|DNSPROXY(8)||System Manager's Manual||DNSPROXY(8)|
dnsproxy — DNS
dnsproxy daemon waits for nameserver
queries on a user specified address, dispatches these queries to
authoritative and recursive nameservers and forwards the received answers
back to the original client.
The options are as follows:
- Read configuration from file.
- Detach from current terminal and run as background process.
- Show usage.
- Show version.
If a client from an internal IP address does a recursive lookup the query is forwarded to a recursive DNS server. Authoritative queries and queries coming from clients in foreign networks are forwarded to an authoritative DNS server.
dnsproxy reads a configuration
file specified via the -c option or at the default location of
The following keywords are recognized:
- authoritative IP
- Address of the authoritative nameserver [required].
- recursive IP
- Address of the recursive nameserver [required].
- listen IP
- Local address (defaults to 0.0.0.0).
- port number
- Local port number (defaults to 53).
- chroot path
- A path to chroot to before starting to answer queries.
- user name
- A user to change to before starting to answer queries.
- authoritative-timeout seconds
- Time in seconds when authoritative queries time out (defaults to 10).
- recursive-timeout seconds
- Time in seconds when recursive queries time out (defaults to 90).
- authoritative-port number
- Port number on authoritative nameserver (defaults to 53).
- recursive-port number
- Port number on recursive nameserver (defaults to 53).
- statistics seconds
- Period between output of statistics (defaults to 3600). Use 0 to disable output of statistics completely.
- internal network
- Declare networks recognized as internal and thus eligible to do recursive queries. One network in CIDR notation per keyword.
authoritative 10.1.1.1 recursive 127.0.0.1 recursive-port 10053 listen 192.168.1.1 port 53 chroot /var/empty user nobody internal 192.168.1.0/24 internal 127.0.0.1
Every hour (by default)
dnsproxy logs the
collected statistics about its usage to standard error (or syslog when
running detached). Statistics look like
ActiveQr AuthorQr RecursQr AllQuery Answered 0 0 0 0 0 TimeoutQ DroppedQ DroppedA LateAnsw HashColl 0 0 0 0 0
and have the following meaning:
- Number of currently active queries proxied to the servers.
- Accumulated number of authoritative queries.
- Accumulated number of recursive queries.
- Accumulated number of all queries ever received.
- Accumulated number of answered queries.
- Accumulated number of queries that did not receive an answer in time.
- Accumulated number of dropped queries (e.g. transmission errors).
- Accumulated number of dropped answers.
- Accumulated number of answers received after the timeout period.
- Accumulated number of hash collisions in the query list.
This manual page describes
Armin Wolfermann <email@example.com>
dnsproxy homepage is at
|November 29, 2003||LOCAL|