Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
DNRD(8)			   Domain Name Relay Daemon		       DNRD(8)

       dnrd - proxy name server

       dnrd   [-a localaddress | --address=localaddress] [-b | --load-balance]
	      [-B BLACKLIST | --blacklist=BLACKLIST]
	      [-c (off|[low:]high) | --cache=(off|[low:]high)]
	      [-d LEVEL	| --debug=LEVEL] [-h | --help] [-i | --ignore]
	      [-k | --kill] [-l	| --log] [-m (off|FILE)	| --master=(off|FILE)]
	      [-M N | --max-sock=N] [-r	N | --retry=N]
	      [-R DIR |	--dnrd-root=DIR]
	      [-s ipaddr(:domain) | --server=ipaddr(:domain)]
	      [-S N[+] | --stats=N[+]] [-t N | --timeout=N]
	      [-u userid | --uid=userid] [-v | --version]

       dnrd is a proxying nameserver. It forwards DNS queries to the
       appropriate nameserver, but can also act	as the primary nameserver for
       a subnet	behind a firewall.  Proxying is	configured on the command line
       using the -s option.  By	default, dnrd will act as the primary
       nameserver for hosts found in /usr/local/etc/dnrd/master	and queries to
       hostnames listed	in /usr/local/etc/dnrd/blacklist will be answered with
       a "host not found".


	      Bind only	to the interface with the specified address. By
	      default dnrd binds to everything.


	      Turn on load balancing. All forward servers (specified with -s)
	      after this option	will load balance in a round robin scheme. By
	      default, dnrd will use the next server in	the list if the	first
	      times out. As soon as the	first is reactivated, it will be used
	      again. With -b option, dnrd will use next	active server as soon
	      a	request	is served. If a	server times out it will be
	      deactivated and will not be used until it	comes back. As soon it
	      is reactivated it	will join the list.

	      Note that	if there are no	servers	specified with -s after	the
	      -b, this will do nothing at all.


	      Blacklist	all hostnames listed in	the file BLACKLIST. Queries to
	      hosts listed in this file	will be	answered with "host not
	      found". The file BLACKLIST is specified relative to the DNRD
	      chroot directory (defaults to /usr/local/etc/dnrd). By default
	      dnrd will	look for a file	named "blacklist".

       -c (off|[low:]high)

	      This option can be used to either	turn off caching of DNS
	      responses, or to change the high and low watermarks. With	the
	      high/low water mark option, cached entries are purged when the
	      number of	responses reaches the high-water mark, and they	will
	      be purged	until the number of cached responses reaches the
	      low-water	mark, purging the oldest first.	By default, caching is
	      on, with low and high water-marks	of 800 and 1000	respectively.

       -d LEVEL

	      This turns on debugging level LEVEL.  The	dnrd process will not
	      fork into	the background and print out debugging information in
	      the current console. Supported debug levels are 1-4 The higher
	      level, the more debug info is printed.

	      The -l option can	be used	to force dnrd to run in	the background
	      and log debug info to syslog.

	      Sending signal SIGUSR1 will toggle the debug level between level
	      0	(no debugging) and level 3.


       --help Prints usage information


	      Ignore cache for deactivated servers. If a forward DNS server
	      times out	and gets deactivated, all cache	entries	for this
	      server are ignored. This helps avoid network timeout delays when
	      dnrd serves a offline/dialup network.


       --kill Kills the	currently running dnrd process.


       --log  Send all messages	to syslog.  dnrd uses the deamon facility. If
	      used with	the -d flag, this option will cause dnrd to fork and
	      run in the background, logging all debugging messages to syslog.

       -m (off|FILE)

	      dnrd can act as the primary name server for a number of hosts.
	      By default, it will read in /usr/local/etc/dnrd/master to
	      determine	how this is done.  This	option specifies another file
	      than /usr/local/etc/dnrd/master or turns off all primary server
	      functionality.  Sending dnrd signal -HUP will make dnrd try to
	      re-read the master file unless this is option is set to "off".
	      Therefore, the master file have to be within the dnrd-root. the
	      file is specified	relative to dnrd-root.

       -M N

	      Set the maximum allowed open sockets. Default is 200.

       -r N

	      Set the retry interval time. When	a forward DNS server times out
	      it is deactivated. (use the -t option to set the timeout value)
	      dnrd will	try to send a request for localhost every N seconds.
	      As soon there are	a respose from a deactivated server, it	is
	      reactivated. The default value is	10 seconds. Setting this to
	      zero will	make dnrd to never deactivate a	server.

       -R DIR

	      Set the dnrd-root	to DIR.	 dnrd will chroot to this directory at
	      startup so all files, masterfile and blacklist, must be here.
	      This option overrides the	environment variable DNRD_ROOT.
	      Default dnrd-root	is /usr/local/etc/dnrd.

       -s ipaddr(:domain)

	      Add a forward DNS	server.	If -s is used multiple times, the
	      first is the primary DNS server and the rest are backup servers.
	      If the primary DNS server	times out, it is deactivated and the
	      next specified server (that is active) is	used until the
	      previous gets reactivated.

	      The domain option	allows dnrd to determine which DNS server
	      should get the query based on the	domain name in the query. This
	      is useful	when you have an internet connection and a vpn
	      connection to work, for instance.	Several	servers	with the same
	      domain might be specified	and then will they work	as backup

	      If the -b	option is specified, then all servers specified	after
	      the -b option are	load balanced per domain.

       -S N[+]

	      Print statistics about cache hits, cache misses and timeouts to
	      syslog every N seconds.  If + is specified, the counters will
	      not be reset after the print.

       -t N

	      Set the timeout value for	forward	DNS servers. If	a server don't
	      respond to a query within	N seconds it is	deactivated. The
	      default value is 12

	      Setting this to zero will	make dnrd to never deactivate a	server
	      because of timeouts. However, a server might be deactivated if
	      sendto fails.

       -u userid

	      Set the UID that dnrd will run as. By default, dnrd tries	to
	      switches to uid dnrd after starting up.


	      Prints out the version number.

       The TTL's are not respected for the cache.


       This file is used to configure dnrd as a	primary	nameserver.


       Hosts listed in this file are blacklisted.


       The currently-running dnrd process' pid is placed into this file. It is
       needed to allow new dnrd	processes to find and kill the currently
       running process.

       The original version of dnrd was	written	by Brad	Garcia
       Other contributors are listed in	the HISTORY file included with the
       source code.

DNRD v2.20		   Domain Name Relay Daemon		       DNRD(8)


Want to link to this manual page? Use this URL:

home | help