries when they are multicast). The default is the name
65 returned by gethostname(3).
66
67 -I nsid
68 Add the specified nsid to the EDNS section of the answer when
69 queried with an NSID EDNS enabled packet.
70
71 -l logfile
72 Log messages to the specified logfile. The default is to log to
73 stderr and syslog. If a zonesdir: is specified in the config
74 file this path can be relative to that directory.
75
76 -N count
77 Start count NSD servers. The default is 1. Starting more than a
78 single server is only useful on machines with multiple CPUs
79 and/or network adapters.
80
81 -n number
82 The maximum number of concurrent TCP connection that can be han‐
83 dled by each server. The default is 10.
84
85 -P pidfile
86 Use the specified pidfile instead of the platform specific
87 default, which is mostly /var/run/nsd/nsd.pid. If a zonesdir:
88 is specified in the config file, this path can be relative to
89 that directory.
90
91 -p port
92 Answer the queries on the specified port. Normally this is port
93 53.
94
95 -s seconds
96 Produce statistics dump every seconds seconds. This is equal to
97 sending SIGUSR1 to the daemon periodically.
98
99 -t chroot
100 Specifies a directory to chroot to upon startup. This option
101 requires you to ensure that appropriate syslogd(8) socket (e.g.
102 chrootdir /dev/log) is available, otherwise NSD won't produce
103 any log output.
104
105 -u username
106 Drop user and group privileges to those of username after bind‐
107 ing the socket. The username must be one of: username, id, or
108 id.gid. For example: nsd, 80, or 80.80.
109
110 -V level
111 This value specifies the verbosity level for (non-debug) log‐
112 ging. Default is 0.
113
114 -v Print the version number of NSD to standard error and exit.
115
116 NSD reacts to the following signals:
117
118 SIGTERM
119 Stop answering queries, shutdown, and exit normally.
120
121 SIGHUP Reload the database.
122
123 SIGUSR1
124 Dump BIND8-style statistics into the log. Ignored otherwise.
125
127 /var/lib/nsd/nsd.db
128 default NSD database
129
130 /var/run/nsd/nsd.pid
131 the process id of the name server.
132
133 /etc/nsd/nsd.conf
134 default NSD configuration file
135
137 will log all the problems via the standard syslog(8) daemon facility,
138 unless the -d option is specified.
139
141 nsdc(8), nsd.conf(5), nsd-checkconf(8), nsd-notify(8), nsd-patch(8),
142 nsd-xfer(8), zonec(8)
143
145 NSD was written by NLnet Labs and RIPE NCC joint team. Please see CRED‐
146 ITS file in the distribution for further details.
147
149 NSD will answer the queries erroneously if the database was not prop‐
150 erly compiled with zonec(8). Therefore problems with misconfigured mas‐
151 ter zone files or zonec(8) bugs may not be visible until the queries
152 are actually answered with NSD.
153
154
155
156NLnet Labs Mar 22, 2011 NSD(8)