|
|
pdnsd 1.2.7-par (Default branch)
09-15-2008
|
|
PDNSD(8) System Administration Commands PDNSD(8) NAME pdnsd - dns proxy daemon SYNOPSIS pdnsd [-h] [-V] [-s] [-d] [-g] [-t] [-p file] [-vn] [-mxx] [-c file] [-4] [-6] [-a] This man page is an extract of the documentation of pdnsd. For complete, current documentation, refer to the HTML (or plain text) documen- tation (which you can find in the doc/ subdirectory of the source or in a standard documentation directory, typically /usr/share/doc/pdnsd/ if you are using a binary package). DESCRIPTION pdnsd is a IPv6 capable proxy domain name server (DNS) which saves the contents of its DNS cache to the disk on exit. OPTIONS -4 enables IPv4 support. IPv6 support is automatically disabled (should it be available). On by default. -6 enables IPv6 support. IPv4 support is automatically disabled (should it be available). Off by default. -a With this option, pdnsd will try to detect automatically if the system supports IPv6, and fall back to IPv4 otherwise. -V or --version Print version information and exit. -c FILE or --config-file=FILE specifies that configuration is to be read from FILE. Default is /etc/pdnsd.conf. -d or --daemon Start pdnsd in daemon mode (as a background process). -g or --debug Print some debug messages on the console or to the file pdnsd.debug in your cache directory (in daemon mode). -h or --help Print an option summary and exit. -i PREFIX or --ipv4_6_prefix=PREFIX specifies the prefix pdnsd uses (when running in IPv6 mode) to map IPv4 addresses in the configuration file to IPv6 addresses. Must be a valid IPv6 address. Default is ::ffff:0.0.0.0 -p FILE writes the pid the server runs as to the specified filename. Works only in daemon mode. --pdnsd-user Print the user pdnsd will run as and exit. -s or --status enables the status control socket. Either this option should be passed to the command line or status_ctl=on; should be speci- fied in the config file if you want to use pdnsd-ctl(8) to control pdnsd at runtime. -t or --tcp enables the TCP server thread. pdnsd will then serve TCP and UDP queries. -vn sets the verbosity of pdnsd. n is a numeric argument between 0 (normal operation) to 3 (many messages for debugging). -mxx sets the query method pdnsd uses. Possible values for xx are: uo - pdnsd will use UDP only. This is the fastest method, and should be supported by all name servers on the Internet. to - pdnsd will use TCP only. TCP queries usually take more time than UDP queries, but are more secure against certain attacks, where an attacker tries to guess your query id and to send forged answers. TCP queries are not supported by some name servers. tu - pdnsd will try to use TCP, and will fall back to UDP if its connection is refused or times out. ut - pdnsd will try to use UDP, and will repeat the query using TCP if the UDP reply was truncated (i.e. the tc bit is set). This is the behaviour recommended by the DNS standards. Additionally, "no" can be prepended to the --status, --daemon, --debug and --tcp options (e.g. --notcp) to reverse their effect. USAGE pdnsd is usually run from a startup script. For pdnsd to work, You need to:- 1. Tell your system to use pdnsd as the primary DNS server by modifying /etc/resolv.conf. 2. Tell pdnsd to use an authentic source for DNS records, by including the IP addresses of one or more DNS servers, usually your ISP's DNS servers, in /etc/pdnsd.conf. For this, put the following line in your /etc/resolv.conf nameserver 127.0.0.X where X can be any number. (I use 3). Comment out all other entries. You should put the same value in the server_ip= line in global section of /etc/pdnsd.conf. If you want to use pdnsd as the DNS server for a small local network, you should use the IP address or name of the interface connected to this network instead of 127.0.0.X. To tell pdnsd where to get DNS information from, add the following lines in /etc/pdnsd.conf:- server { label= "myisp"; ip=123.456.789.001,123.456.789.002; proxy_only=on; timeout=10; } Note the opening and closing braces. Add more such server sections for each set of DNS servers you want pdnsd to query. Of course the con- figuration options shown here are just examples. More examples can be found in /etc/pdnsd.conf.sample or the pdnsd.conf in the documenta- tion directory. See the pdnsd.conf(5) man page for all the possible options and their exact meaning. If you use a dial up connection, remember that ppp scripts usually replace /etc/resolv.conf when connection with the ISP is established. You need to configure ppp (or whatever you use to establish a connection) so that /etc/resolv.conf is not replaced every time a connection is established. Read the documentation for the scripts run when your network comes up. If you use pppconfig, specify `none' in the `nameservers' option in the `advanced' tab. If you use multiple ISPs, you should do this for each connection/account. If you use multiple ISPs, you should tell pdnsd which DNS servers have become available by calling pdnsd-ctl, the pdnsd control utility, in a script (e.g. /etc/ppp/ip-up when you use pppd) that is run when the connection is established. If the addresses of the DNS servers are obtained through some type of dynamic configuration protocol (e.g. pppd with the usepeerdns option or a DHCP client), you can pass the DNS server addresses as an extra argument to pdnsd-ctl to configure pdnsd at run time. See the pdnsd-ctl(8) man page for details. FILES /etc/pdnsd.conf is the pdnsd configuration file. The file format and configuration options are described in the pdnsd.conf(5) man page. You can find examples of almost all options in /etc/pdnsd.conf.sample. /var/cache/pdnsd/pdnsd.cache /var/cache/pdnsd/pdnsd.status is the status control socket, which must be enabled before you can use pdnsd-ctl. /etc/init.d/pdnsd (the name and location of the start-up script may be different depending on your distribution.) /etc/resolv.conf /etc/defaults/pdnsd contains additional parameters or options which may be passed to pdnsd at boot time. This saves the hassle of fiddling with initscripts (not available on all distributions). BUGS The verbosity option -vn presently does not seem to have much effect on the amount of debug output. Report any remaining bugs to the authors. CONFORMING TO pdnsd should comply with RFCs 1034 and 1035. As of version 1.0.0, RFC compliance has been improved and pdnsd is now believed (or hoped?) to be fully RFC compatible. It completely follows RFC 2181 (except for one minor issue in the FreeBSD port, see the documentation). It does NOT support the following features, of which most are marked optional, experimental or obsolete in these RFCs: o Inverse queries o Status queries o Completion queries o Namespaces other than IN (Internet) o AXFR and IXFR queries (whole zone transfers); since pdnsd does not maintain zones, that should not violate the standard The following record types, that are extensions to the original DNS standard, are supported if given as options at compile time. (if you do not need them, you do not need to compile support for them into pdnsd and save cache and executable space): o RP (responsible person, RFC 1183) o AFSDB (AFS database location, RFC 1183) o X25 (X25 address, RFC 1183) o ISDN (ISDN number/address, RFC 1183) o RT (route through, RFC 1183) o NSAP (Network Service Access Protocol address , RFC 1348) o PX (X.400/RFC822 mapping information, RFC 1995) o GPOS (geographic position, deprecated) o AAAA (IPv6 address, RFC 1886) o LOC (location, RFC 1876) o EID (Nimrod EID) o NIMLOC (Nimrod locator) o SRV (service record, RFC 2782) o ATMA (ATM address) o NAPTR (URI mapping, RFC 2168) o KX (key exchange, RFC 2230) SEE ALSO pdnsd-ctl(8), pdnsd.conf(5), pppconfig(8), resolv.conf(5) More documentation is available in the doc/ subdirectory of the source, or in /usr/share/doc/pdnsd/ if you are using a binary package. AUTHORS pdnsd was originally written by Thomas Moestl, <tmoestl@gmx.net>, <> and was extensively revised by Paul Rombouts <p.a.rombouts@home.nl> <> (for versions 1.1.8b1-par and later). Several others have contributed to pdnsd; see files in the source or /usr/share/doc/pdnsd/ directory. This man page was written by Mahesh T. Pai <paivakil@yahoo.co.in> <> using the documents in /usr/share/docs/pdnsd/ directory for Debian, but can be used on other distributions too. Last revised: 22 Jul 2007 by Paul Rombouts. COPYRIGHT This man page is a part of the pdnsd package, and may be distributed in original or modified form under terms of the GNU General Public License, as published by the Free Software Foundation; either version 3, or (at your option) any later version. You can find a copy of the GNU GPL in the file COPYING in the source or the /usr/share/common-licenses/ directory if you are using a Debian system. pdnsd 1.2.8-par Jul 2007 PDNSD(8)