doc/arm/Bv9ARM.ch12.html

	Bv9ARM.ch12.html revision f0aad5341752aefe5059832f6cf3abc3283c6e16
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater<!--
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2016 Internet Systems Consortium, Inc. ("ISC")
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - This Source Code Form is subject to the terms of the Mozilla Public
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - License, v. 2.0. If a copy of the MPL was not distributed with this
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - file, You can obtain one at http://mozilla.org/MPL/2.0/.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein-->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<html lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<title>Appendix�D.�BIND 9 DNS Library Support</title>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="Bv9ARM.ch11.html" title="Appendix�C.�General DNS Reference Information">
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater<link rel="next" href="Bv9ARM.ch13.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navheader">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation header">
e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<tr><th colspan="3" align="center">Appendix�D.�BIND 9 DNS Library Support</th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="Bv9ARM.ch11.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<th width="60%" align="center">�</th>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch13.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="appendix">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h1 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="Bv9ARM.ch12"></a>BIND 9 DNS Library Support</h1></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="toc">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><b>Table of Contents</b></p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dl class="toc">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch12.html#bind9.library">BIND 9 DNS Library Support</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.4">Prerequisite</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.5">Compilation</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.6">Installation</a></span></dt>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.7">Known Defects/Restrictions</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.8">The dns.conf File</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.9">Sample Applications</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="section"><a href="Bv9ARM.ch12.html#id-1.13.2.10">Library References</a></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h2 class="title" style="clear: both">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="bind9.library"></a>BIND 9 DNS Library Support</h2></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>This version of BIND 9 "exports" its internal libraries so
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater  that they can be used by third-party applications more easily (we
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  call them "export" libraries in this document). In addition to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  all major DNS-related APIs BIND 9 is currently using, the export
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater  libraries provide the following features:</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem"><p>The newly created "DNS client" module. This is a higher
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater      level API that provides an interface to name resolution,
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater      single DNS transaction with a particular server, and dynamic
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      update. Regarding name resolution, it supports advanced
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater      features such as DNSSEC validation and caching. This module
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater      supports both synchronous and asynchronous mode.</p></li>
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater<li class="listitem"><p>The new "IRS" (Information Retrieval System) library.
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater      It provides an interface to parse the traditional resolv.conf
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      file and more advanced, DNS-specific configuration file for
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater      the rest of this package (see the description for the
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater      dns.conf file below).</p></li>
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater<li class="listitem"><p>As part of the IRS library, newly implemented standard
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater      address-name mapping functions, getaddrinfo() and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      getnameinfo(), are provided. They use the DNSSEC-aware
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater      validating resolver backend, and could use other advanced
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      features of the BIND 9 libraries such as caching. The
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      getaddrinfo() function resolves both A and AAAA RRs
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      concurrently (when the address family is unspecified).</p></li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem"><p>An experimental framework to support other event
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      libraries than BIND 9's internal event task system.</p></li>
a1ad6695ed6f988406cf155aa26376f84f73bcb9Automatic Updater</ul></div>
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater<div class="section">
a1ad6695ed6f988406cf155aa26376f84f73bcb9Automatic Updater<div class="titlepage"><div><div><h3 class="title">
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater<a name="id-1.13.2.4"></a>Prerequisite</h3></div></div></div>
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater<p>GNU make is required to build the export libraries (other
2895f101b5585a19015ac2c2c1e1812ac467fa12Automatic Updater  part of BIND 9 can still be built with other types of make). In
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater  the reminder of this document, "make" means GNU make. Note that
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater  in some platforms you may need to invoke a different command name
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  than "make" (e.g. "gmake") to indicate it's GNU make.</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.13.2.5"></a>Compilation</h3></div></div></div>
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater<pre class="screen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>/configure --enable-exportlib <em class="replaceable"><code>[other flags]</code></em></code></strong>
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater$ <strong class="userinput"><code>make</code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater  This will create (in addition to usual BIND 9 programs) and a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  separate set of libraries under the lib/export directory. For
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater  example, <code class="filename">lib/export/dns/libdns.a</code> is the archive file of the
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater  export version of the BIND 9 DNS library. Sample application
3c9cf7efb97991f9871bc5633e7ed1cae0932a37Automatic Updater  programs using the libraries will also be built under the
7208386cd37a2092c70eddf80cf29519b16c4c80Mark Andrews  lib/export/samples directory (see below).</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
507151045be68c671ffd4e2f37e17cdfa0376fc4Automatic Updater<div class="section">
507151045be68c671ffd4e2f37e17cdfa0376fc4Automatic Updater<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.13.2.6"></a>Installation</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="screen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>cd lib/export</code></strong>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews$ <strong class="userinput"><code>make install</code></strong>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews</pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews  This will install library object files under the directory
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews  specified by the --with-export-libdir configure option (default:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  EPREFIX/lib/bind9), and header files under the directory
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  specified by the --with-export-includedir configure option
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews  (default: PREFIX/include/bind9).
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  Root privilege is normally required.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  "<span class="command"><strong>make install</strong></span>" at the top directory will do the
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews  same.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  To see how to build your own
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  application after the installation, see
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  <code class="filename">lib/export/samples/Makefile-postinstall.in</code>.</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<a name="id-1.13.2.7"></a>Known Defects/Restrictions</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem"><p>Currently, win32 is not supported for the export
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      library. (Normal BIND 9 application can be built as
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      before).</p></li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>The "fixed" RRset order is not (currently) supported in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      the export library. If you want to use "fixed" RRset order
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      for, e.g. <span class="command"><strong>named</strong></span> while still building the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      export library even without the fixed order support, build
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      them separately:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="screen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>/configure --enable-fixed-rrset <em class="replaceable"><code>[other flags, but not --enable-exportlib]</code></em></code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>make</code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>/configure --enable-exportlib <em class="replaceable"><code>[other flags, but not --enable-fixed-rrset]</code></em></code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>cd lib/export</code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>make</code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem"><p>The client module and the IRS library currently do not
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      support DNSSEC validation using DLV (the underlying modules
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      can handle it, but there is no tunable interface to enable
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      the feature).</p></li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem"><p>RFC 5011 is not supported in the validating stub
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      resolver of the export library. In fact, it is not clear
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      whether it should: trust anchors would be a system-wide
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      configuration which would be managed by an administrator,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      while the stub resolver will be used by ordinary applications
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      run by a normal user.</p></li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<li class="listitem"><p>Not all common <code class="filename">/etc/resolv.conf</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      options are supported
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      in the IRS library. The only available options in this
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      version are "debug" and "ndots".</p></li>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</ul></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="titlepage"><div><div><h3 class="title">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<a name="id-1.13.2.8"></a>The dns.conf File</h3></div></div></div>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p>The IRS library supports an "advanced" configuration file
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  related to the DNS library for configuration parameters that
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  would be beyond the capability of the
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  <code class="filename">resolv.conf</code> file.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  Specifically, it is intended to provide DNSSEC related
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  configuration parameters. By default the path to this
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews  configuration file is <code class="filename">/etc/dns.conf</code>.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  This module is very
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  experimental and the configuration syntax or library interfaces
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  may change in future versions. Currently, only the
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  <span class="command"><strong>trusted-keys</strong></span>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  statement is supported, whose syntax is the same as the same name
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  of statement for <code class="filename">named.conf</code>. (See
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  <a class="xref" href="Bv9ARM.ch06.html#trusted-keys" title="trusted-keys Statement Grammar">the section called &#8220;<span class="command"><strong>trusted-keys</strong></span> Statement Grammar&#8221;</a> for details.)</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h3 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.13.2.9"></a>Sample Applications</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>Some sample application programs using this API are
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  provided for reference. The following is a brief description of
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  these applications.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h4 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.13.2.9.3"></a>sample: a simple stub resolver utility</h4></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  It sends a query of a given name (of a given optional RR type) to a
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  specified recursive server, and prints the result as a list of
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  RRs. It can also act as a validating stub resolver if a trust
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  anchor is given via a set of command line options.</p>
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater<p>
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  Usage: sample [options] server_address hostname
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  </p>
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater<p>
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  Options and Arguments:
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  </p>
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater<div class="variablelist"><dl class="variablelist">
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater<dt><span class="term">
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  -t RRtype
afb33f777af856f8c3382604a7a8ffdfe2b512c5Automatic Updater  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    specify the RR type of the query.  The default is the A RR.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  [-a algorithm] [-e] -k keyname -K keystring
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    specify a command-line DNS key to validate the answer.  For
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    example, to specify the following DNSKEY of example.com:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="literallayout"><p><br>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        example.com.�3600�IN�DNSKEY�257�3�5�xxx<br>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    specify the options as follows:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="screen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<strong class="userinput"><code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      -e -k example.com -K "xxx"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    -e means that this key is a zone's "key signing key" (as known
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    as "secure Entry point").
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    When -a is omitted rsasha1 will be used by default.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  -s domain:alt_server_address
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     specify a separate recursive server address for the specific
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    "domain".  Example: -s example.com:2001:db8::1234
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p></dd>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<dt><span class="term">server_address</span></dt>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<dd><p>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews    an IP(v4/v6) address of the recursive server to which queries
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews    are sent.
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews  </p></dd>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<dt><span class="term">hostname</span></dt>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<dd><p>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews    the domain name for the query
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews  </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews</div>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<div class="section">
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<div class="titlepage"><div><div><h4 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.13.2.9.4"></a>sample-async: a simple stub resolver, working asynchronously</h4></div></div></div>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<p>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews  Similar to "sample", but accepts a list
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews  of (query) domain names as a separate file and resolves the names
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  asynchronously.</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    Usage: sample-async [-s server_address] [-t RR_type] input_file</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Options and Arguments:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="variablelist"><dl class="variablelist">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   -s server_address
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   an IPv4 address of the recursive server to which queries are sent.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  (IPv6 addresses are not supported in this implementation)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   -t RR_type
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  specify the RR type of the queries. The default is the A
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  RR.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   input_file
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   a list of domain names to be resolved. each line
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  consists of a single domain name. Example:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  <div class="literallayout"><p><br>
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews��www.example.com<br>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein��mx.example.net<br>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein��ns.xxx.example<br>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h4 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.13.2.9.5"></a>sample-request: a simple DNS transaction client</h4></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  It sends a query to a specified server, and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  prints the response with minimal processing. It doesn't act as a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  "stub resolver": it stops the processing once it gets any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  response from the server, whether it's a referral or an alias
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  (CNAME or DNAME) that would require further queries to get the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  ultimate answer. In other words, this utility acts as a very
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  simplified <span class="command"><strong>dig</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  Usage: sample-request [-t RRtype] server_address hostname
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    Options and Arguments:
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews  </p>
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<div class="variablelist"><dl class="variablelist">
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews<dt><span class="term">
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews   -t RRtype
ceeb18e6907a10547859faa340ecad83bedae90cMark Andrews  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  specify the RR type of
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  the queries. The default is the A RR.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  server_address
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   an IP(v4/v6)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  address of the recursive server to which the query is sent.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  hostname
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  the domain name for the query
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h4 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.13.2.9.6"></a>sample-gai: getaddrinfo() and getnameinfo() test code</h4></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  This is a test program
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  to check getaddrinfo() and getnameinfo() behavior. It takes a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  host name as an argument, calls getaddrinfo() with the given host
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  name, and calls getnameinfo() with the resulting IP addresses
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  returned by getaddrinfo(). If the dns.conf file exists and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  defines a trust anchor, the underlying resolver will act as a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  validating resolver, and getaddrinfo()/getnameinfo() will fail
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  with an EAI_INSECUREDATA error when DNSSEC validation fails.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  Usage: sample-gai hostname
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h4 class="title">
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews<a name="id-1.13.2.9.7"></a>sample-update: a simple dynamic update client program</h4></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  It accepts a single update command as a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  command-line argument, sends an update request message to the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  authoritative server, and shows the response from the server. In
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  other words, this is a simplified <span class="command"><strong>nsupdate</strong></span>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   Usage: sample-update [options] (add|delete) "update data"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  Options and Arguments:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="variablelist"><dl class="variablelist">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  -a auth_server
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    An IP address of the authoritative server that has authority
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    for the zone containing the update name.  This should normally
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    be the primary authoritative server that accepts dynamic
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    updates.  It can also be a secondary server that is configured
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    to forward update requests to the primary server.
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater   </p></dd>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater<dt><span class="term">
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater  -k keyfile
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater   </span></dt>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater<dd><p>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    A TSIG key file to secure the update transaction.  The keyfile
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    format is the same as that for the nsupdate utility.
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater   </p></dd>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater<dt><span class="term">
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater  -p prerequisite
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater   </span></dt>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater<dd><p>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    A prerequisite for the update (only one prerequisite can be
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    specified).  The prerequisite format is the same as that is
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    accepted by the nsupdate utility.
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater   </p></dd>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater<dt><span class="term">
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater  -r recursive_server
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater   </span></dt>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater<dd><p>
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    An IP address of a recursive server that this utility will
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    use.  A recursive server may be necessary to identify the
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    authoritative server address to which the update request is
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater    sent.
984c2e9f76e66e86f7d9aca99a774836ddf196eaAutomatic Updater   </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  -z zonename
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    The domain name of the zone that contains
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  (add|delete)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews    Specify the type of update operation.  Either "add" or "delete"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    must be specified.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  "update data"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews    Specify the data to be updated.  A typical example of the data
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews    would look like "name TTL RRtype RDATA".
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews  </p></dd>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews</dl></div>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<h3 class="title">Note</h3>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    In practice, either -a or -r must be specified.  Others can
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    be optional; the underlying library routine tries to identify the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    appropriate server and the zone name for the update.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   Examples: assuming the primary authoritative server of the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   dynamic.example.com zone has an IPv6 address 2001:db8::1234,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="screen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key add "foo.dynamic.example.com 30 IN A 192.168.2.1"</code></strong></pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     adds an A RR for foo.dynamic.example.com using the given key.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="screen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key delete "foo.dynamic.example.com 30 IN A"</code></strong></pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     removes all A RRs for foo.dynamic.example.com using the given key.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<pre class="screen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key delete "foo.dynamic.example.com"</code></strong></pre>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein     removes all RRs for foo.dynamic.example.com using the given key.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="titlepage"><div><div><h4 class="title">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.13.2.9.8"></a>nsprobe: domain/name server checker in terms of RFC 4074</h4></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  It checks a set
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  of domains to see the name servers of the domains behave
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  correctly in terms of RFC 4074. This is included in the set of
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  sample programs to show how the export library can be used in a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  DNS-related application.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Usage: nsprobe [-d] [-v [-v...]] [-c cache_address] [input_file]
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein   Options
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="variablelist"><dl class="variablelist">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  -d
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    run in the "debug" mode.  with this option nsprobe will dump
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    every RRs it receives.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  -v
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    increase verbosity of other normal log messages.  This can be
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    specified multiple times
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce  </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  -c cache_address
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
c92c50783e4e93699f2a42643b8f200b9b719c87Automatic Updater    specify an IP address of a recursive (caching) name server.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    nsprobe uses this server to get the NS RRset of each domain and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    the A and/or AAAA RRsets for the name servers.  The default
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    value is 127.0.0.1.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p></dd>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<dt><span class="term">
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews  input_file
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    a file name containing a list of domain (zone) names to be
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    probed.  when omitted the standard input will be used.  Each
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    line of the input file specifies a single domain name such as
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    "example.com".  In general this domain name must be the apex
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    name of some DNS zone (unlike normal "host names" such as
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    "www.example.com").  nsprobe first identifies the NS RRsets for
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    the given domain name, and sends A and AAAA queries to these
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    servers for some "widely used" names under the zone;
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    specifically, adding "www" and "ftp" to the zone name.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="section">
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<div class="titlepage"><div><div><h3 class="title">
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<a name="id-1.13.2.10"></a>Library References</h3></div></div></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>As of this writing, there is no formal "manual" of the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  libraries, except this document, header files (some of them
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  provide pretty detailed explanations), and sample application
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein  programs.</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews</div>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navfooter">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation footer">
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<tr>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<td width="40%" align="left">
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<a accesskey="p" href="Bv9ARM.ch11.html">Prev</a>�</td>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<td width="20%" align="center">�</td>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews<td width="40%" align="right">�<a accesskey="n" href="Bv9ARM.ch13.html">Next</a>
4556ad3a270bf049b3225433a402666aaffe3c36Mark Andrews</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
9c6a5d1f22f972232d7a9fd5c5fa64f10bacbdffAutomatic Updater<tr>
9c6a5d1f22f972232d7a9fd5c5fa64f10bacbdffAutomatic Updater<td width="40%" align="left" valign="top">Appendix�C.�General <acronym class="acronym">DNS</acronym> Reference Information�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�Manual pages</td>
035992291cb70ec3be4046fcea921b4a6acb1c77Mark Andrews</tr>
035992291cb70ec3be4046fcea921b4a6acb1c77Mark Andrews</table>
035992291cb70ec3be4046fcea921b4a6acb1c77Mark Andrews</div>
035992291cb70ec3be4046fcea921b4a6acb1c77Mark Andrews<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.0</p>
68b30890ebd441a6a1ae3fdf71744d07d02cd030Mark Andrews</body>
68b30890ebd441a6a1ae3fdf71744d07d02cd030Mark Andrews</html>
035992291cb70ec3be4046fcea921b4a6acb1c77Mark Andrews