suzanne.soy/man-pages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gh-pages
man-pages/man5/resolv.conf.5.html
Suzanne Soy 4c89183f2b Added man pages from my system
2021-03-31 01:06:50 +01:00

465 lines
12 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of RESOLV.CONF</TITLE>
</HEAD><BODY>
<H1>RESOLV.CONF</H1>
Section: Linux Programmer's Manual (5)<BR>Updated: 2019-10-10<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
resolv.conf - resolver configuration file
<A NAME="lbAC">&nbsp;</A>
<H2>SYNOPSIS</H2>
<B>/etc/resolv.conf</B>
<A NAME="lbAD">&nbsp;</A>
<H2>DESCRIPTION</H2>
The
<I>resolver</I>
is a set of routines in the C library
that provide access to the Internet Domain Name System (DNS).
The resolver configuration file contains information that is read
by the resolver routines the first time they are invoked by a process.
The file is designed to be human readable and contains a list of
keywords with values that provide various types of resolver information.
The configuration file is considered a trusted source of DNS information
(e.g., DNSSEC AD-bit information will be returned unmodified from this
source).
<P>
If this file does not exist, only the name server on the local machine
will be queried, and the search list contains the local domain name
determined from the hostname.
<P>
The different configuration options are:
<DL COMPACT>
<DT id="1"><B>nameserver</B> Name server IP address<DD>
Internet address of a name server that the resolver should query,
either an IPv4 address (in dot notation),
or an IPv6 address in colon (and possibly dot) notation as per RFC 2373.
Up to
<B>MAXNS</B>
(currently 3, see <I>&lt;<A HREF="file:///usr/include/resolv.h">resolv.h</A>&gt;</I>) name servers may be listed,
one per keyword.
If there are multiple servers,
the resolver library queries them in the order listed.
If no <B>nameserver</B> entries are present,
the default is to use the name server on the local machine.
(The algorithm used is to try a name server, and if the query times out,
try the next, until out of name servers,
then repeat trying all the name servers
until a maximum number of retries are made.)
<DT id="2"><B>search</B> Search list for host-name lookup.<DD>
By default, the search list contains one entry, the local domain name.
It is determined from the local hostname returned by
<B><A HREF="/cgi-bin/man/man2html?2+gethostname">gethostname</A></B>(2);
the local domain name is taken to be everything after the first
'.'.
Finally, if the hostname does not contain a '.', the
root domain is assumed as the local domain name.
<DT id="3"><DD>
This may be changed by listing the desired domain search path
following the <I>search</I> keyword with spaces or tabs separating
the names.
Resolver queries having fewer than
<I>ndots</I>
dots (default is 1) in them will be attempted using each component
of the search path in turn until a match is found.
For environments with multiple subdomains please read
<B>options ndots:</B><I>n</I>
below to avoid man-in-the-middle attacks and unnecessary
traffic for the root-dns-servers.
Note that this process may be slow and will generate a lot of network
traffic if the servers for the listed domains are not local,
and that queries will time out if no server is available
for one of the domains.
<DT id="4"><DD>
If there are multiple
<B>search</B>
directives, only the search list from the last instance is used.
<DT id="5"><DD>
In glibc 2.25 and earlier, the search list is limited to six domains
with a total of 256 characters.
Since glibc 2.26,
the search list is unlimited.
<DT id="6"><DD>
The
<B>domain</B>
directive is an obsolete name for the
<B>search</B>
directive that handles one search list entry only.
<DT id="7"><B>sortlist</B><DD>
This option allows addresses returned by
<B><A HREF="/cgi-bin/man/man2html?3+gethostbyname">gethostbyname</A></B>(3)
to be sorted.
A sortlist is specified by IP-address-netmask pairs.
The netmask is
optional and defaults to the natural netmask of the net.
The IP address
and optional network pairs are separated by slashes.
Up to 10 pairs may
be specified.
Here is an example:
<DT id="8"><DD>
sortlist 130.155.160.0/255.255.240.0 130.155.0.0
<DT id="9"><B>options</B><DD>
Options allows certain internal resolver variables to be modified.
The syntax is
<DL COMPACT><DT id="10"><DD>
<DL COMPACT>
<DT id="11"><DD>
<B>options</B> <I>option</I> <I>...</I>
</DL>
<P>
where <I>option</I> is one of the following:
<DL COMPACT>
<DT id="12"><B>debug</B><DD>
Sets
<B>RES_DEBUG</B>
in
<I>_res.options</I>
(effective only if glibc was built with debug support; see
<B><A HREF="/cgi-bin/man/man2html?3+resolver">resolver</A></B>(3)).
<DT id="13"><B>ndots:</B><I>n</I>
<DD>
Sets a threshold for the number of dots which
must appear in a name given to
<B><A HREF="/cgi-bin/man/man2html?3+res_query">res_query</A></B>(3)
(see
<B><A HREF="/cgi-bin/man/man2html?3+resolver">resolver</A></B>(3))
before an <I>initial absolute query</I> will be made.
The default for
<I>n</I> is 1, meaning that if there are any dots in a name, the name
will be tried first as an absolute name before any <I>search list</I>
elements are appended to it.
The value for this option is silently capped to 15.
<DT id="14"><B>timeout:</B><I>n</I>
<DD>
Sets the amount of time the resolver will wait for a
response from a remote name server before retrying the
query via a different name server. This may
<B>not</B>
be the total time taken by any resolver API call and there is no
guarantee that a single resolver API call maps to a single timeout.
Measured in seconds,
the default is
<B>RES_TIMEOUT</B>
(currently 5, see <I>&lt;<A HREF="file:///usr/include/resolv.h">resolv.h</A>&gt;</I>).
The value for this option is silently capped to 30.
<DT id="15"><B>attempts:</B><I>n</I>
<DD>
Sets the number of times the resolver will send a
query to its name servers before giving up and returning
an error to the calling application.
The default is
<B>RES_DFLRETRY</B>
(currently 2, see <I>&lt;<A HREF="file:///usr/include/resolv.h">resolv.h</A>&gt;</I>).
The value for this option is silently capped to 5.
<DT id="16"><B>rotate</B>
<DD>
Sets
<B>RES_ROTATE</B>
in
<I>_res.options</I>,
which causes round-robin selection of name servers from among those listed.
This has the effect of spreading the query load among all listed servers,
rather than having all clients try the first listed server first every time.
<DT id="17"><B>no-check-names</B>
<DD>
Sets
<B>RES_NOCHECKNAME</B>
in
<I>_res.options</I>,
which disables the modern BIND checking of incoming hostnames and
mail names for invalid characters such as underscore (_), non-ASCII,
or control characters.
<DT id="18"><B>inet6</B>
<DD>
Sets
<B>RES_USE_INET6</B>
in
<I>_res.options</I>.
This has the effect of trying an AAAA query before an A query inside the
<B><A HREF="/cgi-bin/man/man2html?3+gethostbyname">gethostbyname</A></B>(3)
function, and of mapping IPv4 responses in IPv6 &quot;tunneled form&quot;
if no AAAA records are found but an A record set exists.
Since glibc 2.25,
this option is deprecated; applications should use
<B><A HREF="/cgi-bin/man/man2html?3+getaddrinfo">getaddrinfo</A></B>(3),
rather than
<B><A HREF="/cgi-bin/man/man2html?3+gethostbyname">gethostbyname</A></B>(3).
<P>
Some programs behave strangely when this option is turned on.
<DT id="19"><B>ip6-bytestring</B> (since glibc 2.3.4)
<DD>
Sets
<B>RES_USEBSTRING</B>
in
<I>_res.options</I>.
This causes reverse IPv6 lookups to be made using the bit-label format
described in RFC&nbsp;2673;
if this option is not set (which is the default), then nibble format is used.
This option was removed in glibc 2.25,
since it relied on a backward-incompatible
DNS extension that was never deployed on the Internet.
<DT id="20"><B>ip6-dotint</B>/<B>no-ip6-dotint</B> (glibc 2.3.4 to 2.24)
<DD>
Clear/set
<B>RES_NOIP6DOTINT</B>
in
<I>_res.options</I>.
When this option is clear
(<B>ip6-dotint</B>),
reverse IPv6 lookups are made in the (deprecated)
<I>ip6.int</I>
zone;
when this option is set
(<B>no-ip6-dotint</B>),
reverse IPv6 lookups are made in the
<I>ip6.arpa</I>
zone by default.
These options are available in glibc versions up to 2.24, where
<B>no-ip6-dotint</B>
is the default.
Since
<B>ip6-dotint</B>
support long ago ceased to be available on the Internet,
these options were removed in glibc 2.25.
<DT id="21"><B>edns0</B> (since glibc 2.6)
<DD>
Sets
<B>RES_USE_EDNSO</B>
in
<I>_res.options</I>.
This enables support for the DNS extensions described in RFC&nbsp;2671.
<DT id="22"><B>single-request</B> (since glibc 2.10)
<DD>
Sets
<B>RES_SNGLKUP</B>
in
<I>_res.options</I>.
By default, glibc performs IPv4 and IPv6 lookups in parallel since
version 2.9.
Some appliance DNS servers
cannot handle these queries properly and make the requests time out.
This option disables the behavior and makes glibc perform the IPv6
and IPv4 requests sequentially (at the cost of some slowdown of the
resolving process).
<DT id="23"><B>single-request-reopen</B> (since glibc 2.9)
<DD>
Sets
<B>RES_SNGLKUPREOP</B>
in
<I>_res.options</I>.
The resolver uses the same socket for the A and AAAA requests.
Some hardware mistakenly sends back only one reply.
When that happens the client system will sit and wait for the second reply.
Turning this option on changes this behavior
so that if two requests from the same port are not handled correctly it will
close the socket and open a new one before sending the second request.
<DT id="24"><B>no-tld-query</B> (since glibc 2.14)
<DD>
Sets
<B>RES_NOTLDQUERY</B>
in
<I>_res.options</I>.
This option causes
<B>res_nsearch</B>()
to not attempt to resolve an unqualified name
as if it were a top level domain (TLD).
This option can cause problems if the site has ``localhost'' as a TLD
rather than having localhost on one or more elements of the search list.
This option has no effect if neither RES_DEFNAMES or RES_DNSRCH is set.
<DT id="25"><B>use-vc</B> (since glibc 2.14)
<DD>
Sets
<B>RES_USEVC</B>
in
<I>_res.options</I>.
This option forces the use of TCP for DNS resolutions.
<DT id="26"><B>no-reload</B> (since glibc 2.26)
<DD>
Sets
<B>RES_NORELOAD</B>
in
<I>_res.options</I>.
This option disables automatic reloading of a changed configuration file.
</DL>
</DL>
</DL>
<P>
The <I>search</I> keyword of a system's <I>resolv.conf</I> file can be
overridden on a per-process basis by setting the environment variable
<B>LOCALDOMAIN</B>
to a space-separated list of search domains.
<P>
The <I>options</I> keyword of a system's <I>resolv.conf</I> file can be
amended on a per-process basis by setting the environment variable
<B>RES_OPTIONS</B>
to a space-separated list of resolver options
as explained above under <B>options</B>.
<P>
The keyword and value must appear on a single line, and the keyword
(e.g., <B>nameserver</B>) must start the line.
The value follows the keyword, separated by white space.
<P>
Lines that contain a semicolon (;) or hash character (#)
in the first column are treated as comments.
<A NAME="lbAE">&nbsp;</A>
<H2>FILES</H2>
<I>/etc/resolv.conf</I>,
<I>&lt;<A HREF="file:///usr/include/resolv.h">resolv.h</A>&gt;</I>
<A NAME="lbAF">&nbsp;</A>
<H2>SEE ALSO</H2>
<B><A HREF="/cgi-bin/man/man2html?3+gethostbyname">gethostbyname</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+resolver">resolver</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?5+host.conf">host.conf</A></B>(5),
<B><A HREF="/cgi-bin/man/man2html?5+hosts">hosts</A></B>(5),
<B><A HREF="/cgi-bin/man/man2html?5+nsswitch.conf">nsswitch.conf</A></B>(5),
<B><A HREF="/cgi-bin/man/man2html?7+hostname">hostname</A></B>(7),
<B><A HREF="/cgi-bin/man/man2html?8+named">named</A></B>(8)
<P>
Name Server Operations Guide for BIND
<A NAME="lbAG">&nbsp;</A>
<H2>COLOPHON</H2>
This page is part of release 5.05 of the Linux
<I>man-pages</I>
project.
A description of the project,
information about reporting bugs,
and the latest version of this page,
can be found at
<A HREF="https://www.kernel.org/doc/man-pages/.">https://www.kernel.org/doc/man-pages/.</A>
<P>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="27"><A HREF="#lbAB">NAME</A><DD>
<DT id="28"><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT id="29"><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT id="30"><A HREF="#lbAE">FILES</A><DD>
<DT id="31"><A HREF="#lbAF">SEE ALSO</A><DD>
<DT id="32"><A HREF="#lbAG">COLOPHON</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:06:04 GMT, March 31, 2021
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink