ddns-confgen.html revision 7ae7246a6339bb3a79ffc9f2f9c486de9a2bf65e
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!--
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User - Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews -
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - Permission to use, copy, modify, and distribute this software for any
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein-->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!-- $Id: ddns-confgen.html,v 1.7 2009/06/17 01:12:48 tbox Exp $ -->
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User<html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<title>ddns-confgen</title>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews</head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="man.ddns-confgen"></a><div class="titlepage"></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refnamediv">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Name</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="application">ddns-confgen</span> &#8212; ddns key generation tool</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsynopsisdiv">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Synopsis</h2>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s name | -z zone</code>] [<code class="option">-q</code>] [name]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2543377"></a><h2>DESCRIPTION</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">ddns-confgen</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein generates a key for use by <span><strong class="command">nsupdate</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein and <span><strong class="command">named</strong></span>. It simplifies configuration
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein of dynamic zones by generating a key and providing the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">nsupdate</strong></span> and <span><strong class="command">named.conf</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein syntax that will be needed to use it, including an example
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">update-policy</strong></span> statement.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews If a domain name is specified on the command line, it will
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein be used in the name of the generated key and in the sample
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">named.conf</strong></span> syntax. For example,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">ddns-confgen example.com</strong></span> would
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein generate a key called "ddns-key.example.com", and sample
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">named.conf</strong></span> command that could be used
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein in the zone definition for "example.com".
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Note that <span><strong class="command">named</strong></span> itself can configure a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>.
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User <span><strong class="command">ddns-confgen</strong></span> is only needed when a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein more elaborate configuration is required: for instance, if
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">nsupdate</strong></span> is to be used from a remote system.
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User<a name="id2543436"></a><h2>OPTIONS</h2>
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User<div class="variablelist"><dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User<dd><p>
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User Specifies the algorithm to use for the TSIG key. Available
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User hmac-sha384 and hmac-sha512. The default is hmac-sha256.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User<dt><span class="term">-h</span></dt>
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User<dd><p>
d9184858dd5d7677050a813d444c281c56f697aaTinderbox User Prints a short summary of the options and arguments to
5d564da348e890e42f63eebf2dced9a05b41f4fbTinderbox User <span><strong class="command">ddns-confgen</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>
5d564da348e890e42f63eebf2dced9a05b41f4fbTinderbox User<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Specifies the key name of the DDNS authentication key.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The default is <code class="constant">ddns-key</code> when neither
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the <span><strong class="command">-s</strong></span> nor <span><strong class="command">-z</strong></span> option is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein specified; otherwise, the default
a1ad6695ed6f988406cf155aa26376f84f73bcb9Automatic Updater is <code class="constant">ddns-key</code> as a separate label
81199ce5ba7bd719add38189b06987e0a6e583a1Tinderbox User followed by the argument of the option, e.g.,
a1ad6695ed6f988406cf155aa26376f84f73bcb9Automatic Updater <code class="constant">ddns-key.example.com.</code>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater The key name must have the format of a valid domain name,
81199ce5ba7bd719add38189b06987e0a6e583a1Tinderbox User consisting of letters, digits, hyphens and periods.
2895f101b5585a19015ac2c2c1e1812ac467fa12Automatic Updater </p></dd>
81199ce5ba7bd719add38189b06987e0a6e583a1Tinderbox User<dt><span class="term">-q</span></dt>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Quiet mode: Print only the key, with no explanatory text or
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein usage examples.
81199ce5ba7bd719add38189b06987e0a6e583a1Tinderbox User </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
81199ce5ba7bd719add38189b06987e0a6e583a1Tinderbox User Specifies a source of random data for generating the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein authorization. If the operating system does not provide a
81199ce5ba7bd719add38189b06987e0a6e583a1Tinderbox User <code class="filename">/dev/random</code> or equivalent device, the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein default source of randomness is keyboard input.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="filename">randomdev</code> specifies the name of a
199045f81d2c312411fc0d6a6f8dc56968daa679Tinderbox User character device or file containing random data to be used
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein instead of the default. The special value
199045f81d2c312411fc0d6a6f8dc56968daa679Tinderbox User <code class="filename">keyboard</code> indicates that keyboard input
199045f81d2c312411fc0d6a6f8dc56968daa679Tinderbox User should be used.
199045f81d2c312411fc0d6a6f8dc56968daa679Tinderbox User </p></dd>
7208386cd37a2092c70eddf80cf29519b16c4c80Mark Andrews<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
507151045be68c671ffd4e2f37e17cdfa0376fc4Automatic Updater Self mode: The example <span><strong class="command">named.conf</strong></span> text
507151045be68c671ffd4e2f37e17cdfa0376fc4Automatic Updater shows how to set an update policy for the specified
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="replaceable"><code>name</code></em>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein using the "self" nametype, instead of the "subdomain"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein nametype which allows matching on any name within a
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews specified domain.
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews This option cannot be used with the <span><strong class="command">-z</strong></span> option.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein zone mode: The example <span><strong class="command">named.conf</strong></span> text
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein shows how to set an update policy for the specified
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews <em class="replaceable"><code>zone</code></em>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein using the "zonesub" nametype, allowing updates to all subdomain
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein names within
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews that <em class="replaceable"><code>zone</code></em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein This option cannot be used with the <span><strong class="command">-s</strong></span> option.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2543618"></a><h2>SEE ALSO</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2543656"></a><h2>AUTHOR</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="corpauthor">Internet Systems Consortium</span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div></body>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein