pdns_recursor

PDNS_RECURSOR(1)               PowerDNS Recursor              PDNS_RECURSOR(1)

NAME
       pdns_recursor - The PowerDNS Recursor binary

SYNOPSIS
       pdns_recursor [OPTION]...

DESCRIPTION
       pdns_recursor  is a high performance, simple and secure recursing name-
       server. It currently powers hundreds of millions internet connections.

       The recursor is configured via a configuration file, but each  item  in
       that file can be overridden on the command line.

       This  manpage lists the core set of features needed to get the PowerDNS
       Recursor  working,  for  full  and  up  to   date   details   head   to
       https://doc.powerdns.com/.

EXAMPLES
       To  listen  on 192.0.2.53 and allow the 192.0.2.0/24 subnet to recurse,
       and run as in the background, execute:

          # pdns_recursor --local-address=192.0.2.53 --allow-from=192.0.2.0/24 --daemon

       To stop the recursor by hand, run:

          # rec_control quit

       However, the recommended way of starting and stopping the  recursor  is
       to use the init.d script or systemctl(1).

OPTIONS
       For  authoritative listing of options, consult the online documentation
       at <https://doc.powerdns.com/>

       --allow-from=<networks>
              If set, only allow these comma separated networks, with  network
              mask to recurse. For example: 192.0.2.0/24,203.0.113.128/25.

       --auth-zones=<authzones>
              Where  authzone  is  <zonename>=<filename>.  Serve zonename from
              filename         authoritatively.          For          example:
              ds9a.nl=/var/zones/ds9a.nl,powerdns.com=/var/zones/powerdns.com.

       --chroot=<directory>
              chroot the process to directory.

       --client-tcp-timeout=<num>
              Timeout in seconds when talking to TCP clients.

       --config-dir=<directory>
              Location of configuration directory (recursor.conf), the default
              depends on the SYSCONFDIR option at build-time, which is usually
              /etc/powerdns.  The  default  can  be  found  with pdns_recursor
              --config | grep ' config-dir='.

       --daemon
              Operate as a daemon.

       --delegation-only
              Which domains we only accept delegations from (a  Verisign  spe-
              cial).

       --entropy-source=<file>
              Read new entropy from file, defaults to /dev/urandom.

       --export-etc-hosts
              If  set,  this  flag  will export the hostnames and IP addresses
              mentioned in /etc/hosts.

       --forward-zones=<forwardzones>
              Where forwardzone is <zonename>=<address>.  Queries for zonename
              will  be  forwarded to address. address should be an IP address,
              not a hostname (to prevent chicken and egg  problems).  Example:
              forward-zones= ds9a.nl=213.244.168.210, powerdns.com=127.0.0.1.

       --forward-zones-file=<filename>
              Similar  to --forward-zones, but read the options from filename.
              filename   should   contain   one   zone   per    line,    like:
              ds9a.nl=213.244.168.210.

       --help Show a summary of options.

       --hint-file=<filename>
              Load root hints from this filename

       --local-address=<address>
              Listen on address, separated by spaces or commas.

       --local-port=<port>
              Listen on port.

       --log-common-errors
              If we should log rather common errors.

       --max-cache-entries=<num>
              Maximum number of entries in the main cache.

       --max-negative-ttl=<num>
              maximum  number  of  seconds  to keep a negative cached entry in
              memory.

       --max-tcp-clients=<num>
              Maximum number of simultaneous TCP clients.

       --max-tcp-per-client=<num>
              If set, maximum number of TCP sessions per client (IP address).

       --query-local-address=<address>
              Use address as Source IP address when sending queries.

       --query-local-address6=<address>
              Send out local IPv6 queries from address. Disabled  by  default,
              which  also  disables outgoing IPv6 support. A useful setting is
              '::0'.

       --quiet
              Suppress logging of questions and answers.

       --server-id=<text>
              Return text WHen queried for 'id.server' TXT, defaults to  host-
              name.

       --serve-rfc1918
              On  by  default, this makes the server authoritatively aware of:
              10.in-addr.arpa,            168.192.in-addr.arpa             and
              16-31.172.in-addr.arpa,  which  saves load on the AS112 servers.
              Individual parts of these zones can  still  be  loaded  or  for-
              warded.

       --setgid=<gid>
              If set, change group id to gid for more security.

       --setuid=<uid>
              If set, change user id to uid for more security.

       --single-socket
              If set, only use a single socket for outgoing queries.

       --socket-dir=<directory>
              The controlsocket will live in directory.

       --spoof-nearmiss-max=<num>
              If non-zero, assume spoofing after this many near misses.

       --trace
              if we should output heaps of logging.

       --version-string=<text>
              text WILL be reported on version.pdns or version.bind queries.

SEE ALSO
       rec_control(1) systemctl(1)

AUTHOR
       PowerDNS.COM BV

COPYRIGHT
       2001-2019, PowerDNS.COM BV

                                 Dec 06, 2019                 PDNS_RECURSOR(1)