1*d642636dSDavid van Moolenbroek.\" $NetBSD: resolv.conf.5,v 1.30 2012/09/09 18:09:24 christos Exp $ 2*d642636dSDavid van Moolenbroek.\" 3*d642636dSDavid van Moolenbroek.\" Copyright (c) 1986, 1991 The Regents of the University of California. 4*d642636dSDavid van Moolenbroek.\" All rights reserved. 5*d642636dSDavid van Moolenbroek.\" 6*d642636dSDavid van Moolenbroek.\" Redistribution and use in source and binary forms, with or without 7*d642636dSDavid van Moolenbroek.\" modification, are permitted provided that the following conditions 8*d642636dSDavid van Moolenbroek.\" are met: 9*d642636dSDavid van Moolenbroek.\" 1. Redistributions of source code must retain the above copyright 10*d642636dSDavid van Moolenbroek.\" notice, this list of conditions and the following disclaimer. 11*d642636dSDavid van Moolenbroek.\" 2. Redistributions in binary form must reproduce the above copyright 12*d642636dSDavid van Moolenbroek.\" notice, this list of conditions and the following disclaimer in the 13*d642636dSDavid van Moolenbroek.\" documentation and/or other materials provided with the distribution. 14*d642636dSDavid van Moolenbroek.\" 3. Neither the name of the University nor the names of its contributors 15*d642636dSDavid van Moolenbroek.\" may be used to endorse or promote products derived from this software 16*d642636dSDavid van Moolenbroek.\" without specific prior written permission. 17*d642636dSDavid van Moolenbroek.\" 18*d642636dSDavid van Moolenbroek.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19*d642636dSDavid van Moolenbroek.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20*d642636dSDavid van Moolenbroek.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21*d642636dSDavid van Moolenbroek.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22*d642636dSDavid van Moolenbroek.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23*d642636dSDavid van Moolenbroek.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24*d642636dSDavid van Moolenbroek.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25*d642636dSDavid van Moolenbroek.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26*d642636dSDavid van Moolenbroek.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27*d642636dSDavid van Moolenbroek.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28*d642636dSDavid van Moolenbroek.\" SUCH DAMAGE. 29*d642636dSDavid van Moolenbroek.\" 30*d642636dSDavid van Moolenbroek.\" @(#)resolver.5 5.12 (Berkeley) 5/10/91 31*d642636dSDavid van Moolenbroek.\" 32*d642636dSDavid van Moolenbroek.Dd September 9, 2012 33*d642636dSDavid van Moolenbroek.Dt RESOLV.CONF 5 34*d642636dSDavid van Moolenbroek.Os 35*d642636dSDavid van Moolenbroek.Sh NAME 36*d642636dSDavid van Moolenbroek.Nm resolv.conf 37*d642636dSDavid van Moolenbroek.Nd resolver configuration file 38*d642636dSDavid van Moolenbroek.Sh DESCRIPTION 39*d642636dSDavid van MoolenbroekThe 40*d642636dSDavid van Moolenbroek.Nm resolv.conf 41*d642636dSDavid van Moolenbroekfile specifies how the 42*d642636dSDavid van Moolenbroek.Xr resolver 3 43*d642636dSDavid van Moolenbroekroutines in the C library 44*d642636dSDavid van Moolenbroek(which provide access to the Internet Domain Name System) should operate. 45*d642636dSDavid van MoolenbroekThe resolver configuration file contains information that is read 46*d642636dSDavid van Moolenbroekby the resolver routines the first time they are invoked by a process. 47*d642636dSDavid van MoolenbroekThe file is designed to be human readable and contains a list of 48*d642636dSDavid van Moolenbroekkeywords with values that provide various types of resolver information. 49*d642636dSDavid van Moolenbroek.Pp 50*d642636dSDavid van MoolenbroekOn a normally configured system this file should not be necessary. 51*d642636dSDavid van MoolenbroekThe only name server to be queried will be on the local machine, 52*d642636dSDavid van Moolenbroekthe domain name is determined from the host name, 53*d642636dSDavid van Moolenbroekand the domain search path is constructed from the domain name. 54*d642636dSDavid van Moolenbroek.Pp 55*d642636dSDavid van MoolenbroekThe different configuration options are: 56*d642636dSDavid van Moolenbroek.Bl -tag -width nameserver 57*d642636dSDavid van Moolenbroek.It Sy nameserver 58*d642636dSDavid van MoolenbroekIPv4 address 59*d642636dSDavid van Moolenbroek.Pq in dot notation 60*d642636dSDavid van Moolenbroekor IPv6 address 61*d642636dSDavid van Moolenbroek.Pq in hex-and-colon notation 62*d642636dSDavid van Moolenbroekof a name server that the resolver should query. 63*d642636dSDavid van MoolenbroekScoped IPv6 address notation is accepted as well 64*d642636dSDavid van Moolenbroek.Po 65*d642636dSDavid van Moolenbroeksee 66*d642636dSDavid van Moolenbroek.Xr inet6 4 67*d642636dSDavid van Moolenbroekfor details 68*d642636dSDavid van Moolenbroek.Pc . 69*d642636dSDavid van MoolenbroekUp to 70*d642636dSDavid van Moolenbroek.Dv MAXNS 71*d642636dSDavid van Moolenbroek(currently 3) name servers may be listed, 72*d642636dSDavid van Moolenbroekone per keyword. 73*d642636dSDavid van MoolenbroekIf there are multiple servers, 74*d642636dSDavid van Moolenbroekthe resolver library queries them in the order listed. 75*d642636dSDavid van MoolenbroekIf no 76*d642636dSDavid van Moolenbroek.Sy nameserver 77*d642636dSDavid van Moolenbroekentries are present, 78*d642636dSDavid van Moolenbroekthe default is to use the name server on the local machine. 79*d642636dSDavid van Moolenbroek(The algorithm used is to try a name server, and if the query times out, 80*d642636dSDavid van Moolenbroektry the next, until out of name servers, 81*d642636dSDavid van Moolenbroekthen repeat trying all the name servers 82*d642636dSDavid van Moolenbroekuntil a maximum number of retries are made). 83*d642636dSDavid van Moolenbroek.It Sy domain 84*d642636dSDavid van MoolenbroekLocal domain name. 85*d642636dSDavid van MoolenbroekMost queries for names within this domain can use short names 86*d642636dSDavid van Moolenbroekrelative to the local domain. 87*d642636dSDavid van MoolenbroekIf no 88*d642636dSDavid van Moolenbroek.Sy domain 89*d642636dSDavid van Moolenbroekentry is present, the domain is determined 90*d642636dSDavid van Moolenbroekfrom the local host name returned by 91*d642636dSDavid van Moolenbroek.Xr gethostname 3 ; 92*d642636dSDavid van Moolenbroekthe domain part is taken to be everything after the first 93*d642636dSDavid van Moolenbroek.Sq \&. . 94*d642636dSDavid van MoolenbroekFinally, if the host name does not contain a domain part, the root 95*d642636dSDavid van Moolenbroekdomain is assumed. 96*d642636dSDavid van Moolenbroek.It Sy lookup 97*d642636dSDavid van MoolenbroekThis keyword is now ignored: its function has been superseded by 98*d642636dSDavid van Moolenbroekfeatures of 99*d642636dSDavid van Moolenbroek.Xr nsswitch.conf 5 . 100*d642636dSDavid van Moolenbroek.Pp 101*d642636dSDavid van Moolenbroek.It Sy search 102*d642636dSDavid van MoolenbroekSearch list for host-name lookup. 103*d642636dSDavid van MoolenbroekThe search list is normally determined from the local domain name; 104*d642636dSDavid van Moolenbroekby default, it begins with the local domain name, then successive 105*d642636dSDavid van Moolenbroekparent domains that have at least two components in their names. 106*d642636dSDavid van MoolenbroekThis may be changed by listing the desired domain search path 107*d642636dSDavid van Moolenbroekfollowing the 108*d642636dSDavid van Moolenbroek.Sy search 109*d642636dSDavid van Moolenbroekkeyword with spaces or tabs separating 110*d642636dSDavid van Moolenbroekthe names. 111*d642636dSDavid van MoolenbroekMost resolver queries will be attempted using each component 112*d642636dSDavid van Moolenbroekof the search path in turn until a match is found. 113*d642636dSDavid van MoolenbroekNote that this process may be slow and will generate a lot of network 114*d642636dSDavid van Moolenbroektraffic if the servers for the listed domains are not local, 115*d642636dSDavid van Moolenbroekand that queries will time out if no server is available 116*d642636dSDavid van Moolenbroekfor one of the domains. 117*d642636dSDavid van Moolenbroek.Pp 118*d642636dSDavid van MoolenbroekThe search list is currently limited to six domains 119*d642636dSDavid van Moolenbroekwith a total of 1024 characters. 120*d642636dSDavid van Moolenbroek.It Sy sortlist 121*d642636dSDavid van MoolenbroekSortlist allows addresses returned by gethostbyname to 122*d642636dSDavid van Moolenbroekbe sorted. 123*d642636dSDavid van MoolenbroekA sortlist is specified by IP address netmask pairs. 124*d642636dSDavid van MoolenbroekThe netmask is optional and defaults to the natural 125*d642636dSDavid van Moolenbroeknetmask of the net. 126*d642636dSDavid van MoolenbroekThe IP address and optional network pairs are separated by 127*d642636dSDavid van Moolenbroekslashes. 128*d642636dSDavid van MoolenbroekUp to 10 pairs may be specified, ie. 129*d642636dSDavid van Moolenbroek.Pp 130*d642636dSDavid van Moolenbroek.Sy sortlist 130.155.160.0/255.255.240.0 130.155.0.0 131*d642636dSDavid van Moolenbroek.It Sy options 132*d642636dSDavid van MoolenbroekOptions allows certain internal resolver variables to be modified. 133*d642636dSDavid van MoolenbroekThe syntax is: 134*d642636dSDavid van Moolenbroek.Pp 135*d642636dSDavid van Moolenbroek.Sy options option ... 136*d642636dSDavid van Moolenbroek.Pp 137*d642636dSDavid van Moolenbroekwhere option is one of the following: 138*d642636dSDavid van Moolenbroek.Bl -tag -width no-check-names 139*d642636dSDavid van Moolenbroek.It Sy debug 140*d642636dSDavid van Moolenbroekenable debugging information, by setting RES_DEBUG in _res.options 141*d642636dSDavid van Moolenbroek(see 142*d642636dSDavid van Moolenbroek.Xr resolver 3 ) . 143*d642636dSDavid van Moolenbroek.It Sy ndots:n 144*d642636dSDavid van Moolenbroeksets a threshold for the number of dots which 145*d642636dSDavid van Moolenbroekmust appear in a name given to res_query (see 146*d642636dSDavid van Moolenbroek.Xr resolver 3 ) 147*d642636dSDavid van Moolenbroekbefore an initial absolute query will be made. 148*d642636dSDavid van MoolenbroekThe default for n is 1, meaning that if there are any 149*d642636dSDavid van Moolenbroekdots in a name, the name will be tried first as an absolute 150*d642636dSDavid van Moolenbroekname before any search list elements are appended to it. 151*d642636dSDavid van Moolenbroek.It Sy timeout:n 152*d642636dSDavid van Moolenbroeksets the amount of time the resolver will wait for a response from a remote 153*d642636dSDavid van Moolenbroekname server before retrying the query via a different name server. 154*d642636dSDavid van MoolenbroekMeasured in seconds, the default is 155*d642636dSDavid van Moolenbroek.Dv RES_TIMEOUT 156*d642636dSDavid van Moolenbroek(see 157*d642636dSDavid van Moolenbroek.Aq Pa resolv.h ) . 158*d642636dSDavid van Moolenbroek.It Sy attempts:n 159*d642636dSDavid van Moolenbroeksets the number of times the resolver will send a query to its name servers 160*d642636dSDavid van Moolenbroekbefore giving up and returning an error to the calling application. 161*d642636dSDavid van MoolenbroekThe default is 162*d642636dSDavid van Moolenbroek.Dv RES_DFLRETRY 163*d642636dSDavid van Moolenbroek(see 164*d642636dSDavid van Moolenbroek.Aq Pa resolv.h ) . 165*d642636dSDavid van Moolenbroek.It Sy rotate 166*d642636dSDavid van Moolenbroeksets 167*d642636dSDavid van Moolenbroek.Dv RES_ROTATE 168*d642636dSDavid van Moolenbroekin 169*d642636dSDavid van Moolenbroek.Ft _res.options , 170*d642636dSDavid van Moolenbroekwhich causes round robin selection of nameservers from among those listed. 171*d642636dSDavid van MoolenbroekThis has the effect of spreading the query load among all listed servers, 172*d642636dSDavid van Moolenbroekrather than having all clients try the first listed server first every time. 173*d642636dSDavid van Moolenbroek.It Sy no-check-names 174*d642636dSDavid van Moolenbroeksets 175*d642636dSDavid van Moolenbroek.Dv RES_NOCHECKNAME 176*d642636dSDavid van Moolenbroekin 177*d642636dSDavid van Moolenbroek.Ft _res.options , 178*d642636dSDavid van Moolenbroekwhich disables the modern BIND checking of incoming host names and mail names 179*d642636dSDavid van Moolenbroekfor invalid characters such as underscore 180*d642636dSDavid van Moolenbroek.Pq Sq _ , 181*d642636dSDavid van Moolenbroeknon-ASCII, or control characters. 182*d642636dSDavid van MoolenbroekThis is the default. 183*d642636dSDavid van Moolenbroek.It Sy check-names 184*d642636dSDavid van Moolenbroekclears 185*d642636dSDavid van Moolenbroek.Dv RES_NOCHECKNAME 186*d642636dSDavid van Moolenbroekin 187*d642636dSDavid van Moolenbroek.Ft _res.options , 188*d642636dSDavid van Moolenbroekwhich enables the modern BIND checking of incoming host names and mail names 189*d642636dSDavid van Moolenbroekas described above. 190*d642636dSDavid van Moolenbroek.It Sy edns0 191*d642636dSDavid van Moolenbroekattach OPT pseudo-RR for ENDS0 extension specified in RFC 2671, 192*d642636dSDavid van Moolenbroekto inform DNS server of our receive buffer size. 193*d642636dSDavid van MoolenbroekThe option will allow DNS servers to take advantage of non-default receive 194*d642636dSDavid van Moolenbroekbuffer size, and to send larger replies. 195*d642636dSDavid van MoolenbroekDNS query packets with EDNS0 extension is not compatible with 196*d642636dSDavid van Moolenbroeknon-EDNS0 DNS servers. 197*d642636dSDavid van MoolenbroekThe option must be used only when all the DNS servers listed in 198*d642636dSDavid van Moolenbroek.Sy nameserver 199*d642636dSDavid van Moolenbroeklines are able to handle EDNS0 extension. 200*d642636dSDavid van Moolenbroek.It Sy inet6 201*d642636dSDavid van Moolenbroekenable support for IPv6-only applications, by setting RES_USE_INET6 in 202*d642636dSDavid van Moolenbroek_res.options (see 203*d642636dSDavid van Moolenbroek.Xr resolver 3 ) . 204*d642636dSDavid van MoolenbroekThe option is meaningful with certain kernel configuration only and 205*d642636dSDavid van Moolenbroekuse of this option is discouraged. 206*d642636dSDavid van Moolenbroek.It Sy insecure1 207*d642636dSDavid van MoolenbroekDo not require IP source address on the reply packet to be equal to the 208*d642636dSDavid van Moolenbroekservers' address. 209*d642636dSDavid van Moolenbroek.It Sy insecure2 210*d642636dSDavid van MoolenbroekDo not check if the query section of the reply packet is equal 211*d642636dSDavid van Moolenbroekto that of the query packet. 212*d642636dSDavid van MoolenbroekFor testing purposes only. 213*d642636dSDavid van Moolenbroek.It Sy no-tld-query 214*d642636dSDavid van Moolenbroeksets 215*d642636dSDavid van Moolenbroek.Dv RES_NOTLDQUERY 216*d642636dSDavid van Moolenbroekin 217*d642636dSDavid van Moolenbroek.Ft _res.options . 218*d642636dSDavid van MoolenbroekThis option causes 219*d642636dSDavid van Moolenbroek.Fn res_nsearch 220*d642636dSDavid van Moolenbroekto not attempt to resolve a unqualified name as if it were a top level 221*d642636dSDavid van Moolenbroekdomain (TLD). 222*d642636dSDavid van MoolenbroekThis option can cause problems if the site has 223*d642636dSDavid van Moolenbroek.Dq localhost 224*d642636dSDavid van Moolenbroekas a TLD rather 225*d642636dSDavid van Moolenbroekthan having localhost on one or more elements of the search list. 226*d642636dSDavid van MoolenbroekThis option has no effect if neither 227*d642636dSDavid van Moolenbroek.Dv RES_DEFNAMES 228*d642636dSDavid van Moolenbroekor 229*d642636dSDavid van Moolenbroek.Dv RES_DNSRCH 230*d642636dSDavid van Moolenbroekis set. 231*d642636dSDavid van Moolenbroek.El 232*d642636dSDavid van Moolenbroek.El 233*d642636dSDavid van Moolenbroek.Pp 234*d642636dSDavid van MoolenbroekThe 235*d642636dSDavid van Moolenbroek.Sy domain 236*d642636dSDavid van Moolenbroekand 237*d642636dSDavid van Moolenbroek.Sy search 238*d642636dSDavid van Moolenbroekkeywords are mutually exclusive. 239*d642636dSDavid van MoolenbroekIf more than one instance of these keywords is present, 240*d642636dSDavid van Moolenbroekthe last instance will override. 241*d642636dSDavid van Moolenbroek.Pp 242*d642636dSDavid van MoolenbroekThe 243*d642636dSDavid van Moolenbroek.Sy search 244*d642636dSDavid van Moolenbroekkeyword of a system's 245*d642636dSDavid van Moolenbroek.Pa resolv.conf 246*d642636dSDavid van Moolenbroekfile can be overridden on a per-process basis by setting the 247*d642636dSDavid van Moolenbroekenvironment variable 248*d642636dSDavid van Moolenbroek.Ev LOCALDOMAIN 249*d642636dSDavid van Moolenbroekto a space-separated list of search domains. 250*d642636dSDavid van Moolenbroek.Pp 251*d642636dSDavid van MoolenbroekThe 252*d642636dSDavid van Moolenbroek.Sy options 253*d642636dSDavid van Moolenbroekkeyword of a system's 254*d642636dSDavid van Moolenbroek.Pa resolv.conf 255*d642636dSDavid van Moolenbroekfile can be amended on a per-process basis by setting the 256*d642636dSDavid van Moolenbroekenvironment variable 257*d642636dSDavid van Moolenbroek.Ev RES_OPTIONS 258*d642636dSDavid van Moolenbroekto a space-separated list of resolver options as explained above. 259*d642636dSDavid van Moolenbroek.Pp 260*d642636dSDavid van MoolenbroekThe keyword and value must appear on a single line, and the keyword 261*d642636dSDavid van Moolenbroek(e.g. 262*d642636dSDavid van Moolenbroek.Sy nameserver ) 263*d642636dSDavid van Moolenbroekmust start the line. 264*d642636dSDavid van MoolenbroekThe value follows the keyword, separated by white space. 265*d642636dSDavid van Moolenbroek.Sh FILES 266*d642636dSDavid van Moolenbroek.Bl -tag -width /etc/resolv.conf -compact 267*d642636dSDavid van Moolenbroek.It Pa /etc/resolv.conf 268*d642636dSDavid van MoolenbroekThe file 269*d642636dSDavid van Moolenbroek.Nm resolv.conf 270*d642636dSDavid van Moolenbroekresides in 271*d642636dSDavid van Moolenbroek.Pa /etc . 272*d642636dSDavid van Moolenbroek.El 273*d642636dSDavid van Moolenbroek.Sh SEE ALSO 274*d642636dSDavid van Moolenbroek.Xr gethostbyname 3 , 275*d642636dSDavid van Moolenbroek.Xr resolver 3 , 276*d642636dSDavid van Moolenbroek.Xr nsswitch.conf 5 , 277*d642636dSDavid van Moolenbroek.Xr hostname 7 , 278*d642636dSDavid van Moolenbroek.Xr named 8 , 279*d642636dSDavid van Moolenbroek.Xr resolvconf 8 280*d642636dSDavid van Moolenbroek.Rs 281*d642636dSDavid van Moolenbroek.%A Paul Vixie 282*d642636dSDavid van Moolenbroek.%A Kevin J. Dunlap 283*d642636dSDavid van Moolenbroek.%A Michael J. Karels 284*d642636dSDavid van Moolenbroek.%T "Name Server Operations Guide for BIND" 285*d642636dSDavid van Moolenbroek.%N Release 4.9.4 286*d642636dSDavid van Moolenbroek.%I CSRG , 287*d642636dSDavid van Moolenbroek.%I Department of Electrical Engineering and Computer Sciences , 288*d642636dSDavid van Moolenbroek.%I University of California, Berkeley 289*d642636dSDavid van Moolenbroek.%D July 16, 1996 290*d642636dSDavid van Moolenbroek.%U http://www.dns.net/dnsrd/docs/bog/bog.html 291*d642636dSDavid van Moolenbroek.Re 292*d642636dSDavid van Moolenbroek.Sh HISTORY 293*d642636dSDavid van MoolenbroekThe 294*d642636dSDavid van Moolenbroek.Nm resolv.conf 295*d642636dSDavid van Moolenbroekfile format appeared in 296*d642636dSDavid van Moolenbroek.Bx 4.3 . 297