bin/rndc/rndc.docbook

	rndc.docbook revision d4ef65050feac78554addf6e16a06c6e2e0bd331
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington<!--
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - Copyright (C) 2001  Internet Software Consortium.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington -
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - Permission to use, copy, modify, and distribute this software for any
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - purpose with or without fee is hereby granted, provided that the above
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - copyright notice and this permission notice appear in all copies.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington -
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington-->
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington<!-- $Id: rndc.docbook,v 1.6 2001/06/10 13:57:53 tale Exp $ -->
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<refentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refentryinfo>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <date>June 30, 2000</date>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refentryinfo>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refmeta>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <refentrytitle><application>rndc</application></refentrytitle>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <manvolnum>8</manvolnum>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <refmiscinfo>BIND9</refmiscinfo>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refmeta>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refnamediv>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <refname><application>rndc</application></refname>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <refpurpose>name server control utility</refpurpose>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refnamediv>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refsynopsisdiv>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <cmdsynopsis>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <command>rndc</command>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <arg><option>-s <replaceable class="parameter">server</replaceable></option></arg>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington      <arg><option>-V</option></arg>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <arg><option>-y <replaceable class="parameter">key_id</replaceable></option></arg>
9b6a170d22d61026d31bde87523f3320628b6ebcBrian Wellington      <arg choice="req">command</arg>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </cmdsynopsis>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refsynopsisdiv>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <title>DESCRIPTION</title>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <command>rndc</command> controls the operation of a name
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    server.  It supersedes the <command>ndc</command> utility
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    that was provided in old BIND releases.  If
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <command>rndc</command> is invoked with no command line
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    options or arguments, it prints a short summary of the
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    supported commands and the available options and their
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    arguments.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <command>rndc</command> communicates with the name server
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    over a TCP connection, sending commands authenticated with
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    digital signatures.  In the current versions of
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <command>rndc</command> and <command>named</command> named
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        the only supported authentication algorithm is HMAC-MD5,
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    which uses a shared secret on each end of the connection.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    This provides TSIG-style authentication for the command
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    request and the name server's response.  All commands sent
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    over the channel must be signed by a key_id known to the
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    server.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <command>rndc</command> reads a configuration file to
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    determine how to contact the name server and decide what
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    algorithm and key it should use.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <title>OPTIONS</title>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <variablelist>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <varlistentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <term>-c <replaceable class="parameter">config-file</replaceable></term>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <listitem>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley          Use <replaceable class="parameter">config-file</replaceable>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley          as the configuration file instead of the default,
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley          <filename>/etc/rndc.conf</filename>.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </listitem>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </varlistentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <varlistentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <term>-s <replaceable class="parameter">server</replaceable></term>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <listitem>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           <replaceable class="parameter">server</replaceable> is
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           the name or address of the server which matches a
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           server statement in the configuration file for
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           <command>rndc</command>.  If no server is supplied on the
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           command line, the host named by the default-server clause
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           in the option statement of the configuration file will be
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           used.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </listitem>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </varlistentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <varlistentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <term>-p <replaceable class="parameter">port</replaceable></term>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <listitem>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           Send commands to TCP port
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           <replaceable class="parameter">port</replaceable> instead
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           of BIND 9's default control channel port, 953.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </listitem>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </varlistentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington      <varlistentry>
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington        <term>-V</term>
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington    <listitem>
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington      <para>
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington           Enable verbose logging.
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington      </para>
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington    </listitem>
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington      </varlistentry>
b435b1ded3def3159f597953d21dffc1615cb250Brian Wellington
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <varlistentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <term>-y <replaceable class="parameter">keyid</replaceable></term>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <listitem>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           Use the key <replaceable class="parameter">keyid</replaceable>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           from the configuration file.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           <replaceable class="parameter">keyid</replaceable> must be
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           known by named with the same algorithm and secret string
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           in order for control message validation to succeed.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           If no <replaceable class="parameter">keyid</replaceable>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           is specified, <command>rndc</command> will first look
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           for a key clause in the server statement of the server
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           being used, or if no server statement is present for that
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           host, then the default-key clause of the options statement.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           Note that the configuration file contains shared secrets
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           which are used to send authenticated control commands
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           to name servers.  It should therefore not have general read
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley           or write access.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </listitem>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </varlistentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </variablelist>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      For the complete set of commands supported by <command>rndc</command>,
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      see the BIND 9 Administrator Reference Manual or run
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <command>rndc</command> without arguments to see its help message.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <title>LIMITATIONS</title>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <command>rndc</command> does not yet support all the commands of
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    the BIND 8 <command>ndc</command> utility.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        There is currently no way to provide the shared secret for a
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <option>key_id</option> without using the configuration file.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        Several error messages could be clearer.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <title>SEE ALSO</title>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <citerefentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <refentrytitle>rndc.conf</refentrytitle>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <manvolnum>5</manvolnum>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </citerefentry>,
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <citerefentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <refentrytitle>named</refentrytitle>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <manvolnum>8</manvolnum>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </citerefentry>,
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <citerefentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <refentrytitle>named.conf</refentrytitle>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <manvolnum>5</manvolnum>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </citerefentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <citerefentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <refentrytitle>ndc</refentrytitle>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <manvolnum>8</manvolnum>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      </citerefentry>,
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley      <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  <refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <title>AUTHOR</title>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    <para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley        <corpauthor>Internet Software Consortium</corpauthor>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley    </para>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley  </refsect1>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley</refentry>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<!--
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley - Local variables:
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley - mode: sgml
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley - End:
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley-->
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley