Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
NSD(8)				   NSD 4.3.6				NSD(8)

       nsd - Name Server Daemon	(NSD) version 4.3.6.

       nsd [-4]	[-6] [-a ip-address[@port]] [-c	configfile] [-d] [-f database]
       [-h] [-i	identity] [-I nsid] [-l	logfile] [-N server-count] [-n noncur-
       rent-tcp-count]	[-P pidfile] [-p port] [-s seconds] [-t	chrootdir] [-u
       username] [-V level] [-v]

       NSD is a	complete implementation	of an  authoritative  DNS  nameserver.
       Upon startup, NSD will read the database	specified with -f database ar-
       gument and put itself into background and answers queries on port 53 or
       a different port	specified with -p port option. The database is created
       if it does not exist. By	default, NSD will bind to all local interfaces
       available. Use the -a ip-address[@port] option to specify a single par-
       ticular interface address to be bound. If this  option  is  given  more
       than  once,  NSD	will bind its UDP and TCP sockets to all the specified
       ip-addresses separately.	If IPv6	is enabled when	 NSD  is  compiled  an
       IPv6 address can	also be	specified.

       All  the	options	can be specified in the	configfile ( -c	argument), ex-
       cept for	the -v and -h options. If options are specified	on the comman-
       dline,  the options on the commandline take precedence over the options
       in the configfile.

       Normally	NSD should be started with the `nsd-control(8) start`  command
       invoked from a /etc/rc.d/ script or similar at the	operating sys-
       tem startup.

       -4     Only listen to IPv4 connections.

       -6     Only listen to IPv6 connections.

       -a ip-address[@port]
	      Listen to	the specified  ip-address.   The  ip-address  must  be
	      specified	in numeric format (using the standard IPv4 or IPv6 no-
	      tation). Optionally, a port number can be	given.	This flag  can
	      be  specified multiple times to listen to	multiple IP addresses.
	      If this flag is not specified, NSD listens to the	 wildcard  in-

       -c configfile
	      Read    specified	   configfile	 instead    of	 the   default
	      /var/nsd/etc/nsd.conf.  For format description see nsd.conf(5).

       -d     Do not fork, stay	in the foreground.

       -f database
	      Use the specified	database instead of the	default	of ''.	 If  a
	      zonesdir:	is specified in	the config file	this path can be rela-
	      tive to that directory.

       -h     Print help information and exit.

       -i identity
	      Return the specified identity when asked for  CH	TXT  ID.SERVER
	      (This  option is used to determine which server is answering the
	      queries when they	are anycast). The default is the name returned
	      by gethostname(3).

       -I nsid
	      Add  the	specified  nsid	to the EDNS section of the answer when
	      queried with an NSID EDNS	enabled	packet.	 As a sequence of  hex
	      characters or with ascii_	prefix and then	an ascii string.

       -l logfile
	      Log messages to the specified logfile.  The default is to	log to
	      stderr and syslog. If a zonesdir:	is  specified  in  the	config
	      file this	path can be relative to	that directory.

       -N count
	      Start  count NSD servers.	The default is 1. Starting more	than a
	      single server is only useful  on	machines  with	multiple  CPUs
	      and/or network adapters.

       -n number
	      The maximum number of concurrent TCP connection that can be han-
	      dled by each server. The default is 100.

       -P pidfile
	      Use the specified	pidfile	instead	of the platform	 specific  de-
	      fault,  which  is	 mostly	 .  If a zonesdir: is specified	in the
	      config file, this	path can be relative to	that directory.

       -p port
	      Answer the queries on the	specified port.	 Normally this is port

       -s seconds
	      Produce  statistics dump every seconds seconds. This is equal to
	      sending SIGUSR1 to the daemon periodically.

       -t chroot
	      Specifies	a directory to chroot to upon startup. This option re-
	      quires  you  to  ensure that appropriate syslogd(8) socket (e.g.
	      chrootdir	/dev/log) is available,	otherwise  NSD	won't  produce
	      any log output.

       -u username
	      Drop  user and group privileges to those of username after bind-
	      ing the socket.  The username must be one	of: username,  id,  or
	      id.gid. For example: nsd,	80, or 80.80.

       -V level
	      This  value  specifies  the verbosity level for (non-debug) log-
	      ging.  Default is	0.

       -v     Print the	version	number of NSD to standard error	and exit.

       NSD reacts to the following signals:

	      Stop answering queries, shutdown,	and exit normally.

       SIGHUP Reload.  Scans zone files	and if changed (mtime) reads them  in.
	      Also reopens the logfile (assists	logrotation).

	      Dump BIND8-style statistics into the log.	Ignored	otherwise.

       ""     default NSD database

       the process id of the name server.

	      default NSD configuration	file

       NSD  will log all the problems via the standard syslog(8) daemon	facil-
       ity, unless the -d option is specified.

       nsd.conf(5), nsd-checkconf(8), nsd-control(8)

       NSD was written by NLnet	Labs and RIPE NCC joint	team. Please see CRED-
       ITS file	in the distribution for	further	details.

NLnet Labs			 Apr  6, 2021				NSD(8)


Want to link to this manual page? Use this URL:

home | help