doc/arm/Bv9ARM.ch03.html

	Bv9ARM.ch03.html revision 11e9368a226272085c337e9e74b79808c16fbdba
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!--
297be3708069ef31814d6d75c0d71a50a78feb03Mark Andrews - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - Permission to use, copy, modify, and/or distribute this software for any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein-->
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<!-- $Id$ -->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<title>Chapter�3.�Name Server Configuration</title>
e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="Bv9ARM.ch02.html" title="Chapter�2.�BIND Resource Requirements">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="Bv9ARM.ch04.html" title="Chapter�4.�Advanced DNS Features">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navheader">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation header">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center">Chapter�3.�Name Server Configuration</th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="Bv9ARM.ch02.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<th width="60%" align="center">�</th>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch04.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="chapter" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h2 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="Bv9ARM.ch03"></a>Chapter�3.�Name Server Configuration</h2></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="toc">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><b>Table of Contents</b></p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="sect1"><a href="Bv9ARM.ch03.html#sample_configuration">Sample Configurations</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2567998">A Caching-only Name Server</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568014">An Authoritative-only Name Server</a></span></dt>
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater</dl></dd>
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568037">Load Balancing</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568391">Name Server Operations</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><dl>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568396">Tools for Use With the Name Server Daemon</a></span></dt>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2569465">Signals</a></span></dt>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater</dl></dd>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater</dl>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater</div>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      In this chapter we provide some suggested configurations along
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater      with guidelines for their use.  We suggest reasonable values for
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater      certain option settings.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="sect1" lang="en">
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<div class="titlepage"><div><div><h2 class="title" style="clear: both">
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<a name="sample_configuration"></a>Sample Configurations</h2></div></div></div>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<div class="sect2" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<a name="id2567998"></a>A Caching-only Name Server</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater          The following sample configuration is appropriate for a caching-only
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater          name server for use by clients internal to a corporation.  All
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          queries
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          from outside clients are refused using the <span><strong class="command">allow-query</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          option.  Alternatively, the same effect could be achieved using
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          suitable
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          firewall rules.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="programlisting">
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews// Two corporate subnets we wish to allow queries from.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austeinacl corpnets { 192.168.4.0/24; 192.168.7.0/24; };
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsoptions {
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     // Working directory
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     directory "/etc/namedb";
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     allow-query { corpnets; };
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews};
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein// Provide a reverse mapping for the loopback
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein// address 127.0.0.1
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austeinzone "0.0.127.in-addr.arpa" {
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     type master;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     file "localhost.rev";
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     notify no;
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews};
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews</pre>
47012ae6dbf18a2503d7b33c1c9583dc38625cb7Mark Andrews</div>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="sect2" lang="en">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="titlepage"><div><div><h3 class="title">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<a name="id2568014"></a>An Authoritative-only Name Server</h3></div></div></div>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews          This sample configuration is for an authoritative-only server
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          that is the master server for "<code class="filename">example.com</code>"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          and a slave for the subdomain "<code class="filename">eng.example.com</code>".
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="programlisting">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austeinoptions {
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     // Working directory
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     directory "/etc/namedb";
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     // Do not allow access to cache
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     allow-query-cache { none; };
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     // This is the default
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     allow-query { any; };
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews     // Do not provide recursive service
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews     recursion no;
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews};
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews// Provide a reverse mapping for the loopback
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews// address 127.0.0.1
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrewszone "0.0.127.in-addr.arpa" {
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews     type master;
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews     file "localhost.rev";
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     notify no;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein};
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater// We are the master server for example.com
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updaterzone "example.com" {
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater     type master;
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater     file "example.com.db";
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater     // IP addresses of slave servers allowed to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     // transfer example.com
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     allow-transfer {
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          192.168.4.14;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          192.168.5.53;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     };
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein};
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein// We are a slave server for eng.example.com
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austeinzone "eng.example.com" {
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     type slave;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     file "eng.example.com.bk";
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     // IP address of eng.example.com master server
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     masters { 192.168.4.12; };
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein};
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="sect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h2 class="title" style="clear: both">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2568037"></a>Load Balancing</h2></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        A primitive form of load balancing can be achieved in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        the <acronym class="acronym">DNS</acronym> by using multiple records
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        (such as multiple A records) for one name.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        For example, if you have three WWW servers with network addresses
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        of 10.0.0.1, 10.0.0.2 and 10.0.0.3, a set of records such as the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        following means that clients will connect to each machine one third
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        of the time:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="informaltable"><table border="1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<colgroup>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<col>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<col>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<col>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<col>
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews<col>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</colgroup>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tbody>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  Name
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                  TTL
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  CLASS
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  TYPE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews                  Resource Record (RR) Data
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">www</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">600</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">IN</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">A</code>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                </p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews              </td>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">10.0.0.1</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p></p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<td>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                <p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                  <code class="literal">600</code>
a1b05dea35aa30b152a47115e18bbe679d3fcf19Mark Andrews                </p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">IN</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">A</code>
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews                </p>
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews              </td>
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">10.0.0.2</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p></p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">600</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">IN</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">A</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">10.0.0.3</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tbody>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        When a resolver queries for these records, <acronym class="acronym">BIND</acronym> will rotate
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        them and respond to the query with the records in a different
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        order.  In the example above, clients will randomly receive
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        records in the order 1, 2, 3; 2, 3, 1; and 3, 1, 2. Most clients
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        will use the first record returned and discard the rest.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        For more detail on ordering responses, check the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        <span><strong class="command">rrset-order</strong></span> sub-statement in the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        <span><strong class="command">options</strong></span> statement, see
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        <a href="Bv9ARM.ch06.html#rrset_ordering">RRset Ordering</a>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="sect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h2 class="title" style="clear: both">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2568391"></a>Name Server Operations</h2></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="sect2" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2568396"></a>Tools for Use With the Name Server Daemon</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          This section describes several indispensable diagnostic,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          administrative and monitoring tools available to the system
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          administrator for controlling and debugging the name server
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          daemon.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="sect3" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h4 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="diagnostic_tools"></a>Diagnostic Tools</h4></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            The <span><strong class="command">dig</strong></span>, <span><strong class="command">host</strong></span>, and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            <span><strong class="command">nslookup</strong></span> programs are all command
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            line tools
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            for manually querying name servers.  They differ in style and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            output format.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="variablelist"><dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term"><a name="dig"></a><span><strong class="command">dig</strong></span></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The domain information groper (<span><strong class="command">dig</strong></span>)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  is the most versatile and complete of these lookup tools.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  It has two modes: simple interactive
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  mode for a single query, and batch mode which executes a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  query for
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  each in a list of several query lines. All query options are
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  accessible
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  from the command line.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">dig</code>  [@<em class="replaceable"><code>server</code></em>]  <em class="replaceable"><code>domain</code></em>  [<em class="replaceable"><code>query-type</code></em>] [<em class="replaceable"><code>query-class</code></em>] [+<em class="replaceable"><code>query-option</code></em>] [-<em class="replaceable"><code>dig-option</code></em>] [%<em class="replaceable"><code>comment</code></em>]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The usual simple use of <span><strong class="command">dig</strong></span> will take the form
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">dig @server domain query-type query-class</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  For more information and a list of available commands and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  options, see the <span><strong class="command">dig</strong></span> man
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  page.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term"><span><strong class="command">host</strong></span></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The <span><strong class="command">host</strong></span> utility emphasizes
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  simplicity
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  and ease of use.  By default, it converts
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  between host names and Internet addresses, but its
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  functionality
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  can be extended with the use of options.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">host</code>  [-aCdlnrsTwv] [-c <em class="replaceable"><code>class</code></em>] [-N <em class="replaceable"><code>ndots</code></em>] [-t <em class="replaceable"><code>type</code></em>] [-W <em class="replaceable"><code>timeout</code></em>] [-R <em class="replaceable"><code>retries</code></em>] [-m <em class="replaceable"><code>flag</code></em>] [-4] [-6]  <em class="replaceable"><code>hostname</code></em>  [<em class="replaceable"><code>server</code></em>]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  For more information and a list of available commands and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  options, see the <span><strong class="command">host</strong></span> man
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  page.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term"><span><strong class="command">nslookup</strong></span></span></dt>
47012ae6dbf18a2503d7b33c1c9583dc38625cb7Mark Andrews<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">nslookup</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  has two modes: interactive and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  non-interactive. Interactive mode allows the user to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  query name servers for information about various
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  hosts and domains or to print a list of hosts in a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  domain. Non-interactive mode is used to print just
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce                  the name and requested information for a host or
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce                  domain.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce<div class="cmdsynopsis"><p><code class="command">nslookup</code>  [-option...] [[<em class="replaceable"><code>host-to-find</code></em>] |  [- [server]]]</p></div>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  Interactive mode is entered when no arguments are given (the
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  default name server will be used) or when the first argument
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  is a
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson                  hyphen (`-') and the second argument is the host name or
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                  Internet address
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce                  of a name server.
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson                </p>
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson<p>
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson                  Non-interactive mode is used when the name or Internet
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  address
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  of the host to be looked up is given as the first argument.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  The
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce                  optional second argument specifies the host name or address
727f5b8846457a33d06f515a10a7e1aa849ddf18Andreas Gustafsson                  of a name server.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                </p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<p>
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson                  Due to its arcane user interface and frequently inconsistent
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson                  behavior, we do not recommend the use of <span><strong class="command">nslookup</strong></span>.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  Use <span><strong class="command">dig</strong></span> instead.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                </p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce</dd>
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce</dl></div>
727f5b8846457a33d06f515a10a7e1aa849ddf18Andreas Gustafsson</div>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<div class="sect3" lang="en">
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<div class="titlepage"><div><div><h4 class="title">
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<a name="admin_tools"></a>Administrative Tools</h4></div></div></div>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            Administrative tools play an integral part in the management
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            of a server.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce          </p>
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce<div class="variablelist"><dl>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dt>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<a name="named-checkconf"></a><span class="term"><span><strong class="command">named-checkconf</strong></span></span>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce</dt>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  The <span><strong class="command">named-checkconf</strong></span> program
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  checks the syntax of a <code class="filename">named.conf</code> file.
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce                </p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<div class="cmdsynopsis"><p><code class="command">named-checkconf</code>  [-jvz] [-t <em class="replaceable"><code>directory</code></em>] [<em class="replaceable"><code>filename</code></em>]</p></div>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce</dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dt>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<a name="named-checkzone"></a><span class="term"><span><strong class="command">named-checkzone</strong></span></span>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce</dt>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  The <span><strong class="command">named-checkzone</strong></span> program
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  checks a master file for
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  syntax and consistency.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">named-checkzone</code>  [-djqvD] [-c <em class="replaceable"><code>class</code></em>] [-o <em class="replaceable"><code>output</code></em>] [-t <em class="replaceable"><code>directory</code></em>] [-w <em class="replaceable"><code>directory</code></em>] [-k <em class="replaceable"><code>(ignore|warn|fail)</code></em>] [-n <em class="replaceable"><code>(ignore|warn|fail)</code></em>] [-W <em class="replaceable"><code>(ignore|warn)</code></em>]  <em class="replaceable"><code>zone</code></em>  [<em class="replaceable"><code>filename</code></em>]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt>
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce<a name="named-compilezone"></a><span class="term"><span><strong class="command">named-compilezone</strong></span></span>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce</dt>
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce<dd><p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  Similar to <span><strong class="command">named-checkzone,</strong></span> but
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  it always dumps the zone content to a specified file
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  (typically in a different format).
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson                </p></dd>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt>
575e532437cf7f203707765e21767db92fa1e480Mark Andrews<a name="rndc"></a><span class="term"><span><strong class="command">rndc</strong></span></span>
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson</dt>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  The remote name daemon control
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce                  (<span><strong class="command">rndc</strong></span>) program allows the
8e245ec21beee31a780de9b89ba1e8bb2b9f4c9aAndreas Gustafsson                  system
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  administrator to control the operation of a name server.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  Since <acronym class="acronym">BIND</acronym> 9.2, <span><strong class="command">rndc</strong></span>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  supports all the commands of the BIND 8 <span><strong class="command">ndc</strong></span>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  utility except <span><strong class="command">ndc start</strong></span> and
c71787bd6356c92e9c7d0a174cd63ab17fcf34c6Eric Luce                  <span><strong class="command">ndc restart</strong></span>, which were also
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  not supported in <span><strong class="command">ndc</strong></span>'s
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  channel mode.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  If you run <span><strong class="command">rndc</strong></span> without any
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  options
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  it will display a usage message as follows:
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">rndc</code>  [-c <em class="replaceable"><code>config</code></em>] [-s <em class="replaceable"><code>server</code></em>] [-p <em class="replaceable"><code>port</code></em>] [-y <em class="replaceable"><code>key</code></em>]  <em class="replaceable"><code>command</code></em>  [<em class="replaceable"><code>command</code></em>...]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>See <a href="man.rndc.html" title="rndc"><span class="refentrytitle"><span class="application">rndc</span></span>(8)</a> for details of
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  the available <span><strong class="command">rndc</strong></span> commands.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">rndc</strong></span> requires a configuration file,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  since all
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  communication with the server is authenticated with
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  digital signatures that rely on a shared secret, and
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                  there is no way to provide that secret other than with a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  configuration file.  The default location for the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">rndc</strong></span> configuration file is
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews                  <code class="filename">/etc/rndc.conf</code>, but an
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  alternate
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  location can be specified with the <code class="option">-c</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  option.  If the configuration file is not found,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">rndc</strong></span> will also look in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="filename">/etc/rndc.key</code> (or whatever
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews                  <code class="varname">sysconfdir</code> was defined when
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  the <acronym class="acronym">BIND</acronym> build was
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  configured).
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews                  The <code class="filename">rndc.key</code> file is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  generated by
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  running <span><strong class="command">rndc-confgen -a</strong></span> as
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews                  described in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <a href="Bv9ARM.ch06.html#controls_statement_definition_and_usage" title="controls Statement Definition and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          Usage">the section called &#8220;<span><strong class="command">controls</strong></span> Statement Definition and
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews          Usage&#8221;</a>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The format of the configuration file is similar to
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                  that of <code class="filename">named.conf</code>, but
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                  limited to
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                  only four statements, the <span><strong class="command">options</strong></span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">key</strong></span>, <span><strong class="command">server</strong></span> and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">include</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  statements.  These statements are what associate the
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                  secret keys to the servers with which they are meant to
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews                  be shared.  The order of statements is not
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  significant.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater                  The <span><strong class="command">options</strong></span> statement has
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  three clauses:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">default-server</strong></span>, <span><strong class="command">default-key</strong></span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  and <span><strong class="command">default-port</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">default-server</strong></span> takes a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  host name or address argument  and represents the server
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  that will
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  be contacted if no <code class="option">-s</code>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater                  option is provided on the command line.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">default-key</strong></span> takes
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews                  the name of a key as its argument, as defined by a <span><strong class="command">key</strong></span> statement.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">default-port</strong></span> specifies the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  port to which
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews                  <span><strong class="command">rndc</strong></span> should connect if no
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews                  port is given on the command line or in a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">server</strong></span> statement.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The <span><strong class="command">key</strong></span> statement defines a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  key to be used
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  by <span><strong class="command">rndc</strong></span> when authenticating
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  with
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">named</strong></span>.  Its syntax is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  identical to the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">key</strong></span> statement in <code class="filename">named.conf</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The keyword <strong class="userinput"><code>key</code></strong> is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  followed by a key name, which must be a valid
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  domain name, though it need not actually be hierarchical;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  thus,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  a string like "<strong class="userinput"><code>rndc_key</code></strong>" is a valid
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  name.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The <span><strong class="command">key</strong></span> statement has two
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  clauses:
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater                  <span><strong class="command">algorithm</strong></span> and <span><strong class="command">secret</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  While the configuration parser will accept any string as the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  argument
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  to algorithm, currently only the strings
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  "<strong class="userinput"><code>hmac-md5</code></strong>",
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  "<strong class="userinput"><code>hmac-sha1</code></strong>",
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  "<strong class="userinput"><code>hmac-sha224</code></strong>",
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  "<strong class="userinput"><code>hmac-sha256</code></strong>",
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  "<strong class="userinput"><code>hmac-sha384</code></strong>"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  and "<strong class="userinput"><code>hmac-sha512</code></strong>"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  have any meaning.  The secret is a base-64 encoded string
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  as specified in RFC 3548.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The <span><strong class="command">server</strong></span> statement
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater                  associates a key
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  defined using the <span><strong class="command">key</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  statement with a server.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The keyword <strong class="userinput"><code>server</code></strong> is followed by a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  host name or address.  The <span><strong class="command">server</strong></span> statement
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  has two clauses: <span><strong class="command">key</strong></span> and <span><strong class="command">port</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  The <span><strong class="command">key</strong></span> clause specifies the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  name of the key
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater                  to be used when communicating with this server, and the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <span><strong class="command">port</strong></span> clause can be used to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  specify the port <span><strong class="command">rndc</strong></span> should
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  connect
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  to on the server.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  A sample minimal configuration file is as follows:
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce                </p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<pre class="programlisting">
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Lucekey rndc_key {
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     algorithm "hmac-sha256";
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     secret
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews       "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein};
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austeinoptions {
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     default-server 127.0.0.1;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     default-key    rndc_key;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein};
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  This file, if installed as <code class="filename">/etc/rndc.conf</code>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  would allow the command:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="prompt">$ </code><strong class="userinput"><code>rndc reload</code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  to connect to 127.0.0.1 port 953 and cause the name server
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater                  to reload, if a name server on the local machine were
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  running with
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  following controls statements:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="programlisting">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austeincontrols {
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        inet 127.0.0.1
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            allow { localhost; } keys { rndc_key; };
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein};
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce</pre>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  and it had an identical key statement for
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="literal">rndc_key</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  Running the <span><strong class="command">rndc-confgen</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  program will
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  conveniently create a <code class="filename">rndc.conf</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  file for you, and also display the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  corresponding <span><strong class="command">controls</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  statement that you need to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  add to <code class="filename">named.conf</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  Alternatively,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  you can run <span><strong class="command">rndc-confgen -a</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  to set up
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  a <code class="filename">rndc.key</code> file and not
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  modify
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <code class="filename">named.conf</code> at all.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="sect2" lang="en">
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2569465"></a>Signals</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          Certain UNIX signals cause the name server to take specific
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          actions, as described in the following table.  These signals can
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          be sent using the <span><strong class="command">kill</strong></span> command.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="informaltable"><table border="1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<colgroup>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<col>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<col>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</colgroup>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tbody>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <p><span><strong class="command">SIGHUP</strong></span></p>
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews                </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <p>
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews                    Causes the server to read <code class="filename">named.conf</code> and
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews                    reload the database.
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews                  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater                  <p><span><strong class="command">SIGTERM</strong></span></p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <p>
47012ae6dbf18a2503d7b33c1c9583dc38625cb7Mark Andrews                    Causes the server to clean up and exit.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <p><span><strong class="command">SIGINT</strong></span></p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  <p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                    Causes the server to clean up and exit.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                </td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tbody>
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews</table></div>
47012ae6dbf18a2503d7b33c1c9583dc38625cb7Mark Andrews</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navfooter">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation footer">
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="Bv9ARM.ch02.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center">�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right">�<a accesskey="n" href="Bv9ARM.ch04.html">Next</a>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left" valign="top">Chapter�2.�<acronym class="acronym">BIND</acronym> Resource Requirements�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�Chapter�4.�Advanced DNS Features</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p style="text-align: center;">BIND 9.11.0pre-alpha</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</body>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein