Bv9ARM.ch03.html revision 2cd182921e1b04ccda0a56995c4cc491c882af04
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox User<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
19558a04decde0e7261d489d92d04ad88104217bTinderbox User>Name Server Configuration</TITLE
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsNAME="GENERATOR"
969eaf7df8ac651946f76b6631ff5db568c11ef6Tinderbox UserCONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsTITLE="BIND 9 Administrator Reference Manual"
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox UserREL="PREVIOUS"
8de3f14f1c300c3e1ed99084cc03485b42c92bf1Tinderbox UserTITLE="BIND Resource Requirements"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserTITLE="Advanced DNS Features"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="chapter"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsBGCOLOR="#FFFFFF"
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark AndrewsTEXT="#000000"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsLINK="#0000FF"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsVLINK="#840084"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsALINK="#0000FF"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="NAVHEADER"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserSUMMARY="Header navigation table"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCELLPADDING="0"
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntCELLSPACING="0"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsALIGN="center"
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt>BIND 9 Administrator Reference Manual</TH
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntVALIGN="bottom"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsACCESSKEY="P"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsALIGN="center"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsVALIGN="bottom"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsALIGN="right"
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan HuntVALIGN="bottom"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsACCESSKEY="N"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="chapter"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>Chapter 3. Name Server Configuration</H1
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User>Table of Contents</B
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark AndrewsHREF="Bv9ARM.ch03.html#sample_configuration"
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews>Sample Configurations</A
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt>Load Balancing</A
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User>Name Server Operations</A
8f4e6ea383aa9a953c0adb5be6c4d8dc8dbd5c4aWitold Krecicki>In this section we provide some suggested configurations along
3bd8b5a8fb126e45c67ff53b68183c889cc27918Tinderbox Userwith guidelines for their use. We also address the topic of reasonable
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewsoption setting.</P
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="sect1"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserNAME="sample_configuration"
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson>3.1. Sample Configurations</A
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntCLASS="sect2"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsNAME="AEN257"
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt>3.1.1. A Caching-only Name Server</A
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson>The following sample configuration is appropriate for a caching-only
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Username server for use by clients internal to a corporation. All queries
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewsfrom outside clients are refused using the <B
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>allow-query</B
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafssonoption. Alternatively, the same effect could be achieved using suitable
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Userfirewall rules.</P
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntCLASS="programlisting"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews> // Two corporate subnets we wish to allow queries from.
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrewsacl corpnets { 192.168.4.0/24; 192.168.7.0/24; };
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews allow-query { corpnets; };
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews// Provide a reverse mapping for the loopback address 127.0.0.1
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews type master;
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="sect2"
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark AndrewsNAME="AEN262"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>3.1.2. An Authoritative-only Name Server</A
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews>This sample configuration is for an authoritative-only server
7f9e2fff07b9c17e0d7a0ea7abc9304ce9d01b61Tinderbox Userthat is the master server for "<TT
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox Userand a slave for the subdomain "<TT
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="programlisting"
01a5c5503482fb3ba52088bf0178a7213273bf96Mark Andrews> options {
361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User directory "/etc/namedb"; // Working directory
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews allow-query { any; }; // This is the default
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User recursion no; // Do not provide recursive service
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt// Provide a reverse mapping for the loopback address 127.0.0.1
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt// We are the master server for example.com
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User // IP addresses of slave servers allowed to transfer example.com
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews allow-transfer {
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt 192.168.4.14;
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews 192.168.5.53;
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User// We are a slave server for eng.example.com
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User // IP address of eng.example.com master server
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson masters { 192.168.4.12; };
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="sect1"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsNAME="AEN268"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User>3.2. Load Balancing</A
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>A primitive form of load balancing can be achieved in
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="acronym"
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson> by using multiple A records for one name.</P
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>For example, if you have three WWW servers with network addresses
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Huntof 10.0.0.1, 10.0.0.2 and 10.0.0.3, a set of records such as the
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsfollowing means that clients will connect to each machine one third
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Userof the time:</P
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserCLASS="informaltable"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox UserCELLPADDING="3"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox UserCLASS="CALSTABLE"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Resource Record (RR) Data</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="literal"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="literal"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="literal"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="literal"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="literal"
7d638dd31ecb633aaefca994b60b70c58b5def03Tinderbox User>10.0.0.1</VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="literal"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox UserCLASS="literal"
a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox UserCLASS="literal"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="literal"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews>10.0.0.2</VAR
4b61b671f5de767ec1d1b8e6cf7b849bddf08e98Tinderbox UserCLASS="literal"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="literal"
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark AndrewsCLASS="literal"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="literal"
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt>10.0.0.3</VAR
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews>When a resolver queries for these records, <ACRONYM
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="acronym"
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt>BIND</ACRONYM
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews> will rotate
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews them and respond to the query with the records in a different
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews order. In the example above, clients will randomly receive
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews records in the order 1, 2, 3; 2, 3, 1; and 3, 1, 2. Most clients
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews will use the first record returned and discard the rest.</P
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews>For more detail on ordering responses, check the
ab833877278ad5535eef57e4f62291becaea5bc5Mark AndrewsCLASS="command"
fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews>rrset-order</B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> substatement in the
168cf0ede1cf13a095e48af6749d88fbc432f096Evan HuntCLASS="command"
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews> statement, see
168cf0ede1cf13a095e48af6749d88fbc432f096Evan HuntHREF="Bv9ARM.ch06.html#rrset_ordering"
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews>RRset Ordering</I
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews This substatement is not supported in
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark AndrewsCLASS="acronym"
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews>BIND</ACRONYM
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews> 9, and only the ordering scheme described above is
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews available.</P
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark AndrewsCLASS="sect1"
8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark AndrewsCLASS="sect1"
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark AndrewsNAME="AEN345"
4840ef4581a577a29a18d180b6bc2e7355378ed7Mark Andrews>3.3. Name Server Operations</A
8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark AndrewsCLASS="sect2"
ab833877278ad5535eef57e4f62291becaea5bc5Mark AndrewsCLASS="sect2"
ab833877278ad5535eef57e4f62291becaea5bc5Mark AndrewsNAME="AEN347"
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews>3.3.1. Tools for Use With the Name Server Daemon</A
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrews>There are several indispensable diagnostic, administrative
3bd8b5a8fb126e45c67ff53b68183c889cc27918Tinderbox Userand monitoring tools available to the system administrator for controlling
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox Userand debugging the name server daemon. We describe several in this
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="sect3"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="sect3"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsNAME="diagnostic_tools"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews>3.3.1.1. Diagnostic Tools</A
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews> programs are all command line tools
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Huntfor manually querying name servers. They differ in style and
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsoutput format.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="variablelist"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>The domain information groper (<B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsis the most versatile and complete of these lookup tools.
a5636b773fa05a272b6876afd99309c0b3090e2fMark AndrewsIt has two modes: simple interactive
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsmode for a single query, and batch mode which executes a query for
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrewseach in a list of several query lines. All query options are accessible
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsfrom the command line.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>query-type</VAR
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>query-class</VAR
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>query-option</VAR
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>dig-option</VAR
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>The usual simple use of dig will take the form</P
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>dig @server domain query-type query-class</B
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>For more information and a list of available commands and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonoptions, see the <B
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington> man page.</P
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington> utility emphasizes simplicity
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonand ease of use. By default, it converts
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonbetween host names and Internet addresses, but its functionality
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewscan be extended with the use of options.</P
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt> [-aCdlrTwv] [-c <VAR
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="replaceable"
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterCLASS="replaceable"
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterCLASS="replaceable"
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterCLASS="replaceable"
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterCLASS="replaceable"
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterCLASS="replaceable"
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox UserCLASS="replaceable"
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User>For more information and a list of available commands and
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox Useroptions, see the <B
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox UserCLASS="command"
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User> man page.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews> has two modes: interactive
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsand non-interactive. Interactive mode allows the user to query name servers
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsfor information about various hosts and domains or to print a list
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewsof hosts in a domain. Non-interactive mode is used to print just
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Huntthe name and requested information for a host or domain.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> [-option...] [<VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>host-to-find</VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> | - [server]]</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Interactive mode is entered when no arguments are given (the
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsdefault name server will be used) or when the first argument is a
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewshyphen (`-') and the second argument is the host name or Internet address
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsof a name server.</P
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt>Non-interactive mode is used when the name or Internet address
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsof the host to be looked up is given as the first argument. The
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsoptional second argument specifies the host name or address of a name server.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Due to its arcane user interface and frequently inconsistent
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsbehavior, we do not recommend the use of <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonNAME="admin_tools"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>3.3.1.2. Administrative Tools</A
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>Administrative tools play an integral part in the management
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonof a server.</P
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark AndrewsCLASS="variablelist"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsNAME="named-checkconf"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="command"
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt>named-checkconf</B
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>named-checkconf</B
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews checks the syntax of a <TT
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan HuntCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>named-checkconf</B
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark AndrewsCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>directory</VAR
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>filename</VAR
b7aab05edae933e169d5f83c653935b17c7f0a8bMark AndrewsNAME="named-checkzone"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
409ba95e573b40cf36acf97dd62ee7e9c7775851Tinderbox User>named-checkzone</B
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>named-checkzone</B
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington> program checks a master file for
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews syntax and consistency.</P
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>named-checkzone</B
30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt> [-dq] [-c <VAR
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>filename</VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>The remote name daemon control
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
872e1437295dce8162ac7374317d593320ac2dd6Tinderbox User>) program allows the system
872e1437295dce8162ac7374317d593320ac2dd6Tinderbox User administrator to control the operation of a name server.
872e1437295dce8162ac7374317d593320ac2dd6Tinderbox User If you run <B
872e1437295dce8162ac7374317d593320ac2dd6Tinderbox UserCLASS="command"
872e1437295dce8162ac7374317d593320ac2dd6Tinderbox User> without any options
872e1437295dce8162ac7374317d593320ac2dd6Tinderbox User it will display a usage message as follows:</P
872e1437295dce8162ac7374317d593320ac2dd6Tinderbox UserCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark AndrewsCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark AndrewsCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington> is one of the following:</P
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="variablelist"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Reload configuration file and zones.</P
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="userinput"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="optional"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="optional"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Reload the given zone.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>refresh <VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="optional"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="optional"
ae454ec746d1d4db8d04e107d4d25ff13158c37fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Schedule zone maintenance for the given zone.</P
34d1f3b65324f8fcf358fa2f47891441d4b1d2f0Tinderbox UserCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>retransfer <VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="optional"
f4ee48be3994797a8332b86c101db4d7b54799ceTinderbox UserCLASS="replaceable"
f4ee48be3994797a8332b86c101db4d7b54799ceTinderbox UserCLASS="optional"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Retransfer the given zone from the master.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="optional"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="optional"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Suspend updates to a dynamic zone. This allows manual
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews edits to be made to a zone normally updated by dynamic update. It
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews also causes changes in the journal file to be synced into the master
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews and the journal file to be removed. All dynamic update attempts will
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews be refused while the zone is frozen.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>unfreeze <VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
7f9e2fff07b9c17e0d7a0ea7abc9304ce9d01b61Tinderbox UserCLASS="optional"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark AndrewsCLASS="optional"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Enable updates to a frozen dynamic zone. This causes
ec8755f605d7dcb2de1076040e77bc2d7ec33b4aTinderbox User the server to reload the zone from disk, and re-enables dynamic updates
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews after the load has completed. After a zone is unfrozen, dynamic updates
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews will no longer be refused.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>reconfig</KBD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Reload the configuration file and load new zones,
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews but do not reload existing zone files even if they have changed.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews This is faster than a full <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews is a large number of zones because it avoids the need to examine the
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews modification times of the zones files.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Write server statistics to the statistics file.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
7f9e2fff07b9c17e0d7a0ea7abc9304ce9d01b61Tinderbox User>querylog</KBD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Toggle query logging. Query logging can also be enabled
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews by explicitly directing the <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian WellingtonCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
9160e27507ba636887f6352bee5cb3729108fc76Tinderbox UserCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
dda78c0f84895c174ef7206dca6082939c030792Tinderbox UserCLASS="userinput"
cdf1c3d486ec082ef6c92297d22d54a67cca0c90Tinderbox User>Dump the server's caches to the dump file. </P
6c2a76b3e2ccd32c35814b6e0f54da00190749d7Evan HuntCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Stop the server,
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews making sure any recent changes
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews made through dynamic update or IXFR are first saved to the master files
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews of the updated zones.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
4c3d55cb2d2db8a4c52c99b0a76109fb3fe32151Mark Andrews>Stop the server immediately. Recent changes
4c3d55cb2d2db8a4c52c99b0a76109fb3fe32151Mark Andrews made through dynamic update or IXFR are not saved to the master files,
4c3d55cb2d2db8a4c52c99b0a76109fb3fe32151Mark Andrews but will be rolled forward from the journal files when the server
4c3d55cb2d2db8a4c52c99b0a76109fb3fe32151Mark Andrews is restarted.</P
4c3d55cb2d2db8a4c52c99b0a76109fb3fe32151Mark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Increment the servers debugging level by one. </P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="replaceable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Sets the server's debugging level to an explicit
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>notrace</KBD
361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User>Sets the server's debugging level to 0.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Flushes the server's cache.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews>Display status of the server.
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark AndrewsNote the number of zones includes the internal <B
b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsand the default <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt> hint zone if there is not a
b123be91958e0bc58a10c165be64d47661199e3bEvan Huntexplicit root zone configured.</P
b123be91958e0bc58a10c165be64d47661199e3bEvan HuntCLASS="acronym"
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt>BIND</ACRONYM
dda78c0f84895c174ef7206dca6082939c030792Tinderbox UserCLASS="command"
b123be91958e0bc58a10c165be64d47661199e3bEvan Huntsupports all the commands of the BIND 8 <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsutility except <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>ndc start</B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>ndc restart</B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>, which were also
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsnot supported in <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>'s channel mode.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>A configuration file is required, since all
dda78c0f84895c174ef7206dca6082939c030792Tinderbox Usercommunication with the server is authenticated with
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsdigital signatures that rely on a shared secret, and
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsthere is no way to provide that secret other than with a
06ea55a43397bc38c34a6d7e5c6219fe483edbb2Tinderbox Userconfiguration file. The default location for the
8f3657636521817d2971ae29aa3fb66e33709753Mark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> configuration file is
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>, but an alternate
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewslocation can be specified with the <VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="option"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsoption. If the configuration file is not found,
06ea55a43397bc38c34a6d7e5c6219fe483edbb2Tinderbox UserCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> will also look in
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> (or whatever
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="varname"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>sysconfdir</VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> was defined when
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="acronym"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>BIND</ACRONYM
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> build was configured).
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> file is generated by
9dde9ce5558696850b6b9850a8475ae518409518Tinderbox UserCLASS="command"
ecbc7ebb243a1f8a5dc6f28185ffe9e61d3b2102Mark Andrews>rndc-confgen -a</B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> as described in
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsHREF="Bv9ARM.ch06.html#controls_statement_definition_and_usage"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Section 6.2.4</A
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>The format of the configuration file is similar to
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
dda78c0f84895c174ef7206dca6082939c030792Tinderbox User>, but limited to
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrewsonly four statements, the <B
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark AndrewsCLASS="command"
ab833877278ad5535eef57e4f62291becaea5bc5Mark AndrewsCLASS="command"
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark AndrewsCLASS="command"
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark AndrewsCLASS="command"
ab833877278ad5535eef57e4f62291becaea5bc5Mark Andrewsstatements. These statements are what associate the
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrewssecret keys to the servers with which they are meant to
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrewsbe shared. The order of statements is not
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrewssignificant.</P
95c3a5e116c1da135f669c3f15398172fac6279dMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> statement has three clauses:
dda78c0f84895c174ef7206dca6082939c030792Tinderbox UserCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>default-server</B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>default-key</B
2fee8782a6fd57d86a67949092ab9197111af390Evan HuntCLASS="command"
2fee8782a6fd57d86a67949092ab9197111af390Evan Hunt>default-port</B
2fee8782a6fd57d86a67949092ab9197111af390Evan HuntCLASS="command"
2fee8782a6fd57d86a67949092ab9197111af390Evan Hunt>default-server</B
2fee8782a6fd57d86a67949092ab9197111af390Evan Hunthost name or address argument and represents the server that will
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsbe contacted if no <VAR
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="option"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsoption is provided on the command line.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>default-key</B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsthe name of a key as its argument, as defined by a <B
dda78c0f84895c174ef7206dca6082939c030792Tinderbox UserCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>default-port</B
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User> specifies the port to which
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> should connect if no
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsport is given on the command line or in a
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> statement.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> statement defines an key to be used
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> when authenticating with
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>. Its syntax is identical to the
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThe keyword <KBD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsfollowed by a key name, which must be a valid
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsdomain name, though it need not actually be hierarchical; thus,
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsa string like "<KBD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>rndc_key</KBD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>" is a valid name.
872e1437295dce8162ac7374317d593320ac2dd6Tinderbox UserCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> statement has two clauses:
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>algorithm</B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsWhile the configuration parser will accept any string as the argument
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsto algorithm, currently only the string "<KBD
dda78c0f84895c174ef7206dca6082939c030792Tinderbox UserCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>hmac-md5</KBD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewshas any meaning. The secret is a base-64 encoded string.</P
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox UserCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> statement associates a key
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsdefined using the <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> statement with a server.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThe keyword <KBD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="userinput"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> is followed by a
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewshost name or address. The <B
dda78c0f84895c174ef7206dca6082939c030792Tinderbox UserCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewshas two clauses: <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> clause specifies the name of the key
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsto be used when communicating with this server, and the
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> clause can be used to
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsspecify the port <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> should connect
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsto on the server.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>A sample minimal configuration file is as follows:</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="programlisting"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> key rndc_key {
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews algorithm "hmac-md5";
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews default-server 127.0.0.1;
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews default-key rndc_key;
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>This file, if installed as <TT
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewswould allow the command:</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="prompt"
2da2220fe7af2c45724b50b0187523b1fab0cf08Rob AusteinCLASS="userinput"
e1a389f7478d094ffbe592df28328a10d484cb38Tinderbox User>rndc reload</KBD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>to connect to 127.0.0.1 port 953 and cause the name server
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsto reload, if a name server on the local machine were running with
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsfollowing controls statements:</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="programlisting"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> controls {
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>and it had an identical key statement for
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="literal"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>rndc_key</VAR
e1a389f7478d094ffbe592df28328a10d484cb38Tinderbox User>Running the <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
e1a389f7478d094ffbe592df28328a10d484cb38Tinderbox User>rndc-confgen</B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> program will
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsconveniently create a <TT
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsfile for you, and also display the
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewscorresponding <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> statement that you need to
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>. Alternatively,
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsyou can run <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>rndc-confgen -a</B
e1a389f7478d094ffbe592df28328a10d484cb38Tinderbox UserCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> file and not modify
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="sect2"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="sect2"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsNAME="AEN679"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>3.3.2. Signals</A
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Certain UNIX signals cause the name server to take specific
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsactions, as described in the following table. These signals can
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsbe sent using the <B
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> command.</P
549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox UserCLASS="informaltable"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsNAME="AEN683"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCELLPADDING="3"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="CALSTABLE"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
ae454ec746d1d4db8d04e107d4d25ff13158c37fMark Andrews>Causes the server to read <TT
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="filename"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsreload the database. </P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="command"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Causes the server to clean up and exit.</P
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark AndrewsCLASS="command"
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews>Causes the server to clean up and exit.</P
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="NAVFOOTER"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsSUMMARY="Footer navigation table"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCELLPADDING="0"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCELLSPACING="0"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsACCESSKEY="P"
dda78c0f84895c174ef7206dca6082939c030792Tinderbox UserALIGN="center"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsACCESSKEY="H"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsALIGN="right"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCLASS="acronym"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>BIND</ACRONYM
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews> Resource Requirements</TD
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsALIGN="center"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsALIGN="right"
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews>Advanced DNS Features</TD