named9 Daemon

Purpose

Manages the internet domain name system (DNS) server operations.

Syntax

named9 [ -4 ] [ -6 ] [ -c config-file ] [ -d debug-level ] [ -D string ] [ -E engine-name ] [ -f ] [ -g ] [ -L logfile ] [ -M option ] [ -m flag ] [ -n #cpus ] [ -p port ] [ -s ] [ -S #max-socks ] [ -t directory ] [ -U#listeners ] [-u user] [ -v ] [ -V ] [ -X lock-file ] [ -x cache-file ]

Description

The named9 daemon is a Domain Name System (DNS) server, part of the BIND 9 distribution from Internet Systems Consortium (ISC). For more information on the DNS, see RFC 1033, RFC 1034, and RFC 1035. When invoked without arguments, the named9 daemon reads the default configuration file /etc/named.conf, reads any initial data, and listens for queries.

Flags

Table 1. Flags
Item	Description
-4	This option uses only the Internet Protocol version 4 (IPv4) protocol even if the host machine is capable of Internet Protocol version 6 (IPv6). The -4 and -6 options are mutually exclusive.
-6	This option uses only the IPv6 even if the host machine is capable of IPv4. The -4 and -6 options are mutually exclusive.
-c `config-file`	Uses `config-file` as the configuration file instead of the default /etc/named.conf. Makes sure that reloading the configuration file continues to work after the server changes its working directory due to a possible `directory` option in the configuration file. The `config-file` value must be an absolute path name.
-d `debug-level`	Sets the daemon's debug level of the named9 daemon to the `debug-level` value. Debugging traces from the named9 daemon become more verbose as the debug level increases.
-D `string`	Specifies a string that is used to identify an instance of the named9 daemon in a process listing. The contents of `string` are not examined.
-E `engine-name`	Specifies the hardware to be used for cryptographic operations, whenever applicable, such as digital signing by a secure keystore method. When BIND 9 is built with OpenSSL, you must specify this flag with an OpenSSL engine identifier that drives the cryptographic accelerator or hardware service module, such as `pkcs11`. When BIND is built with native Public Key Cryptography Standards (PKCS)#11 cryptography (`--enable-native-pkcs11`), by default the flag is set to the path of the PKCS#11 provider library that is specified by using `--with-pkcs11`.
-f	Runs the server in the foreground.
-g	Runs the server in the foreground and forces all logging to the standard error `stderr`.
-L `logfile`	Sets the logging operation to the `logfile` file, instead of the default system log.
-M `option`	Sets the default memory context options. The following values are the valid values: `external` The internal memory manager is bypassed for system-provided memory allocation functions. `fill` Blocks of memory are filled with tag values when memory is allocated or freed to assist debugging of memory problems. `Nofill` Disables this option and uses the default value unless the named9 daemon is compiled with developer options.
-m `flag`	Turns on the debugging flags of the memory usage. Possible flags are `usage`, `trace`, `record`, `size`, and `mctx`. These values correspond to the `ISC_MEM_DEBUGXXXX` flags that are described in <isc/mem.h>.
-n `#cpus`	Creates `#cpus` worker threads to take advantage of multiple CPUs. If not specified, the named9 daemon tries to determine the number of CPUs present and creates one thread per CPU. If it is unable to determine the number of CPUs, the named9 daemon creates a single worker thread.
-p `port`	Listens for queries on the port `port`. If not specified, the default is port 53.
-s	Writes memory usage statistics to the standard output `stdout` on exit.
-S `#max-socks`	Allows the named9 daemon to use up to `#max-socks` sockets. The default value is 21000 on systems that are built with default configuration options, and 4096 on systems built with `configure --with-tuning=small`. Warning: Set this option only when the default configuration causes exhaustion of file descriptors and the operation environment is known to support the specified number of sockets. Setting this option unnecessarily can yield harmful results because the specified value might exceed the limit of the underlying system API. In addition, the maximum number is normally slightly fewer than the specified value because `named9` reserves some file descriptors for its internal use.
-t `directory`	Changes the root directory to the specified directory after the command-line arguments are processed, but before reading the configuration file. Warning: Use this option with the -u option because changing the root directory of a process that is running as root does not enhance security on most systems.
-U `#listerners`	Specifies the number of worker threads that the named9 daemon must listen to, for incoming User Datagram Protocol (UDP) packets on each address. If this option is not specified, the named9 daemon calculates a default value based on the number of detected CPUs. The named daemon applies the following rules to calculate a default value of worker threads: If only one CPU is detected, the default number of worker thread is one. If more than one CPU is detected, the default number of worked thread is calculated as the number of detected CPUs minus one. The number of worker threads cannot be greater than the number of detected CPUs. Note: If the -n parameter sets a higher value of the number of CPUs than the number of detected CPUs, the number of worker threads might be increased as high as the number of CPUs specified by the -n parameter.
-u `user`	Sets the process user ID to the specified user upon completion of privileged operations, such as creating sockets that listen on privileged ports.
-v	Reports the version number and exits.
-V	Reports the version number and build options, and exits.
-X `lock-file`	Acquires a lock on the specified file at run time. This lock prevents duplicate named9 instances from running simultaneously. Use of this option overrides the `lock-file` option in the named.conf file. If set to `none`, the lock file check is disabled.
-x `cache-file`	Loads data from the specified `cache-file` into the cache of the default configuration file.

Signals

In routine operation, you cannot use signals to control the name server; you must use the rndc command.

Table 2. Signals
Item	Description
`SIGHUP`	Forces a reload of the server.
`SIGINT, SIGTERM`	Shuts down the server.

The result of sending any other signals to the server is undefined.

Configuration

For more information on the configuration file format of the named daemon, see the Configuration File (named.conf) topic.

The named9command inherits the umask operation (file creation mode mask) from the parent process. If the files created by the named9 configuration file, such as journal files, need to have custom permissions, the umask operation must be set explicitly in the script that is used to start the named9 command.

Files

Table 3. Files
Item	Description
/usr/sbin/isc_bind/named9	Contains the named9 daemon.
/etc/named.conf	The default configuration file.
/etc/named.pid	The default process-ID file.