xref: /freebsd/contrib/unbound/doc/unbound.rst (revision df21a004be237a1dccd03c7b47254625eea62fa9) 
1..
2    WHEN EDITING MAKE SURE EACH SENTENCE STARTS ON A NEW LINE
3
4..
5    IT HELPS RENDERERS TO DO THE RIGHT THING WRT SPACE
6
7..
8    IT HELPS PEOPLE DIFFING THE CHANGES
9
10..
11    WHEN EDITING MAKE SURE EACH SENTENCE STARTS ON A NEW LINE
12
13..
14    IT HELPS RENDERERS TO DO THE RIGHT THING WRT SPACE
15
16..
17    IT HELPS PEOPLE DIFFING THE CHANGES
18
19..
20    WHEN EDITING MAKE SURE EACH SENTENCE STARTS ON A NEW LINE
21
22..
23    IT HELPS RENDERERS TO DO THE RIGHT THING WRT SPACE
24
25..
26    IT HELPS PEOPLE DIFFING THE CHANGES
27
28..
29    WHEN EDITING MAKE SURE EACH SENTENCE STARTS ON A NEW LINE
30
31..
32    IT HELPS RENDERERS TO DO THE RIGHT THING WRT SPACE
33
34..
35    IT HELPS PEOPLE DIFFING THE CHANGES
36
37.. program:: unbound
38
39unbound(8)
40==========
41
42Synopsis
43--------
44
45**unbound** [``-hdpv``] [``-c <cfgfile>``]
46
47Description
48-----------
49
50``unbound`` is a caching DNS resolver.
51
52It uses a built in list of authoritative nameservers for the root zone (``.``),
53the so called root hints.
54On receiving a DNS query it will ask the root nameservers for an answer and
55will in almost all cases receive a delegation to a top level domain (TLD)
56authoritative nameserver.
57It will then ask that nameserver for an answer.
58It will recursively continue until an answer is found or no answer is available
59(NXDOMAIN).
60For performance and efficiency reasons that answer is cached for a certain time
61(the answer's time-to-live or TTL).
62A second query for the same name will then be answered from the cache.
63Unbound can also do DNSSEC validation.
64
65To use a locally running Unbound for resolving put:
66
67.. code-block:: text
68
69   nameserver 127.0.0.1
70
71into *resolv.conf(5)*.
72
73If authoritative DNS is needed as well using :external+nsd:doc:`manpages/nsd`,
74careful setup is required because authoritative nameservers and resolvers are
75using the same port number (53).
76
77The available options are:
78
79.. option:: -h
80
81 Show the version number and commandline option help, and exit.
82
83.. option:: -c <cfgfile>
84
85   Set the config file with settings for unbound to read instead of reading the
86   file at the default location, :file:`@ub_conf_file@`.
87   The syntax is described in :doc:`unbound.conf(5)</manpages/unbound.conf>`.
88
89.. option:: -d
90
91   Debug flag: do not fork into the background, but stay attached to the
92   console.
93   This flag will also delay writing to the log file until the thread-spawn
94   time, so that most config and setup errors appear on stderr.
95   If given twice or more, logging does not switch to the log file or to
96   syslog, but the log messages are printed to stderr all the time.
97
98.. option:: -p
99
100   Don't use a pidfile.
101   This argument should only be used by supervision systems which can ensure
102   that only one instance of Unbound will run concurrently.
103
104.. option:: -v
105
106   Increase verbosity.
107   If given multiple times, more information is logged.
108   This is in addition to the verbosity (if any) from the config file.
109
110.. option:: -V
111
112   Show the version number and build options, and exit.
113
114See Also
115--------
116
117:doc:`unbound.conf(5)</manpages/unbound.conf>`,
118:doc:`unbound-checkconf(8)</manpages/unbound-checkconf>`,
119:external+nsd:doc:`manpages/nsd`.
120