1NSD(8) NSD 4.3.5 NSD(8)
2
3
4
6 nsd - Name Server Daemon (NSD) version 4.3.5.
7
9 nsd [-4] [-6] [-a ip-address[@port]] [-c configfile] [-d] [-f database]
10 [-h] [-i identity] [-I nsid] [-l logfile] [-N server-count] [-n noncur‐
11 rent-tcp-count] [-P pidfile] [-p port] [-s seconds] [-t chrootdir] [-u
12 username] [-V level] [-v]
13
15 NSD is a complete implementation of an authoritative DNS nameserver.
16 Upon startup, NSD will read the database specified with -f database
17 argument and put itself into background and answers queries on port 53
18 or a different port specified with -p port option. The database is cre‐
19 ated if it does not exist. By default, NSD will bind to all local
20 interfaces available. Use the -a ip-address[@port] option to specify a
21 single particular interface address to be bound. If this option is
22 given more than once, NSD will bind its UDP and TCP sockets to all the
23 specified ip-addresses separately. If IPv6 is enabled when NSD is com‐
24 piled an IPv6 address can also be specified.
25
27 All the options can be specified in the configfile ( -c argument),
28 except for the -v and -h options. If options are specified on the com‐
29 mandline, the options on the commandline take precedence over the
30 options in the configfile.
31
32 Normally NSD should be started with the `nsd-control(8) start` command
33 invoked from a /etc/rc.d/nsd.sh script or similar at the operating sys‐
34 tem startup.
35
36 -4 Only listen to IPv4 connections.
37
38 -6 Only listen to IPv6 connections.
39
40 -a ip-address[@port]
41 Listen to the specified ip-address. The ip-address must be
42 specified in numeric format (using the standard IPv4 or IPv6
43 notation). Optionally, a port number can be given. This flag
44 can be specified multiple times to listen to multiple IP
45 addresses. If this flag is not specified, NSD listens to the
46 wildcard interface.
47
48 -c configfile
49 Read specified configfile instead of the default
50 /etc/nsd/nsd.conf. For format description see nsd.conf(5).
51
52 -d Do not fork, stay in the foreground.
53
54 -f database
55 Use the specified database instead of the default of ''. If a
56 zonesdir: is specified in the config file this path can be rela‐
57 tive to that directory.
58
59 -h Print help information and exit.
60
61 -i identity
62 Return the specified identity when asked for CH TXT ID.SERVER
63 (This option is used to determine which server is answering the
64 queries when they are anycast). The default is the name returned
65 by gethostname(3).
66
67 -I nsid
68 Add the specified nsid to the EDNS section of the answer when
69 queried with an NSID EDNS enabled packet. As a sequence of hex
70 characters or with ascii_ prefix and then an ascii string.
71
72 -l logfile
73 Log messages to the specified logfile. The default is to log to
74 stderr and syslog. If a zonesdir: is specified in the config
75 file this path can be relative to that directory.
76
77 -N count
78 Start count NSD servers. The default is 1. Starting more than a
79 single server is only useful on machines with multiple CPUs
80 and/or network adapters.
81
82 -n number
83 The maximum number of concurrent TCP connection that can be han‐
84 dled by each server. The default is 100.
85
86 -P pidfile
87 Use the specified pidfile instead of the platform specific
88 default, which is mostly /run/nsd/nsd.pid. If a zonesdir: is
89 specified in the config file, this path can be relative to that
90 directory.
91
92 -p port
93 Answer the queries on the specified port. Normally this is port
94 53.
95
96 -s seconds
97 Produce statistics dump every seconds seconds. This is equal to
98 sending SIGUSR1 to the daemon periodically.
99
100 -t chroot
101 Specifies a directory to chroot to upon startup. This option
102 requires you to ensure that appropriate syslogd(8) socket (e.g.
103 chrootdir /dev/log) is available, otherwise NSD won't produce
104 any log output.
105
106 -u username
107 Drop user and group privileges to those of username after bind‐
108 ing the socket. The username must be one of: username, id, or
109 id.gid. For example: nsd, 80, or 80.80.
110
111 -V level
112 This value specifies the verbosity level for (non-debug) log‐
113 ging. Default is 0.
114
115 -v Print the version number of NSD to standard error and exit.
116
117 NSD reacts to the following signals:
118
119 SIGTERM
120 Stop answering queries, shutdown, and exit normally.
121
122 SIGHUP Reload. Scans zone files and if changed (mtime) reads them in.
123 Also reopens the logfile (assists logrotation).
124
125 SIGUSR1
126 Dump BIND8-style statistics into the log. Ignored otherwise.
127
129 "" default NSD database
130
131 /run/nsd/nsd.pid
132 the process id of the name server.
133
134 /etc/nsd/nsd.conf
135 default NSD configuration file
136
138 NSD will log all the problems via the standard syslog(8) daemon facil‐
139 ity, unless the -d option is specified.
140
142 nsd.conf(5), nsd-checkconf(8), nsd-control(8)
143
145 NSD was written by NLnet Labs and RIPE NCC joint team. Please see CRED‐
146 ITS file in the distribution for further details.
147
148
149
150NLnet Labs Jan 26, 2021 NSD(8)