bin/nsupdate/nsupdate.docbook

	nsupdate.docbook revision 0af994c26ff2462f9186ce0d694c37a4bcbd971d
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox User<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
6c2a76b3e2ccd32c35814b6e0f54da00190749d7Evan Hunt<!--
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater - Copyright (C) 2001  Internet Software Consortium.
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User -
19558a04decde0e7261d489d92d04ad88104217bTinderbox User - Permission to use, copy, modify, and distribute this software for any
2fee8782a6fd57d86a67949092ab9197111af390Evan Hunt - purpose with or without fee is hereby granted, provided that the above
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - copyright notice and this permission notice appear in all copies.
969eaf7df8ac651946f76b6631ff5db568c11ef6Tinderbox User -
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
f4ee48be3994797a8332b86c101db4d7b54799ceTinderbox User - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User - INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
8de3f14f1c300c3e1ed99084cc03485b42c92bf1Tinderbox User - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User - WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews-->
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<!-- $Id: nsupdate.docbook,v 1.6 2001/07/02 18:48:26 gson Exp $ -->
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews<refentry>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<refentryinfo>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<date>Jun 30, 2000</date>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews</refentryinfo>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<refmeta>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<refentrytitle>nsupdate</refentrytitle>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<manvolnum>8</manvolnum>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<refmiscinfo>BIND9</refmiscinfo>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews</refmeta>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<refnamediv>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<refname>nsupdate</refname>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<refpurpose>Dynamic DNS update utility</refpurpose>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews</refnamediv>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<refsynopsisdiv>
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews<cmdsynopsis>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<command>nsupdate</command>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<arg><option>-d</option></arg>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<group>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User  <arg><option>-y <replaceable class="parameter">keyname:secret</replaceable></option></arg>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews  <arg><option>-k <replaceable class="parameter">keyfile</replaceable></option></arg>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User</group>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<arg><option>-v</option></arg>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<arg>filename</arg>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews</cmdsynopsis>
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User</refsynopsisdiv>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt<refsect1>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<title>DESCRIPTION</title>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<para>
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt<command>nsupdate</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsis used to submit Dynamic DNS Update requests as defined in RFC2136
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsto a name server.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThis allows resource records to be added or removed from a zone
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Huntwithout manually editing the zone file.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsA single update request can contain requests to add or remove more than one
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsresource record.
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt</para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsZones that are under dynamic control via
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<command>nsupdate</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsor a DHCP server should not be edited by hand.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsManual edits could
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updaterconflict with dynamic updates and cause data to be lost.
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews</para>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<para>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsThe resource records that are dynamically added or removed with
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<command>nsupdate</command>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updaterhave to be in the same zone.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsRequests are sent to the zone's master server.
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsThis is identified by the MNAME field of the zone's SOA record.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt</para>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThe
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<option>-d</option>
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrewsoption makes
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<command>nsupdate</command>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewsoperate in debug mode.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntThis provides tracing information about the update requests that are
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsmade and the replies received from the name server.
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User</para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<para>
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark AndrewsTransaction signatures can be used to authenticate the Dynamic DNS
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrewsupdates.
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark AndrewsThese use the TSIG resource record type described in RFC2845.
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark AndrewsThe signatures rely on a shared secret that should only be known to
2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt<command>nsupdate</command>
2ae159b376dac23870d8005563c585acf85a4b5aEvan Huntand the name server.
2ae159b376dac23870d8005563c585acf85a4b5aEvan HuntCurrently, the only supported encryption algorithm for TSIG is
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsHMAC-MD5, which is defined in RFC 2104.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntOnce other algorithms are defined for TSIG, applications will need to
2ae159b376dac23870d8005563c585acf85a4b5aEvan Huntensure they select the appropriate algorithm as well as the key when
7cc0a5d21ef046bfd630c4769943d896a7d7472cTinderbox Userauthenticating each other.
e76dfff967cfbe00f4d1540434832e4499a9cd83Tinderbox UserFor instance suitable
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<type>key</type>
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox Userand
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User<type>server</type>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewsstatements would be added to
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User<filename>/etc/named.conf</filename>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewsso that the name server can associate the appropriate secret key
8f4e6ea383aa9a953c0adb5be6c4d8dc8dbd5c4aWitold Krecickiand algorithm with the IP address of the
3bd8b5a8fb126e45c67ff53b68183c889cc27918Tinderbox Userclient application that will be using TSIG authentication.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<command>nsupdate</command>
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrewsdoes not read
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<filename>/etc/named.conf</filename>.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</para>
aef6cf0f147a5014d4891c9689b9f463399e16e7Tinderbox User<para>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<command>nsupdate</command>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Useruses the
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson<option>-y</option>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Useror
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<option>-k</option>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Huntoption to provide the shared secret needed to generate a TSIG record
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsfor authenticating Dynamic DNS update requests.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserThese options are mutually exclusive.
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark AndrewsWith the
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<option>-k</option>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Huntoption,
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<command>nsupdate</command>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Userreads the shared secret from the file
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson<parameter>keyfile</parameter>,
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Userwhose name is of the form
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<filename>K{name}.+157.+{random}.private</filename>.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntFor historical
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsreasons, the file
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<filename>K{name}.+157.+{random}.key</filename>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafssonmust also be present.  When the
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<option>-y</option>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewsoption is used, a signature is generated from
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<parameter>keyname:secret.</parameter>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<parameter>keyname</parameter>
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrewsis the name of the key,
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsand
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<parameter>secret</parameter>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsis the base64 encoded shared secret.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsUse of the
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<option>-y</option>
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrewsoption is discouraged because the shared secret is supplied as a command
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsline argument in clear text.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThis may be visible in the output from
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews<citerefentry>
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont<refentrytitle>ps</refentrytitle><manvolnum>1
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</manvolnum>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</citerefentry>
2a31bd531072824ef252c18303859d6af7451b00Francis Dupontor in a history file maintained by the user's shell.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews</para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<para>
8f4e6ea383aa9a953c0adb5be6c4d8dc8dbd5c4aWitold KrecickiBy default
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<command>nsupdate</command>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrewsuses UDP to send update requests to the name server.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThe
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<option>-v</option>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrewsoption makes
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<command>nsupdate</command>
7f9e2fff07b9c17e0d7a0ea7abc9304ce9d01b61Tinderbox Useruse a TCP connection.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThis may be preferable when a batch of update requests is made.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews</para>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews</refsect1>
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<refsect1>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<title>INPUT FORMAT</title>
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews<para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<command>nsupdate</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsreads input from
01a5c5503482fb3ba52088bf0178a7213273bf96Mark Andrews<parameter>filename</parameter>
361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox Useror standard input.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsEach command is supplied on exactly one line of input.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserSome commands are for administrative purposes.
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic UpdaterThe others are either update instructions or prerequisite checks on the
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewscontents of the zone.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntThese checks set conditions that some name or set of
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsresource records (RRset) either exists or is absent from the zone.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserThese conditions must be met if the entire update request is to succeed.
fe80a4909bf62b602feaf246866e9d29f7654194Automatic UpdaterUpdates will be rejected if the tests for the prerequisite conditions fail.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User</para>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<para>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntEvery update request consists of zero or more prerequisites
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsand zero or more updates.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserThis allows a suitably authenticated update request to proceed if some
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox Userspecified resource records are present or missing from the zone.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserA blank input line causes the accumulated commands to be sent as one Dynamic
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsDNS update request to the name server.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt</para>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<para>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserThe command formats and their meaning are as follows:
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater<variablelist>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<varlistentry><term>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<cmdsynopsis>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<command>server</command>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<arg choice="req">servername</arg>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<arg choice="opt">port</arg>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson</cmdsynopsis>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User</term>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<listitem>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<para>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsSends all dynamic update requests to the name server
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<parameter>servername</parameter>.
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic UpdaterWhen no server statement is provided,
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<command>nsupdate</command>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewswill send updates to the master server of the correct zone.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntThe MNAME field of that zone's SOA record will identify the master
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsserver for that zone.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<parameter>port</parameter>
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updateris the port number on
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<parameter>servername</parameter>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewswhere the dynamic update requests get sent.
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntIf no port number is specified, the default DNS port number of 53 is
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsused.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User</para>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<varlistentry><term>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<cmdsynopsis>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<command>local</command>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<arg choice="req">address</arg>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<arg choice="opt">port</arg>
5f7586ddbd3edd11272cdd30ed613d936129328bTinderbox User</cmdsynopsis>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User</term>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<listitem>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<para>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsSends all dynamic update requests using the local
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User<parameter>address</parameter>.
361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox UserWhen no local statement is provided,
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User<command>nsupdate</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewswill send updates using an address and port choosen by the system.
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User<parameter>port</parameter>
34d1f3b65324f8fcf358fa2f47891441d4b1d2f0Tinderbox Usercan additionally be used to make requests come from a specific port.
1fce11b1d3f2d461d261156b8cdc64ab864f06a9Tinderbox UserIf no port number is specified, the system will assign one.
fab54780409846f7c71f6026d665f18c77c649efTinderbox User
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<varlistentry><term>
361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User<cmdsynopsis>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<command>zone</command>
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User<arg choice="req">zonename</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</cmdsynopsis>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</term>
689fb19ba11ed40363cbc031d0396befdb409b89Tinderbox User<listitem>
6c2a76b3e2ccd32c35814b6e0f54da00190749d7Evan Hunt<para>
8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark AndrewsSpecifies that all updates are to be made to the zone
361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User<parameter>zonename</parameter>.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsIf no
361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User<parameter>zone</parameter>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsstatement is provided,
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<command>nsupdate</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewswill attempt determine the correct zone to update based on the rest of the input.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<varlistentry><term>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<cmdsynopsis>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<command>key</command>
361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User<arg choice="req">name</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<arg choice="req">secret</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</cmdsynopsis>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</term>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<listitem>
cdf1c3d486ec082ef6c92297d22d54a67cca0c90Tinderbox User<para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsSpecifies that all updates are to be TSIG signed using the
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<parameter>keyname</parameter> <parameter>keysecret</parameter> pair.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThe <command>key</command> command
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsoverrides any key specified on the command line via
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<option>-y</option> or <option>-k</option>.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<varlistentry><term>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<cmdsynopsis>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<command>prereq nxdomain</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<arg choice="req">domain-name</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</cmdsynopsis>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</term>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<listitem>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsRequires that no resource record of any type exists with name
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<parameter>domain-name</parameter>.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<varlistentry><term>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<cmdsynopsis>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<command>prereq yxdomain</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<arg choice="req">domain-name</arg>
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User</cmdsynopsis>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews</term>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<listitem>
7d638dd31ecb633aaefca994b60b70c58b5def03Tinderbox User<para>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsRequires that
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<parameter>domain-name</parameter>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewsexists (has as at least one resource record, of any type).
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</para>
76408aae412cda298c5e43da0eebb23c875a4426Tinderbox User
7f9e2fff07b9c17e0d7a0ea7abc9304ce9d01b61Tinderbox User<varlistentry><term>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<cmdsynopsis>
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User<command>prereq nxrrset</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<arg choice="req">domain-name</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<arg choice="opt">class</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<arg choice="req">type</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</cmdsynopsis>
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User</term>
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User<listitem>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsRequires that no resource record exists of the specified
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<parameter>type</parameter>,
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User<parameter>class</parameter>
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox Userand
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson<parameter>domain-name</parameter>.
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox UserIf
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User<parameter>class</parameter>
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox Useris omitted, IN (internet) is assumed.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User<varlistentry><term>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<cmdsynopsis>
6c2a76b3e2ccd32c35814b6e0f54da00190749d7Evan Hunt<command>prereq yxrrset</command>
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User<arg choice="req">domain-name</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<arg choice="opt">class</arg>
3857cb6fcabeb79d85de4b3e3e4ab99912b701f8Mark Andrews<arg choice="req">type</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</cmdsynopsis>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</term>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<listitem>
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<para>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas GustafssonThis requires that a resource record of the specified
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User<parameter>type</parameter>,
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<parameter>class</parameter>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Huntand
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<parameter>domain-name</parameter>
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox Usermust exist.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsIf
8292deab031e7599cd7622aa7675fbe139ca6095Mark Andrews<parameter>class</parameter>
c1e2310a3725eeed45e5e7c86750c64c5a02e993Francis Dupontis omitted, IN (internet) is assumed.
c1e2310a3725eeed45e5e7c86750c64c5a02e993Francis Dupont</para>
4b61b671f5de767ec1d1b8e6cf7b849bddf08e98Tinderbox User
4b61b671f5de767ec1d1b8e6cf7b849bddf08e98Tinderbox User<varlistentry><term>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<cmdsynopsis>
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont<command>prereq yxrrset</command>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<arg choice="req">domain-name</arg>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<arg choice="opt">class</arg>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<arg choice="req">type</arg>
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont<arg choice="req" rep="repeat">data</arg>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</cmdsynopsis>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews</term>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<listitem>
f1a2709aad7baa4161fdb6f63edf99b0150af252Evan Hunt<para>
f1a2709aad7baa4161fdb6f63edf99b0150af252Evan HuntThe
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<parameter>data</parameter>
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrewsfrom each set of prerequisites of this form
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewssharing a common
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<parameter>type</parameter>,
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews<parameter>class</parameter>,
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrewsand
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater<parameter>domain-name</parameter>
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrewsare combined to form a set of RRs.  This set of RRs must
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewsexactly match the set of RRs existing in the zone at the
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Huntgiven
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<parameter>type</parameter>,
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews<parameter>class</parameter>,
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updaterand
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews<parameter>domain-name</parameter>.
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsThe
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<parameter>data</parameter>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsare written in the standard text representation of the resource record's
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsRDATA.
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater</para>
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<varlistentry><term>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<cmdsynopsis>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<command>update delete</command>
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews<arg choice="req">domain-name</arg>
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews<arg choice="opt">ttl</arg>
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews<arg choice="opt">class</arg>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<arg choice="opt">type <arg choice="opt" rep="repeat">data</arg></arg>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt</cmdsynopsis>
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews</term>
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews<listitem>
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews<para>
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark AndrewsDeletes any resource records named
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<parameter>domain-name</parameter>.
01a5c5503482fb3ba52088bf0178a7213273bf96Mark AndrewsIf
168cf0ede1cf13a095e48af6749d88fbc432f096Evan Hunt<parameter>type</parameter>
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrewsand
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews<parameter>data</parameter>
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrewsis provided, only matching resource records will be removed.
168cf0ede1cf13a095e48af6749d88fbc432f096Evan HuntThe internet class is assumed if
3bd8b5a8fb126e45c67ff53b68183c889cc27918Tinderbox User<parameter>class</parameter>
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrewsis not supplied.  The
3bd8b5a8fb126e45c67ff53b68183c889cc27918Tinderbox User<parameter>ttl</parameter>
168cf0ede1cf13a095e48af6749d88fbc432f096Evan Huntis ignored, and is only allowed for compatibility.
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews</para>
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<varlistentry><term>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<cmdsynopsis>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<command>update add</command>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<arg choice="req">domain-name</arg>
8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark Andrews<arg choice="req">ttl</arg>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<arg choice="opt">class</arg>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<arg choice="req">type</arg>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<arg choice="req" rep="repeat">data</arg>
8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark Andrews</cmdsynopsis>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews</term>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<listitem>
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews<para>
bcfc5188be220e1334218dfe638dffce4744e792Tinderbox UserAdds a new resource record with the specified
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews<parameter>ttl</parameter>,
8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark Andrews<parameter>class</parameter>
8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark Andrewsand
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews<parameter>data</parameter>.
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews</para>
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews</listitem>
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews</variablelist>
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews<para>
ab833877278ad5535eef57e4f62291becaea5bc5Mark AndrewsLines beginning with a semicolon are comments, and are ignored.
3bd8b5a8fb126e45c67ff53b68183c889cc27918Tinderbox User</para>
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</refsect1>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<refsect1>
fab54780409846f7c71f6026d665f18c77c649efTinderbox User<title>EXAMPLES</title>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<para>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsThe examples below show how
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<command>nsupdate</command>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewscould be used to insert and delete resource records from the
8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark Andrews<type>example.com</type>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewszone.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsNotice that the input in each example contains a trailing blank line so that
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsa group of commands are sent as one dynamic update request to the
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsmaster name server for
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson<type>example.com</type>.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews<programlisting>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt# nsupdate
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews> update delete oldhost.example.com A
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews> update add newhost.example.com 86400 A 172.16.1.1
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews</programlisting>
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt</para>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<para>
3a988722ad9e209ba4064604d482dc4efe0e19ebTinderbox UserAny A records for
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<type>oldhost.example.com</type>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonare deleted.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsand an A record for
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<type>newhost.example.com</type>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsit IP address 172.16.1.1 is added.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThe newly-added record has a 1 day TTL (86400 seconds)
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<programlisting>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews# nsupdate
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews> prereq nxdomain nickname.example.com
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews> update add nickname.example.com CNAME somehost.example.com
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews</programlisting>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<para>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThe prerequisite condition gets the name server to check that there
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsare no resource records of any type for
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<type>nickname.example.com</type>.
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsIf there are, the update request fails.
a5636b773fa05a272b6876afd99309c0b3090e2fMark AndrewsIf this name does not exist, a CNAME for it is added.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThis ensures that when the CNAME is added, it cannot conflict with the
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewslong-standing rule in RFC1034 that a name must not exist as any other
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsrecord type if it exists as a CNAME.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews(The rule has been updated for DNSSEC in RFC2535 to allow CNAMEs to have
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonSIG, KEY and NXT records.)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</para>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</refsect1>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<refsect1>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<title>FILES</title>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<variablelist>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<varlistentry><term><constant>/etc/resolv.conf</constant></term>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<listitem>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<para>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonused to identify default name server
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</para>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</listitem>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<varlistentry><term><constant>K{name}.+157.+{random}.key</constant></term>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<listitem>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<para>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonbase-64 encoding of HMAC-MD5 key created by
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<citerefentry>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</citerefentry>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</para>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</listitem>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<varlistentry><term><constant>K{name}.+157.+{random}.private</constant></term>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<listitem>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<para>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonbase-64 encoding of HMAC-MD5 key created by
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<citerefentry>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</citerefentry>.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</para>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</listitem>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</variablelist>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</refsect1>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<refsect1>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<title>SEE ALSO</title>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<para>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<citerefentry>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<refentrytitle>RFC2136</refentrytitle>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</citerefentry>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<citerefentry>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<refentrytitle>RFC3007</refentrytitle>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</citerefentry>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<citerefentry>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<refentrytitle>RFC2104</refentrytitle>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington</citerefentry>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington<citerefentry>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<refentrytitle>RFC2845</refentrytitle>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews</citerefentry>,
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<citerefentry>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<refentrytitle>RFC1034</refentrytitle>
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews</citerefentry>,
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt<citerefentry>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews<refentrytitle>RFC2535</refentrytitle>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</citerefentry>,
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater<citerefentry>
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater<refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater</citerefentry>,
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater<citerefentry>
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater<refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater</citerefentry>.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater</refsect1>
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater<refsect1>
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater<title>BUGS</title>
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater<para>
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterThe TSIG key is redundantly stored in two separate files.
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterThis is a consequence of nsupdate using the DST library
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updaterfor its cryptographic operations, and may change in future
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updaterreleases.
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews</para>
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User</refsect1>
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User</refentry>
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User