Skip to content

[pull] master from NLnetLabs:master #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pull merged 1 commit into from
Feb 20, 2026
Merged

[pull] master from NLnetLabs:master #73

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions doc/ChangeLog
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
20 February 2026: Wouter
- Fix man page for ip-address, add text about process numbers,
bindtodevice and setfib.

16 February 2026: Willem
- Merge #472: Reduce memory usage with zones with RRsets
consisting of many RRs.
Expand Down
22 changes: 18 additions & 4 deletions nsd.conf.5.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,16 +105,19 @@ clause. There may only be one
.B server:
clause.
.TP
.B ip\-address:\fR <ip4 or ip6>[@port] [servers] [bindtodevice] [setfib]
.B ip\-address:\fR <ip4 or ip6 or interface\-name>[@port] [servers] [bindtodevice] [setfib]
NSD will bind to the listed ip\-address. Can be given multiple times
to bind multiple ip\-addresses. Optionally, a port number can be given.
If none are given NSD listens to the wildcard interface. Same as command-line option
.BR \-a.
.sp
To limit which NSD server(s) listen on the given interface, specify one or
more servers separated by whitespace after <ip>[@port]. Ranges can be used as
more servers separated by whitespace after <ip>[@port].
The NSD server has number 1 to server\-count processes to serve queries.
This specifies the server processes by number that handle the ip\-address.
Ranges can be used as
a shorthand to specify multiple consecutive servers. By default every server
will listen.
will listen and handle traffic for this.
.sp
If an interface name is used instead of ip4 or ip6, the list of IP addresses
associated with that interface is picked up and used at server start.
Expand All @@ -126,8 +129,19 @@ address of 0.0.0.0 then the kernel picks an ip-address with which to
send to the internet, and it picks the wrong one. Typically needed for
anycast instances. Use ip-transparent to be able to list addresses that
turn on later (typical for certain load-balancing).
.sp
The bindtodevice option looks for the device for the address, and then
uses SO_BINDTODEVICE to bind the socket to the device. This is used as a
performance optimisation. And it allows the network socket to connect
directly to the network device. This speeds up the network stack processing.
The socket only processes packets received from that interface.
.sp
The setfib option uses the SO_SETFIB socket option so that the fib from
getaddrinfo for the address is set on the socket. This associates the FIB,
the routing table, from the interface for the socket. That bypasses the
routing selection for traffic. It is used as a performance optimisation.
.TP
.B interface:\fR <ip4 or ip6>[@port] [servers] [bindtodevice] [setfib]
.B interface:\fR <ip4 or ip6 or interface\-name>[@port] [servers] [bindtodevice] [setfib]
Same as ip\-address (for ease of compatibility with unbound.conf).
.TP
.B ip\-transparent:\fR <yes or no>
Expand Down
Loading