ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">

205c10066a0acfeac52d1a135671f41d207b8557Automatic Updater

205c10066a0acfeac52d1a135671f41d207b8557Automatic Updater<refentry>

1167fc7904c5f0a472f8df207ac46dd52c7f1ec8Automatic Updater <refentryinfo>

0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater <date>June 30, 2000</date>

46da3117812814a29432a8d9a9ccf8acdbfdadceAutomatic Updater </refentryinfo>

2bb3422dc683c013db7042f5736240de6b86f182Automatic Updater

cd0aa2d941d1438fabb5337f1f38c49478edf71dAutomatic Updater <refmeta>

2ec4ab21838e218863d052ebfa3e106e04f50820Evan Hunt <refentrytitle><application>rndc</application></refentrytitle>

ea854b585041ad19f70f7af15e08144ef2c2bd1bMark Andrews <manvolnum>8</manvolnum>

78cb74fab4665da2e2641ba909c6f59f74cc4193Automatic Updater <refmiscinfo>BIND9</refmiscinfo>

cd0aa2d941d1438fabb5337f1f38c49478edf71dAutomatic Updater </refmeta>

90ff38a0d8deaf5f9c2aa5916d99b2e572d28738Automatic Updater

9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <refnamediv>

ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews <refname><application>rndc</application></refname>

6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater <refpurpose>name server control utility</refpurpose>

9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington </refnamediv>

9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater

bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic Updater <refsynopsisdiv>

56874aef380a64a2c183b7c282c3e7a361d67fa1Automatic Updater <cmdsynopsis>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <command>rndc</command>

96713299d08c0735c18ebe8772dd2cc1ecd4356aAutomatic Updater <arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>

3cc98b8ecedcbc8465f1cf2740b966b315662430Automatic Updater <arg><option>-s <replaceable class="parameter">server</replaceable></option></arg>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <arg><option>-V</option></arg>

96713299d08c0735c18ebe8772dd2cc1ecd4356aAutomatic Updater <arg><option>-y <replaceable class="parameter">key_id</replaceable></option></arg>

831f79c4310a7d38fc3475ccfff531b2b2535641Automatic Updater <arg choice="req">command</arg>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews </cmdsynopsis>

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater </refsynopsisdiv>

efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <refsect1>

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <title>DESCRIPTION</title>

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <para>

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <command>rndc</command> controls the operation of a name

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson server. It supersedes the <command>ndc</command> utility

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater that was provided in old BIND releases. If

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <command>rndc</command> is invoked with no command line

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater options or arguments, it prints a short summary of the

aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt supported commands and the available options and their

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater arguments.

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater </para>

aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt <para>

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <command>rndc</command> communicates with the name server

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater over a TCP connection, sending commands authenticated with

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater digital signatures. In the current versions of

aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt <command>rndc</command> and <command>named</command> named

2d2dc37599979c83495510f8af8d1756753aa2c5Automatic Updater the only supported authentication algorithm is HMAC-MD5,

2d2dc37599979c83495510f8af8d1756753aa2c5Automatic Updater which uses a shared secret on each end of the connection.

aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt This provides TSIG-style authentication for the command

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater request and the name server's response. All commands sent

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater over the channel must be signed by a key_id known to the

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater server.

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater </para>

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <para>

cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater <command>rndc</command> reads a configuration file to

cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater determine how to contact the name server and decide what

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater algorithm and key it should use.

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater </para>

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater </refsect1>

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater

eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews <refsect1>

eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews <title>OPTIONS</title>

eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews

9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <variablelist>

9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater <varlistentry>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <term>-c <replaceable class="parameter">config-file</replaceable></term>

59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater <listitem>

80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater <para>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews Use <replaceable class="parameter">config-file</replaceable>

59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater as the configuration file instead of the default,

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <filename>/etc/rndc.conf</filename>.

db5b7e2cdf150c46e8242d3e2e3ad3f5c7300258Automatic Updater </para>

80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater </listitem>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews </varlistentry>

1a06700908f5a1d9f4a8d51285a0fd971e2f9117Automatic Updater

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <varlistentry>

db5b7e2cdf150c46e8242d3e2e3ad3f5c7300258Automatic Updater <term>-s <replaceable class="parameter">server</replaceable></term>

693c4232dfdffaff672197d4b9fea944c64cf80aAutomatic Updater <listitem>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <para>

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <replaceable class="parameter">server</replaceable> is

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson the name or address of the server which matches a

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater server statement in the configuration file for

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <command>rndc</command>. If no server is supplied on the

efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews command line, the host named by the default-server clause

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater in the option statement of the configuration file will be

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson used.

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater </para>

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater </listitem>

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson </varlistentry>

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater <varlistentry>

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater <term>-p <replaceable class="parameter">port</replaceable></term>

9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater <listitem>

b1265b5a06df36d490d4bdf54284fb133a1f5a84Automatic Updater <para>

9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater Send commands to TCP port

9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater <replaceable class="parameter">port</replaceable> instead

2a31bd531072824ef252c18303859d6af7451b00Francis Dupont of BIND 9's default control channel port, 953.

0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater </para>

0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater </listitem>

2a31bd531072824ef252c18303859d6af7451b00Francis Dupont </varlistentry>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews

f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater <varlistentry>

9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater <term>-V</term>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <listitem>

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater <para>

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater Enable verbose logging.

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater </para>

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater </listitem>

995eaa289ba9709c64ef89b3776e53c36adc0010Automatic Updater </varlistentry>

b29e5c56eb74a6de1a84c29879afc90ffc6b1436Automatic Updater

418cc932318b1d67f88a36904d88d8a5a0a2ba09Automatic Updater <varlistentry>

995eaa289ba9709c64ef89b3776e53c36adc0010Automatic Updater <term>-y <replaceable class="parameter">keyid</replaceable></term>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <listitem>

0977f3f39ef6728516be7976452b9122c8f5607aAutomatic Updater <para>

ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater Use the key <replaceable class="parameter">keyid</replaceable>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews from the configuration file.

0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater <replaceable class="parameter">keyid</replaceable> must be

0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater known by named with the same algorithm and secret string

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater in order for control message validation to succeed.

cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater If no <replaceable class="parameter">keyid</replaceable>

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater is specified, <command>rndc</command> will first look

fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater for a key clause in the server statement of the server

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater being used, or if no server statement is present for that

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater host, then the default-key clause of the options statement.

fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater Note that the configuration file contains shared secrets

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater which are used to send authenticated control commands

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater to name servers. It should therefore not have general read

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson or write access.

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater </para>

aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews </listitem>

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson </varlistentry>

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater </variablelist>

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater

133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater <para>

133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater For the complete set of commands supported by <command>rndc</command>,

133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater see the BIND 9 Administrator Reference Manual or run

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater <command>rndc</command> without arguments to see its help message.

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson </para>

f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater

4104e236f71eb5108fcfda6711878a97f6f4a8e7Automatic Updater </refsect1>

0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater

e8c7dc2a5ce48f11c07a67c9923eeb8f419ff19fEvan Hunt <refsect1>

0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater <title>LIMITATIONS</title>

0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater <para>

0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater <command>rndc</command> does not yet support all the commands of

2bb3422dc683c013db7042f5736240de6b86f182Automatic Updater the BIND 8 <command>ndc</command> utility.

59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater </para>

0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater <para>

3b6e4c84a525b0b3fc9e8affd8bb9fa5c000345fAutomatic Updater There is currently no way to provide the shared secret for a

19b3dc94bce93fa76bd7e066f9298630dbc9dcb4Automatic Updater <option>key_id</option> without using the configuration file.

d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater </para>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <para>

59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater Several error messages could be clearer.

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater </para>

c243d779731a410f8dc2d2feeed20c15f299b6e3Automatic Updater </refsect1>

0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <refsect1>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <title>SEE ALSO</title>

bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic Updater <para>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <citerefentry>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <refentrytitle>rndc.conf</refentrytitle>

59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater <manvolnum>5</manvolnum>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater </citerefentry>,

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <citerefentry>

7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater <refentrytitle>named</refentrytitle>

59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater <manvolnum>8</manvolnum>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater </citerefentry>,

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <citerefentry>

7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater <refentrytitle>named.conf</refentrytitle>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <manvolnum>5</manvolnum>

19b3dc94bce93fa76bd7e066f9298630dbc9dcb4Automatic Updater </citerefentry>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <citerefentry>

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <refentrytitle>ndc</refentrytitle>

7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater <manvolnum>8</manvolnum>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater </citerefentry>,

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <citetitle>BIND 9 Administrator Reference Manual</citetitle>.

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater </para>

59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater </refsect1>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater

71bd43eebd9d6e42dbcae62b730f5b6508d5acd8Automatic Updater <refsect1>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <title>AUTHOR</title>

7262eb86f2b465822206122921e2f357218f0cfdAutomatic Updater <para>

96ea71632887c58a9d00f47eb318bf76b35903c3Mark Andrews <corpauthor>Internet Software Consortium</corpauthor>

ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater </para>

9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater </refsect1>

bbb069be941f649228760edcc241122933c066d2Automatic Updater

9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater</refentry>

4cda4fd158d6ded5586bacea8c388445d99611eaAutomatic Updater

59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews