--- /dev/null
+<?xml version='1.0'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+
+<!--
+ This file is part of systemd.
+
+ Copyright 2016 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+
+<refentry id="systemd-resolve"
+ xmlns:xi="http://www.w3.org/2001/XInclude">
+
+ <refentryinfo>
+ <title>systemd-resolve</title>
+ <productname>systemd</productname>
+
+ <authorgroup>
+ <author>
+ <contrib>Developer</contrib>
+ <firstname>Lennart</firstname>
+ <surname>Poettering</surname>
+ <email>lennart@poettering.net</email>
+ </author>
+ </authorgroup>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>systemd-resolve</refentrytitle>
+ <manvolnum>1</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>systemd-resolve</refname>
+ <refpurpose>Resolve domain names, IPV4 and IPv6 addresses, DNS resource records, and services</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis>
+ <command>systemd-resolve</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <arg choice="plain" rep="repeat"><replaceable>HOSTNAME</replaceable></arg>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>systemd-resolve</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <arg choice="plain" rep="repeat"><replaceable>ADDRESS</replaceable></arg>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>systemd-resolve</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <command>--type=<replaceable>TYPE</replaceable></command>
+ <arg choice="plain" rep="repeat"><replaceable>RRDOMAIN</replaceable></arg>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>systemd-resolve</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <command>--service</command>
+ <arg choice="plain"><arg choice="opt"><arg choice="opt"><replaceable>NAME</replaceable></arg>
+ <replaceable>TYPE</replaceable></arg> <replaceable>DOMAIN</replaceable></arg>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>systemd-resolve</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <command>--statistics</command>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>systemd-resolve</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <command>--reset-statistics</command>
+ </cmdsynopsis>
+
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>Description</title>
+
+ <para><command>systemd-resolve</command> may be used to resolve domain names, IPv4 and IPv6 addresses, DNS resource
+ records and services with the
+ <citerefentry><refentrytitle>systemd-resolved.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ resolver service. By default, the specified list of parameters will be resolved as hostnames, retrieving their IPv4
+ and IPv6 addresses. If the parameters specified are formatted as IPv4 or IPv6 operation the reverse operation is
+ done, and a hostname is retrieved for the specified addresses.</para>
+
+ <para>The <option>--type=</option> switch may be used to specify a DNS resource record type (A, AAAA, SOA, MX, ...) in
+ order to request a specific DNS resource record, instead of the address or reverse address lookups.</para>
+
+ <para>The <option>--service</option> switch may be used to resolve <ulink
+ url="https://tools.ietf.org/html/rfc2782">SRV</ulink> and <ulink
+ url="https://tools.ietf.org/html/rfc6763">DNS-SD</ulink> services (see below). In this mode, between one and three
+ arguments are required. If three parameters are passed the first is assumed to be the DNS-SD service name, the
+ second the SRV service type, and the third the domain to search in. In this case a full DNS-SD style SRV and TXT
+ lookup is executed. If only two parameters are specified, the first is assumed to be the SRV service type, and the
+ second the domain to look in. In this case no TXT RR is requested. Finally, if only one parameter is specified, it
+ is assumed to be a domain name, that is already prefixed with an SRV type, and an SRV lookup is done (no
+ TXT).</para>
+
+ <para>The <option>--statistics</option> switch may be used to show resolver statistics, including information about
+ the number of succesful and failed DNSSEC validations.</para>
+
+ <para>The <option>--reset-statistics</option> may be used to reset various statistics counters maintained the
+ resolver, including those shown in the <option>--statistics</option> output. This operation requires root
+ privileges.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>Options</title>
+ <variablelist>
+ <varlistentry>
+ <term><option>-4</option></term>
+ <term><option>-6</option></term>
+
+ <listitem><para>By default, when resolving a hostname, both IPv4 and IPv6
+ addresses are acquired. By specifying <option>-4</option> only IPv4 addresses are requested, by specifying
+ <option>-6</option> only IPv6 addresses are requested.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-i</option> <replaceable>INTERFACE</replaceable></term>
+ <term><option>--interface=</option><replaceable>INTERFACE</replaceable></term>
+
+ <listitem><para>Specifies the network interface to execute the query on. This may either be specified as numeric
+ interface index or as network interface string (e.g. <literal>en0</literal>). Note that this option has no
+ effect if system-wide DNS configuration (as configured in <filename>/etc/resolv.conf</filename> or
+ <filename>/etc/systemd/resolve.conf</filename>) in place of per-link configuration is used.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-p</option> <replaceable>PROTOCOL</replaceable></term>
+ <term><option>--protocol=</option><replaceable>PROTOCOL</replaceable></term>
+
+ <listitem><para>Specifies the network protocol for the query. May be one of <literal>dns</literal>
+ (i.e. classic unicast DNS), <literal>llmnr</literal> (<ulink
+ url="https://tools.ietf.org/html/rfc4795">Link-Local Multicast Name Resolution</ulink>),
+ <literal>llmr-ipv4</literal>, <literal>llmnr-ipv6</literal> (LLMNR via the indicated underlying IP
+ protocols). By default the lookup is done via all protocols suitable for the lookup. If used, limits the set of
+ protocols that may be used. Use this option multiple times to enable resolving via multiple protocols at the
+ same time. The setting <literal>llmnr</literal> is identical to specifying this switch once with
+ <literal>llmnr-ipv4</literal> and once via <literal>llmnr-ipv6</literal>. Note that this option does not force
+ the service to resolve the operation with the specified protocol, as that might require a suitable network
+ interface and configuration.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-t</option> <replaceable>TYPE</replaceable></term>
+ <term><option>--type=</option><replaceable>TYPE</replaceable></term>
+ <term><option>-c</option> <replaceable>CLASS</replaceable></term>
+ <term><option>--class=</option><replaceable>CLASS</replaceable></term>
+
+ <listitem><para>Specifies the DNS resource record type (e.g. A, AAAA, MX, …) and class (e.g. IN, ANY, …) to
+ look up. If these options are used a DNS resource record set matching the specified class and type is
+ requested. The class defaults to IN if only a type is specified.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--service</option></term>
+
+ <listitem><para>Enables service resolution. This enables DNS-SD and simple SRV service resolution, dependending
+ on the specified list of parameters (see above).</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--service-address=</option><replaceable>BOOL</replaceable></term>
+
+ <listitem><para>Takes a boolean parameter. If true (the default), when doing a service lookup with
+ <option>--service</option> the hostnames contained in the SRV resource records are resolved as well.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--service-txt=</option><replaceable>BOOL</replaceable></term>
+
+ <listitem><para>Takes a boolean parameter. If true (the default), when doing a DNS-SD service lookup with
+ <option>--service</option> the TXT service metadata record is resolved as well.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--cname=</option><replaceable>BOOL</replaceable></term>
+
+ <listitem><para>Takes a boolean parameter. If true (the default), DNS CNAME or DNAME redirections are
+ followed. Otherwise, if a CNAME or DNAME record is encountered while resolving, an error is
+ returned.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--search=</option><replaceable>BOOL</replaceable></term>
+
+ <listitem><para>Takes a boolean parameter. If true (the default), any specified single-label hostnames will be
+ searched in the domains configured in the search domain list, if it is non-empty. Otherwise, the search domain
+ logic is disabled.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--legend=</option><replaceable>BOOL</replaceable></term>
+
+ <listitem><para>Takes a boolean parameter. If true (the default), column headers and meta information about the
+ query response are shown. Otherwise, this output is suppressed.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--statistics</option></term>
+
+ <listitem><para>If specified general resolver statistics are shown, including information whether DNSSEC is
+ enabled and available, as well as resolution and validation statistics.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--reset-statistics</option></term>
+
+ <listitem><para>Resets the statistics counters shown in <option>--statistics</option> to zero.</para></listitem>
+ </varlistentry>
+
+ <xi:include href="standard-options.xml" xpointer="help" />
+ <xi:include href="standard-options.xml" xpointer="version" />
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>Examples</title>
+
+ <example>
+ <title>Retrieve the addresses of the <literal>www.0pointer.net</literal> domain</title>
+
+ <programlisting>$ systemd-resolve www.0pointer.net</programlisting>
+ </example>
+
+ <example>
+ <title>Retrieve the domain of the <literal>85.214.157.71</literal> IP address</title>
+
+ <programlisting>$ systemd-resolve 85.214.157.71</programlisting>
+ </example>
+
+ <example>
+ <title>Retrieve the MX record of the <literal>0pointer.net</literal> domain</title>
+
+ <programlisting>$ systemd-resolve -t MX 0pointer.net</programlisting>
+ </example>
+
+ <example>
+ <title>Resolve an SRV service</title>
+
+ <programlisting>$ systemd-resolve --service _xmpp-server._tcp gmail.com</programlisting>
+ </example>
+
+ </refsect1>
+
+ <refsect1>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-resolved.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+</refentry>
<refsect1>
<title>Description</title>
- <para><command>systemd-resolved</command> is a system service that
- manages network name resolution. It implements a caching DNS stub
- resolver and an LLMNR resolver and responder. It also generates
- <filename>/run/systemd/resolve/resolv.conf</filename> for
- compatibility which may be symlinked from
- <filename>/etc/resolv.conf</filename>. The glibc NSS module
- <citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- is necessary to allow libc's NSS resolver functions to resolve
- host names via <command>systemd-resolved</command>.</para>
+ <para><command>systemd-resolved</command> is a system service that provides network name resolution to local
+ applications. It implements a caching and validating DNS/DNSSEC stub resolver, as well as an LLMNR resolver and
+ responder. In addition it maintains the <filename>/run/systemd/resolve/resolv.conf</filename> file for
+ compatibility with traditional Linux programs. This file may be symlinked from
+ <filename>/etc/resolv.conf</filename>.</para>
+
+ <para>The glibc NSS module
+ <citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry> is required to
+ permit glibc's NSS resolver functions to resolve host names via <command>systemd-resolved</command>.</para>
<para>The DNS servers contacted are determined from the global
settings in <filename>/etc/systemd/resolved.conf</filename>, the
<itemizedlist>
<listitem><para>Lookups for the special hostname
<literal>localhost</literal> are never routed to the
- network.</para></listitem>
+ network. (A few other, special domains are handled the same way.)</para></listitem>
<listitem><para>Single-label names are routed to all local
interfaces capable of IP multicasting, using the LLMNR
per-interface domains are exclusively routed to the matching
interfaces.</para>
- <para>Note that
- <filename>/run/systemd/resolve/resolv.conf</filename> should not
- be used directly, but only through a symlink from
- <filename>/etc/resolv.conf</filename>.</para>
+ <para>Note that <filename>/run/systemd/resolve/resolv.conf</filename> should not be used directly by applications,
+ but only through a symlink from <filename>/etc/resolv.conf</filename>.</para>
</refsect1>
<refsect1>
<citerefentry><refentrytitle>resolved.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>dnssec-trust-anchors.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-resolve</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
projects / thirdparty / systemd.git / commitdiff
