named-checkzone.html revision b0e8629055a766d4555a005a283c2889a5974945
3e240d6559605696cadf630668683708b18de871Tinderbox User - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - Copyright (C) 2000-2002 Internet Software Consortium.
689023771c563d8660e45d439a207e06e96de28fMark Andrews - Permission to use, copy, modify, and distribute this software for any
689023771c563d8660e45d439a207e06e96de28fMark Andrews - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
689023771c563d8660e45d439a207e06e96de28fMark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
689023771c563d8660e45d439a207e06e96de28fMark Andrews - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
689023771c563d8660e45d439a207e06e96de28fMark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
689023771c563d8660e45d439a207e06e96de28fMark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
689023771c563d8660e45d439a207e06e96de28fMark Andrews - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
689023771c563d8660e45d439a207e06e96de28fMark Andrews - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!-- $Id: named-checkzone.html,v 1.38 2007/01/30 00:24:59 marka Exp $ -->
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="man.named-checkzone"></a><div class="titlepage"></div>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> — zone file validity checking or converting tool</p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">named-checkzone</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein checks the syntax and integrity of a zone file. It performs the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein same checks as <span><strong class="command">named</strong></span> does when loading a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein zone. This makes <span><strong class="command">named-checkzone</strong></span> useful for
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User checking zone files before configuring them into a name server.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <span><strong class="command">named-compilezone</strong></span> is similar to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">named-checkzone</strong></span>, but it always dumps the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein zone contents to a specified file in a specified format.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Additionally, it applies stricter check levels by default,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein since the dump output will be used as an actual zone file
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein loaded by <span><strong class="command">named</strong></span>.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User When manaully specified otherwise, the check levels must at
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User least be as strict as those specified in the
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <span><strong class="command">named</strong></span> configuration file.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Enable debugging.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Quiet mode - exit code only.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Print the version of the <span><strong class="command">named-checkzone</strong></span>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User program and exit.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein When loading the zone file read the journal if it exists.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Specify the class of the zone. If not specified "IN" is assumed.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt>
00124ad0406365d39f4b2d1011ef6a76706e9df0Mark Andrews Perform post load zone integrity checks. Possible modes are
3b4098640dd85040270f39b9a5ee5e22de99d3d6Mark Andrews <span><strong class="command">"full"</strong></span> (default),
88a2182a1ad4fc7af07272af6b05b74db7f28e52Tinderbox User <span><strong class="command">"full-sibling"</strong></span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"local"</strong></span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"local-sibling"</strong></span> and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"none"</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Mode <span><strong class="command">"full"</strong></span> checks that MX records
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein refer to A or AAAA record (both in-zone and out-of-zone
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein hostnames). Mode <span><strong class="command">"local"</strong></span> only
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein checks MX records which refer to in-zone hostnames.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Mode <span><strong class="command">"full"</strong></span> checks that SRV records
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein refer to A or AAAA record (both in-zone and out-of-zone
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User hostnames). Mode <span><strong class="command">"local"</strong></span> only
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User checks SRV records which refer to in-zone hostnames.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Mode <span><strong class="command">"full"</strong></span> checks that delegation NS
aa6c5a3e331958d3c92c2facdbd2b8daa55b5959Tinderbox User records refer to A or AAAA record (both in-zone and out-of-zone
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein hostnames). It also checks that glue addresses records
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein in the zone match those advertised by the child.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Mode <span><strong class="command">"local"</strong></span> only checks NS records which
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User refer to in-zone hostnames or that some required glue exists,
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User that is when the nameserver is in a child zone.
aa6c5a3e331958d3c92c2facdbd2b8daa55b5959Tinderbox User Mode <span><strong class="command">"full-sibling"</strong></span> and
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater <span><strong class="command">"local-sibling"</strong></span> disable sibling glue
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater checks but are otherwise the same as <span><strong class="command">"full"</strong></span>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User and <span><strong class="command">"local"</strong></span> respectively.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Mode <span><strong class="command">"none"</strong></span> disables the checks.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Specify the format of the zone file.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Possible formats are <span><strong class="command">"text"</strong></span> (default)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein and <span><strong class="command">"raw"</strong></span>.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Specify the format of the output file specified.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Possible formats are <span><strong class="command">"text"</strong></span> (default)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein and <span><strong class="command">"raw"</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein For <span><strong class="command">named-checkzone</strong></span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein this does not cause any effects unless it dumps the zone
4f6469885c3d66367e3f8fb94e1f3c66115990b0Mark Andrews<dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Perform <span><strong class="command">"check-names"</strong></span> checks with the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein specified failure mode.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Possible modes are <span><strong class="command">"fail"</strong></span>
4f6469885c3d66367e3f8fb94e1f3c66115990b0Mark Andrews (default for <span><strong class="command">named-compilezone</strong></span>),
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"warn"</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein (default for <span><strong class="command">named-checkzone</strong></span>) and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"ignore"</strong></span>.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Specify whether MX records should be checked to see if they
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein are addresses. Possible modes are <span><strong class="command">"fail"</strong></span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"warn"</strong></span> (default) and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"ignore"</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Check if a MX record refers to a CNAME.
fc74b733bf679e1b3fb1599e32d445dffe325208Tinderbox User Possible modes are <span><strong class="command">"fail"</strong></span>,
fc74b733bf679e1b3fb1599e32d445dffe325208Tinderbox User <span><strong class="command">"warn"</strong></span> (default) and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"ignore"</strong></span>.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Specify whether NS records should be checked to see if they
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User are addresses.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Possible modes are <span><strong class="command">"fail"</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein (default for <span><strong class="command">named-compilezone</strong></span>),
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"warn"</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein (default for <span><strong class="command">named-checkzone</strong></span>) and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"ignore"</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Write zone output to <code class="filename">filename</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein This is mandatory for <span><strong class="command">named-compilezone</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Specify the style of the dumped zone file.
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User Possible styles are <span><strong class="command">"full"</strong></span> (default)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein and <span><strong class="command">"relative"</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The full format is most suitable for processing
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein automatically by a separate script.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein On the other hand, the relative format is more
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein human-readable and is thus suitable for editing by hand.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein For <span><strong class="command">named-checkzone</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein this does not cause any effects unless it dumps the zone
4a71c59d2bf32585c5dd18f4630d5f10e56a1ab3Automatic Updater It also does not have any meaning if the output format
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein is not text.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Check if a SRV record refers to a CNAME.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Possible modes are <span><strong class="command">"fail"</strong></span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"warn"</strong></span> (default) and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">"ignore"</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
517ae3de96aaf870049c52f1224e38a85fe7f21aAutomatic Updater chroot to <code class="filename">directory</code> so that
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein directives in the configuration file are processed as if
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein run by a similarly chrooted named.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein chdir to <code class="filename">directory</code> so that
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein filenames in master file $INCLUDE directives work. This
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein is similar to the directory clause in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Dump zone file in canonical format.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein This is always enabled for <span><strong class="command">named-compilezone</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Specify whether to check for non-terminal wildcards.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Non-terminal wildcards are almost always the result of a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein failure to understand the wildcard matching algorithm (RFC 1034).
47012ae6dbf18a2503d7b33c1c9583dc38625cb7Mark Andrews Possible modes are <span><strong class="command">"warn"</strong></span> (default)
89bc48260b64a8859ae717e9e5bae380e275fef4Mark Andrews <span><strong class="command">"ignore"</strong></span>.
79cf9524b15ca65f55fd6913e6cf01b5581c588aAutomatic Updater The domain name of the zone being checked.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The name of the zone file.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">named-checkzone</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein returns an exit status of 1 if
3a3705ef7747327df182bf8d009333d2472253d5Mark Andrews errors were detected and 0 otherwise.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="corpauthor">Internet Systems Consortium</span>