named-checkzone.html revision 285254345ce5ab270848f8c11f7be146793f1e00
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC")
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - Copyright (C) 2000-2002 Internet Software Consortium.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - Permission to use, copy, modify, and distribute this software for any
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - purpose with or without fee is hereby granted, provided that the above
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - copyright notice and this permission notice appear in all copies.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
6ec499054450c5e0fd69d78961deef46985ba363Brian Wellington - PERFORMANCE OF THIS SOFTWARE.
6ec499054450c5e0fd69d78961deef46985ba363Brian Wellington<!-- $Id: named-checkzone.html,v 1.34 2006/08/31 00:19:51 marka Exp $ -->
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<meta name="generator" content="DocBook XSL Stylesheets V1.70.1">
6ec499054450c5e0fd69d78961deef46985ba363Brian Wellington<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<a name="man.named-checkzone"></a><div class="titlepage"></div>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> — zone file validity checking or converting tool</p>
6ec499054450c5e0fd69d78961deef46985ba363Brian Wellington<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
6ec499054450c5e0fd69d78961deef46985ba363Brian Wellington<a name="id2549722"></a><h2>DESCRIPTION</h2>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<p><span><strong class="command">named-checkzone</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington checks the syntax and integrity of a zone file. It performs the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington same checks as <span><strong class="command">named</strong></span> does when loading a
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington zone. This makes <span><strong class="command">named-checkzone</strong></span> useful for
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington checking zone files before configuring them into a name server.
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <span><strong class="command">named-compilezone</strong></span> is similar to
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">named-checkzone</strong></span>, but it always dumps the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington zone contents to a specified file in a specified format.
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington Additionally, it applies stricter check levels by default,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington since the dump output will be used as an actual zone file
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington loaded by <span><strong class="command">named</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington When manaully specified otherwise, the check levels must at
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington least be as strict as those specified in the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">named</strong></span> configuration file.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Enable debugging.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Quiet mode - exit code only.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Print the version of the <span><strong class="command">named-checkzone</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington program and exit.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington When loading the zone file read the journal if it exists.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Specify the class of the zone. If not specified "IN" is assumed.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Perform post load zone integrity checks. Possible modes are
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"full"</strong></span> (default),
6ec499054450c5e0fd69d78961deef46985ba363Brian Wellington <span><strong class="command">"full-sibling"</strong></span>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"local"</strong></span>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"local-sibling"</strong></span> and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"none"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Mode <span><strong class="command">"full"</strong></span> checks that MX records
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington refer to A or AAAA record (both in-zone and out-of-zone
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington hostnames). Mode <span><strong class="command">"local"</strong></span> only
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington checks MX records which refer to in-zone hostnames.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Mode <span><strong class="command">"full"</strong></span> checks that SRV records
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington refer to A or AAAA record (both in-zone and out-of-zone
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington hostnames). Mode <span><strong class="command">"local"</strong></span> only
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington checks SRV records which refer to in-zone hostnames.
6ec499054450c5e0fd69d78961deef46985ba363Brian Wellington Mode <span><strong class="command">"full"</strong></span> checks that delegation NS
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington records refer to A or AAAA record (both in-zone and out-of-zone
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington hostnames). It also checks that glue addresses records
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington in the zone match those advertised by the child.
6ec499054450c5e0fd69d78961deef46985ba363Brian Wellington Mode <span><strong class="command">"local"</strong></span> only checks NS records which
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington refer to in-zone hostnames or that some required glue exists,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington that is when the nameserver is in a child zone.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Mode <span><strong class="command">"full-sibling"</strong></span> and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"local-sibling"</strong></span> disable sibling glue
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington checks but are otherwise the same as <span><strong class="command">"full"</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington and <span><strong class="command">"local"</strong></span> respectively.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Mode <span><strong class="command">"none"</strong></span> disables the checks.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Specify the format of the zone file.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Possible formats are <span><strong class="command">"text"</strong></span> (default)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington and <span><strong class="command">"raw"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Specify the format of the output file specified.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Possible formats are <span><strong class="command">"text"</strong></span> (default)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington and <span><strong class="command">"raw"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington For <span><strong class="command">named-checkzone</strong></span>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington this does not cause any effects unless it dumps the zone
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Perform <span><strong class="command">"check-name"</strong></span> checks with the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington specified failure mode.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Possible modes are <span><strong class="command">"fail"</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington (default for <span><strong class="command">named-compilezone</strong></span>),
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"warn"</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington (default for <span><strong class="command">named-checkzone</strong></span>) and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"ignore"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Specify whether MX records should be checked to see if they
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington are addresses. Possible modes are <span><strong class="command">"fail"</strong></span>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"warn"</strong></span> (default) and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"ignore"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Check if a MX record refers to a CNAME.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Possible modes are <span><strong class="command">"fail"</strong></span>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"warn"</strong></span> (default) and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"ignore"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Specify whether NS records should be checked to see if they
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington are addresses.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Possible modes are <span><strong class="command">"fail"</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington (default for <span><strong class="command">named-compilezone</strong></span>),
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"warn"</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington (default for <span><strong class="command">named-checkzone</strong></span>) and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"ignore"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Write zone output to <code class="filename">filename</code>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington This is mandatory for <span><strong class="command">named-compilezone</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Specify the style of the dumped zone file.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Possible styles are <span><strong class="command">"full"</strong></span> (default)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington and <span><strong class="command">"relative"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington The full format is most suitable for processing
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington automatically by a separate script.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington On the other hand, the relative format is more
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington human-readable and is thus suitable for editing by hand.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington For <span><strong class="command">named-checkzone</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington this does not cause any effects unless it dumps the zone
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington It also does not have any meaning if the output format
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Check if a SRV record refers to a CNAME.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Possible modes are <span><strong class="command">"fail"</strong></span>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"warn"</strong></span> (default) and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"ignore"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington chroot to <code class="filename">directory</code> so that
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington directives in the configuration file are processed as if
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington run by a similarly chrooted named.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington chdir to <code class="filename">directory</code> so that
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington filenames in master file $INCLUDE directives work. This
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington is similar to the directory clause in
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Dump zone file in canonical format.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington This is always enabled for <span><strong class="command">named-compilezone</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Specify whether to check for non-terminal wildcards.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Non-terminal wildcards are almost always the result of a
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington failure to understand the wildcard matching algorithm (RFC 1034).
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Possible modes are <span><strong class="command">"warn"</strong></span> (default)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <span><strong class="command">"ignore"</strong></span>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington The domain name of the zone being checked.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington The name of the zone file.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<a name="id2550425"></a><h2>RETURN VALUES</h2>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<p><span><strong class="command">named-checkzone</strong></span>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington returns an exit status of 1 if
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington errors were detected and 0 otherwise.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<p><span class="corpauthor">Internet Systems Consortium</span>