rndc.docbook revision 5cd4555ad444fd391002ae32450572054369fd42
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater [<!ENTITY mdash "—">]>
1167fc7904c5f0a472f8df207ac46dd52c7f1ec8Automatic Updater - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater - Copyright (C) 2000, 2001 Internet Software Consortium.
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater - Permission to use, copy, modify, and distribute this software for any
0519188c8e1ae76978fc4e0f799620cd36eba07aAutomatic Updater - purpose with or without fee is hereby granted, provided that the above
79b273c187a4aa1016a62181983dfdd0521681aeMark Andrews - copyright notice and this permission notice appear in all copies.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
bbde8dc56605130058a1540609264fa109da3b63Automatic Updater - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
bbde8dc56605130058a1540609264fa109da3b63Automatic Updater - PERFORMANCE OF THIS SOFTWARE.
3cc98b8ecedcbc8465f1cf2740b966b315662430Automatic Updater<!-- $Id: rndc.docbook,v 1.15 2007/01/29 22:16:02 sra Exp $ -->
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <refentryinfo>
bbde8dc56605130058a1540609264fa109da3b63Automatic Updater </refentryinfo>
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews <refentrytitle><application>rndc</application></refentrytitle>
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <refname><application>rndc</application></refname>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <refpurpose>name server control utility</refpurpose>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <refsynopsisdiv>
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater <arg><option>-b <replaceable class="parameter">source-address</replaceable></option></arg>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <arg><option>-k <replaceable class="parameter">key-file</replaceable></option></arg>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <arg><option>-s <replaceable class="parameter">server</replaceable></option></arg>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews <arg><option>-y <replaceable class="parameter">key_id</replaceable></option></arg>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington </cmdsynopsis>
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater </refsynopsisdiv>
930f6069e5aa157cf6987cdafd412f5757a5a558Automatic Updater controls the operation of a name
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews server. It supersedes the <command>ndc</command> utility
930f6069e5aa157cf6987cdafd412f5757a5a558Automatic Updater that was provided in old BIND releases. If
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater <command>rndc</command> is invoked with no command line
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews options or arguments, it prints a short summary of the
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater supported commands and the available options and their
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews communicates with the name server
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater over a TCP connection, sending commands authenticated with
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson digital signatures. In the current versions of
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <command>rndc</command> and <command>named</command> named
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater the only supported authentication algorithm is HMAC-MD5,
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews which uses a shared secret on each end of the connection.
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater This provides TSIG-style authentication for the command
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson request and the name server's response. All commands sent
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater over the channel must be signed by a key_id known to the
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater reads a configuration file to
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater determine how to contact the name server and decide what
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews algorithm and key it should use.
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont <variablelist>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <varlistentry>
e130ab53e992670e2a2ecf043976ac09f21358d1Automatic Updater <term>-b <replaceable class="parameter">source-address</replaceable></term>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews Use <replaceable class="parameter">source-address</replaceable>
24bf1e02f03577db0feb50b80238c4150c96d05dAutomatic Updater as the source address for the connection to the server.
24bf1e02f03577db0feb50b80238c4150c96d05dAutomatic Updater Multiple instances are permitted to allow setting of both
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews the IPv4 and IPv6 source addresses.
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updater </varlistentry>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <varlistentry>
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater <term>-c <replaceable class="parameter">config-file</replaceable></term>
24bf1e02f03577db0feb50b80238c4150c96d05dAutomatic Updater Use <replaceable class="parameter">config-file</replaceable>
24bf1e02f03577db0feb50b80238c4150c96d05dAutomatic Updater as the configuration file instead of the default,
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater </varlistentry>
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <varlistentry>
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater <term>-k <replaceable class="parameter">key-file</replaceable></term>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson Use <replaceable class="parameter">key-file</replaceable>
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater as the key file instead of the default,
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <filename>/etc/rndc.key</filename> will be used to
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater commands sent to the server if the <replaceable class="parameter">config-file</replaceable>
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater does not exist.
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater </varlistentry>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <varlistentry>
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <term>-s <replaceable class="parameter">server</replaceable></term>
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater <para><replaceable class="parameter">server</replaceable> is
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater the name or address of the server which matches a
0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater server statement in the configuration file for
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater <command>rndc</command>. If no server is supplied on
765c97d56ccddc9d7904c7d9ff2e2d825d9687e4Automatic Updater command line, the host named by the default-server clause
3e5340279d8875d136a4dd815cccad0044aa2644Automatic Updater in the option statement of the configuration file will be
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater </varlistentry>
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <varlistentry>
1d4f4d2db2d69e48fec2dde5c1535853677d22a7Automatic Updater <term>-p <replaceable class="parameter">port</replaceable></term>
9c446b72069d0ab9f710502f4d7048e50875fccbAutomatic Updater Send commands to TCP port
e85565067cf73f8cc21ee29b11761659f1d47ee9Automatic Updater <replaceable class="parameter">port</replaceable>
bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic Updater of BIND 9's default control channel port, 953.
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater </varlistentry>
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <varlistentry>
3f616e6f846be57b1717c6beaba0f74de9d5a7c6Automatic Updater Enable verbose logging.
19b3dc94bce93fa76bd7e066f9298630dbc9dcb4Automatic Updater </varlistentry>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <varlistentry>
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater <term>-y <replaceable class="parameter">keyid</replaceable></term>
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic Updater Use the key <replaceable class="parameter">keyid</replaceable>
e130ab53e992670e2a2ecf043976ac09f21358d1Automatic Updater from the configuration file.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <replaceable class="parameter">keyid</replaceable>
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater known by named with the same algorithm and secret string
7262eb86f2b465822206122921e2f357218f0cfdAutomatic Updater in order for control message validation to succeed.
96ea71632887c58a9d00f47eb318bf76b35903c3Mark Andrews If no <replaceable class="parameter">keyid</replaceable>
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater is specified, <command>rndc</command> will first look
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater for a key clause in the server statement of the server
bbb069be941f649228760edcc241122933c066d2Automatic Updater being used, or if no server statement is present for that
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater host, then the default-key clause of the options statement.
4cda4fd158d6ded5586bacea8c388445d99611eaAutomatic Updater Note that the configuration file contains shared secrets
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews which are used to send authenticated control commands
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater to name servers. It should therefore not have general read
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater or write access.
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater </varlistentry>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews </variablelist>
cafd3a2b9974fe0a4ab95e0289746062bd958d68Automatic Updater For the complete set of commands supported by <command>rndc</command>,
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews see the BIND 9 Administrator Reference Manual or run
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <command>rndc</command> without arguments to see its help
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater does not yet support all the commands of
cf7e98f59148b559946a7f1ca728471374f1eef3Automatic Updater the BIND 8 <command>ndc</command> utility.
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater There is currently no way to provide the shared secret for a
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <option>key_id</option> without using the configuration file.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson Several error messages could be clearer.
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <refentrytitle>rndc.conf</refentrytitle><manvolnum>5</manvolnum>
3857cb6fcabeb79d85de4b3e3e4ab99912b701f8Mark Andrews </citerefentry>,
572cb2c1c931f6bc6a4a019c103ae88239b0eb96Automatic Updater <citerefentry>
53b4d1cad58e0f63aa8cd8a86c692c75aba7f15aAutomatic Updater <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews </citerefentry>,
9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater <citerefentry>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <refentrytitle>named.conf</refentrytitle><manvolnum>5</manvolnum>
e2caa7536302de34de6cc04025abcd53dc3a499aAutomatic Updater </citerefentry>
56e7dc0c24b04210dcbffb180a9e35644fb820daAutomatic Updater <citerefentry>
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater <refentrytitle>ndc</refentrytitle><manvolnum>8</manvolnum>
8292deab031e7599cd7622aa7675fbe139ca6095Mark Andrews </citerefentry>,
0b57424d28c9a67018107133f9fbc0a7dcf057e2Mark Andrews <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater <para><corpauthor>Internet Systems Consortium</corpauthor>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews - Local variables:
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews - mode: sgml