Bv9ARM.ch12.html revision 9d557856c2a19ec95ee73245f60a92f8675cf5ba
dd1ce8b52478fa98c844720af9e77fae2978f18dTinderbox User - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - Copyright (C) 2000-2003 Internet Software Consortium.
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - Permission to use, copy, modify, and/or distribute this software for any
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - purpose with or without fee is hereby granted, provided that the above
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - copyright notice and this permission notice appear in all copies.
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont - PERFORMANCE OF THIS SOFTWARE.
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<title>Appendix�D.�BIND 9 DNS Library Support</title>
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<link rel="prev" href="Bv9ARM.ch11.html" title="Appendix�C.�General DNS Reference Information">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<link rel="next" href="Bv9ARM.ch13.html" title="Manual pages">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<table width="100%" summary="Navigation header">
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<tr><th colspan="3" align="center">Appendix�D.�BIND 9 DNS Library Support</th></tr>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<a accesskey="p" href="Bv9ARM.ch11.html">Prev</a>�</td>
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch13.html">Next</a>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<div class="titlepage"><div><div><h1 class="title">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<a name="Bv9ARM.ch12"></a>BIND 9 DNS Library Support</h1></div></div></div>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="section"><a href="Bv9ARM.ch12.html#bind9.library">BIND 9 DNS Library Support</a></span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.4">Prerequisite</a></span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.5">Compilation</a></span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.6">Installation</a></span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.7">Known Defects/Restrictions</a></span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.8">The dns.conf File</a></span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.9">Sample Applications</a></span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.10">Library References</a></span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<div class="titlepage"><div><div><h2 class="title" style="clear: both">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<a name="bind9.library"></a>BIND 9 DNS Library Support</h2></div></div></div>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<p>This version of BIND 9 "exports" its internal libraries so
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User that they can be used by third-party applications more easily (we
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User call them "export" libraries in this document). In addition to
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User all major DNS-related APIs BIND 9 is currently using, the export
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User libraries provide the following features:</p>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<li class="listitem"><p>The newly created "DNS client" module. This is a higher
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User level API that provides an interface to name resolution,
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User single DNS transaction with a particular server, and dynamic
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User update. Regarding name resolution, it supports advanced
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User features such as DNSSEC validation and caching. This module
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User supports both synchronous and asynchronous mode.</p></li>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<li class="listitem"><p>The new "IRS" (Information Retrieval System) library.
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User It provides an interface to parse the traditional resolv.conf
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User file and more advanced, DNS-specific configuration file for
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User the rest of this package (see the description for the
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<li class="listitem"><p>As part of the IRS library, newly implemented standard
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont address-name mapping functions, getaddrinfo() and
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User getnameinfo(), are provided. They use the DNSSEC-aware
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater validating resolver backend, and could use other advanced
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater features of the BIND 9 libraries such as caching. The
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater getaddrinfo() function resolves both A and AAAA RRs
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater concurrently (when the address family is unspecified).</p></li>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<li class="listitem"><p>An experimental framework to support other event
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User libraries than BIND 9's internal event task system.</p></li>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<div class="titlepage"><div><div><h3 class="title">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<a name="id-1.13.2.4"></a>Prerequisite</h3></div></div></div>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<p>GNU make is required to build the export libraries (other
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont part of BIND 9 can still be built with other types of make). In
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont the reminder of this document, "make" means GNU make. Note that
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User in some platforms you may need to invoke a different command name
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont than "make" (e.g. "gmake") to indicate it's GNU make.</p>
aaaf8d4f4873d21e55c3ffb4f656203d08339865Mark Andrews<div class="titlepage"><div><div><h3 class="title">
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater<a name="id-1.13.2.5"></a>Compilation</h3></div></div></div>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User$ <strong class="userinput"><code>/configure --enable-exportlib <em class="replaceable"><code>[other flags]</code></em></code></strong>
2a6d4c9948b3f4f31311bd799d114585a30419a9Automatic Updater$ <strong class="userinput"><code>make</code></strong>
8e821eea5f57ac47a94305aa7ab0c3570d92a311Automatic Updater This will create (in addition to usual BIND 9 programs) and a
8e821eea5f57ac47a94305aa7ab0c3570d92a311Automatic Updater separate set of libraries under the lib/export directory. For
2a6d4c9948b3f4f31311bd799d114585a30419a9Automatic Updater example, <code class="filename">lib/export/dns/libdns.a</code> is the archive file of the
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User export version of the BIND 9 DNS library. Sample application
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont programs using the libraries will also be built under the
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont lib/export/samples directory (see below).</p>
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<div class="titlepage"><div><div><h3 class="title">
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<a name="id-1.13.2.6"></a>Installation</h3></div></div></div>
2a6d4c9948b3f4f31311bd799d114585a30419a9Automatic Updater$ <strong class="userinput"><code>cd lib/export</code></strong>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User$ <strong class="userinput"><code>make install</code></strong>
2a6d4c9948b3f4f31311bd799d114585a30419a9Automatic Updater This will install library object files under the directory
2a6d4c9948b3f4f31311bd799d114585a30419a9Automatic Updater specified by the --with-export-libdir configure option (default:
2a6d4c9948b3f4f31311bd799d114585a30419a9Automatic Updater EPREFIX/lib/bind9), and header files under the directory
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User specified by the --with-export-includedir configure option
8ec3c085233cedb22b05da36e2773c8f357a7e45Automatic Updater Root privilege is normally required.
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User "<span class="command"><strong>make install</strong></span>" at the top directory will do the
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User To see how to build your own
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User application after the installation, see
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User <code class="filename">lib/export/samples/Makefile-postinstall.in</code>.</p>
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User<div class="titlepage"><div><div><h3 class="title">
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User<a name="id-1.13.2.7"></a>Known Defects/Restrictions</h3></div></div></div>
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<li class="listitem"><p>Currently, win32 is not supported for the export
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont library. (Normal BIND 9 application can be built as
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User<p>The "fixed" RRset order is not (currently) supported in
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User the export library. If you want to use "fixed" RRset order
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User for, e.g. <span class="command"><strong>named</strong></span> while still building the
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User export library even without the fixed order support, build
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User them separately:
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User$ <strong class="userinput"><code>/configure --enable-fixed-rrset <em class="replaceable"><code>[other flags, but not --enable-exportlib]</code></em></code></strong>
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User$ <strong class="userinput"><code>make</code></strong>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User$ <strong class="userinput"><code>/configure --enable-exportlib <em class="replaceable"><code>[other flags, but not --enable-fixed-rrset]</code></em></code></strong>
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User$ <strong class="userinput"><code>cd lib/export</code></strong>
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User$ <strong class="userinput"><code>make</code></strong>
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User<li class="listitem"><p>The client module and the IRS library currently do not
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User support DNSSEC validation using DLV (the underlying modules
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User can handle it, but there is no tunable interface to enable
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User<li class="listitem"><p>RFC 5011 is not supported in the validating stub
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User resolver of the export library. In fact, it is not clear
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User whether it should: trust anchors would be a system-wide
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User configuration which would be managed by an administrator,
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User while the stub resolver will be used by ordinary applications
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User<li class="listitem"><p>Not all common <code class="filename">/etc/resolv.conf</code>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User options are supported
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont in the IRS library. The only available options in this
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<div class="titlepage"><div><div><h3 class="title">
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<a name="id-1.13.2.8"></a>The dns.conf File</h3></div></div></div>
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<p>The IRS library supports an "advanced" configuration file
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater related to the DNS library for configuration parameters that
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User would be beyond the capability of the
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User <code class="filename">resolv.conf</code> file.
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater Specifically, it is intended to provide DNSSEC related
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User configuration parameters. By default the path to this
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User configuration file is <code class="filename">/etc/dns.conf</code>.
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater This module is very
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User experimental and the configuration syntax or library interfaces
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater may change in future versions. Currently, only the
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater <span class="command"><strong>trusted-keys</strong></span>
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater statement is supported, whose syntax is the same as the same name
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater of statement for <code class="filename">named.conf</code>. (See
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater <a class="xref" href="Bv9ARM.ch06.html#trusted-keys" title="trusted-keys Statement Grammar">the section called “<span class="command"><strong>trusted-keys</strong></span> Statement Grammar”</a> for details.)</p>
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<div class="titlepage"><div><div><h3 class="title">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<a name="id-1.13.2.9"></a>Sample Applications</h3></div></div></div>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<p>Some sample application programs using this API are
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont provided for reference. The following is a brief description of
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont these applications.
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<div class="titlepage"><div><div><h4 class="title">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<a name="id-1.13.2.9.3"></a>sample: a simple stub resolver utility</h4></div></div></div>
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont It sends a query of a given name (of a given optional RR type) to a
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater specified recursive server, and prints the result as a list of
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User RRs. It can also act as a validating stub resolver if a trust
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User anchor is given via a set of command line options.</p>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User Usage: sample [options] server_address hostname
f8e3e03cacd16ffb923a9603fca23a9e1a1fee07Automatic Updater Options and Arguments:
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<div class="variablelist"><dl class="variablelist">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User specify the RR type of the query. The default is the A RR.
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater [-a algorithm] [-e] -k keyname -K keystring
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User specify a command-line DNS key to validate the answer. For
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User example, to specify the following DNSKEY of example.com:
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User specify the options as follows:
a3f8c8e20780e488141d200acdfea6c5f3303513Automatic Updater -e means that this key is a zone's "key signing key" (as known
a3f8c8e20780e488141d200acdfea6c5f3303513Automatic Updater as "secure Entry point").
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User When -a is omitted rsasha1 will be used by default.
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User -s domain:alt_server_address
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont specify a separate recursive server address for the specific
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont "domain". Example: -s example.com:2001:db8::1234
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<dt><span class="term">server_address</span></dt>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User an IP(v4/v6) address of the recursive server to which queries
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User the domain name for the query
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<div class="titlepage"><div><div><h4 class="title">
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont<a name="id-1.13.2.9.4"></a>sample-async: a simple stub resolver, working asynchronously</h4></div></div></div>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User Similar to "sample", but accepts a list
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont of (query) domain names as a separate file and resolves the names
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont asynchronously.</p>
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont Usage: sample-async [-s server_address] [-t RR_type] input_file</p>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User Options and Arguments:
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<div class="variablelist"><dl class="variablelist">
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont -s server_address
6f1205897504b8f50b1785975482c995888dd630Tinderbox User an IPv4 address of the recursive server to which queries are sent.
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User (IPv6 addresses are not supported in this implementation)
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User specify the RR type of the queries. The default is the A
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User a list of domain names to be resolved. each line
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User consists of a single domain name. Example:
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater<div class="titlepage"><div><div><h4 class="title">
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater<a name="id-1.13.2.9.5"></a>sample-request: a simple DNS transaction client</h4></div></div></div>
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater It sends a query to a specified server, and
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater prints the response with minimal processing. It doesn't act as a
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater "stub resolver": it stops the processing once it gets any
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User response from the server, whether it's a referral or an alias
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User (CNAME or DNAME) that would require further queries to get the
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater ultimate answer. In other words, this utility acts as a very
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User simplified <span class="command"><strong>dig</strong></span>.
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User Usage: sample-request [-t RRtype] server_address hostname
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater Options and Arguments:
f8e3e03cacd16ffb923a9603fca23a9e1a1fee07Automatic Updater<div class="variablelist"><dl class="variablelist">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User specify the RR type of
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater the queries. The default is the A RR.
f8e3e03cacd16ffb923a9603fca23a9e1a1fee07Automatic Updater server_address
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User address of the recursive server to which the query is sent.
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User the domain name for the query
f8e3e03cacd16ffb923a9603fca23a9e1a1fee07Automatic Updater<div class="titlepage"><div><div><h4 class="title">
f8e3e03cacd16ffb923a9603fca23a9e1a1fee07Automatic Updater<a name="id-1.13.2.9.6"></a>sample-gai: getaddrinfo() and getnameinfo() test code</h4></div></div></div>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User This is a test program
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater to check getaddrinfo() and getnameinfo() behavior. It takes a
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User host name as an argument, calls getaddrinfo() with the given host
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User name, and calls getnameinfo() with the resulting IP addresses
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater returned by getaddrinfo(). If the dns.conf file exists and
f8e3e03cacd16ffb923a9603fca23a9e1a1fee07Automatic Updater defines a trust anchor, the underlying resolver will act as a
f8e3e03cacd16ffb923a9603fca23a9e1a1fee07Automatic Updater validating resolver, and getaddrinfo()/getnameinfo() will fail
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User with an EAI_INSECUREDATA error when DNSSEC validation fails.
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User Usage: sample-gai hostname
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<div class="titlepage"><div><div><h4 class="title">
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<a name="id-1.13.2.9.7"></a>sample-update: a simple dynamic update client program</h4></div></div></div>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User It accepts a single update command as a
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User command-line argument, sends an update request message to the
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User authoritative server, and shows the response from the server. In
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User other words, this is a simplified <span class="command"><strong>nsupdate</strong></span>.
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User Usage: sample-update [options] (add|delete) "update data"
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User Options and Arguments:
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<div class="variablelist"><dl class="variablelist">
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User -a auth_server
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater An IP address of the authoritative server that has authority
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User for the zone containing the update name. This should normally
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User be the primary authoritative server that accepts dynamic
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User updates. It can also be a secondary server that is configured
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User to forward update requests to the primary server.
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont A TSIG key file to secure the update transaction. The keyfile
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont format is the same as that for the nsupdate utility.
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User -p prerequisite
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User A prerequisite for the update (only one prerequisite can be
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User specified). The prerequisite format is the same as that is
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User accepted by the nsupdate utility.
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User -r recursive_server
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont An IP address of a recursive server that this utility will
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User use. A recursive server may be necessary to identify the
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User authoritative server address to which the update request is
c7d32c0b0ff4c01f0d4479af3410d3c06044d48aAutomatic Updater The domain name of the zone that contains
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont Specify the type of update operation. Either "add" or "delete"
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont must be specified.
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont Specify the data to be updated. A typical example of the data
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User would look like "name TTL RRtype RDATA".
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User<h3 class="title">Note</h3>In practice, either -a or -r must be specified. Others can
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User be optional; the underlying library routine tries to identify the
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User appropriate server and the zone name for the update.</div>
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User Examples: assuming the primary authoritative server of the
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User dynamic.example.com zone has an IPv6 address 2001:db8::1234,
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key add "foo.dynamic.example.com 30 IN A 192.168.2.1"</code></strong></pre>
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont adds an A RR for foo.dynamic.example.com using the given key.
90f35c2f2a1c660f3b96eec413036d238df395f6Francis Dupont$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key delete "foo.dynamic.example.com 30 IN A"</code></strong></pre>
removes all A RRs for foo.dynamic.example.com using the given key.
$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key delete "foo.dynamic.example.com"</code></strong></pre>
removes all RRs for foo.dynamic.example.com using the given key.
<a name="id-1.13.2.9.8"></a>nsprobe: domain/name server checker in terms of RFC 4074</h4></div></div></div>
"example.com". In general this domain name must be the apex
"www.example.com"). nsprobe first identifies the NS RRsets for