Bv9ARM.ch12.html revision bd84b04e4fda4f41923bba6e7277546d87045b5a
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence - Copyright (C) 2000-2003 Internet Software Consortium.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Permission to use, copy, modify, and/or distribute this software for any
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - purpose with or without fee is hereby granted, provided that the above
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence - copyright notice and this permission notice appear in all copies.
e502b133d630bda0ee64c1e2ce6729d96750d8abMark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
29747dfe5e073a299b3681e01f5c55540f8bfed7Mark Andrews - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein - PERFORMANCE OF THIS SOFTWARE.
9550eb2dab1d03e03e6c060f92e655d47ac1fc1bMichael Graff<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<title>Appendix�D.�BIND 9 DNS Library Support</title>
c4958494a98a59ce25e9fecad76a9ab0e36cc59fDanny Mayer<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<link rel="prev" href="Bv9ARM.ch11.html" title="Appendix�C.�General DNS Reference Information">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<link rel="next" href="Bv9ARM.ch13.html" title="Manual pages">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<table width="100%" summary="Navigation header">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<tr><th colspan="3" align="center">Appendix�D.�BIND 9 DNS Library Support</th></tr>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<a accesskey="p" href="Bv9ARM.ch11.html">Prev</a>�</td>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch13.html">Next</a>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="titlepage"><div><div><h2 class="title">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<a name="Bv9ARM.ch12"></a>Appendix�D.�BIND 9 DNS Library Support</h2></div></div></div>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="sect1"><a href="Bv9ARM.ch12.html#bind9.library">BIND 9 DNS Library Support</a></span></dt>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2615211">Prerequisite</a></span></dt>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2615221">Compilation</a></span></dt>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2614426">Installation</a></span></dt>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2614457">Known Defects/Restrictions</a></span></dt>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2614602">The dns.conf File</a></span></dt>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2614629">Sample Applications</a></span></dt>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="sect2"><a href="Bv9ARM.ch12.html#id2616353">Library References</a></span></dt>
1d761cb453c76353deb8423c78e98d00c5f86ffaEvan Hunt<div class="titlepage"><div><div><h2 class="title" style="clear: both">
1d761cb453c76353deb8423c78e98d00c5f86ffaEvan Hunt<a name="bind9.library"></a>BIND 9 DNS Library Support</h2></div></div></div>
1d761cb453c76353deb8423c78e98d00c5f86ffaEvan Hunt<p>This version of BIND 9 "exports" its internal libraries so
00fb0253c9df8a4686115745ae91d501f62c7451Mark Andrews that they can be used by third-party applications more easily (we
2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence call them "export" libraries in this document). In addition to
959cf5e112c41ba8da2a202f51bc0c7a3cf47f68Tatuya JINMEI 神明達哉 all major DNS-related APIs BIND 9 is currently using, the export
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein libraries provide the following features:</p>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<li><p>The newly created "DNS client" module. This is a higher
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein level API that provides an interface to name resolution,
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein single DNS transaction with a particular server, and dynamic
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein update. Regarding name resolution, it supports advanced
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence features such as DNSSEC validation and caching. This module
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence supports both synchronous and asynchronous mode.</p></li>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<li><p>The new "IRS" (Information Retrieval System) library.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence It provides an interface to parse the traditional resolv.conf
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence file and more advanced, DNS-specific configuration file for
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the rest of this package (see the description for the
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<li><p>As part of the IRS library, newly implemented standard
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein address-name mapping functions, getaddrinfo() and
0cfbb9285a96f1355e5a3bd458624eaed2f16846Automatic Updater getnameinfo(), are provided. They use the DNSSEC-aware
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein validating resolver backend, and could use other advanced
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein features of the BIND 9 libraries such as caching. The
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence getaddrinfo() function resolves both A and AAAA RRs
d409ceeda41a256e8114423674d844d5f5035ee8Bob Halley concurrently (when the address family is unspecified).</p></li>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<li><p>An experimental framework to support other event
8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson libraries than BIND 9's internal event task system.</p></li>
8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson<div class="titlepage"><div><div><h3 class="title">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2615211"></a>Prerequisite</h3></div></div></div>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<p>GNU make is required to build the export libraries (other
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein part of BIND 9 can still be built with other types of make). In
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the reminder of this document, "make" means GNU make. Note that
8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson in some platforms you may need to invoke a different command name
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence than "make" (e.g. "gmake") to indicate it's GNU make.</p>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="titlepage"><div><div><h3 class="title">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<a name="id2615221"></a>Compilation</h3></div></div></div>
0cfbb9285a96f1355e5a3bd458624eaed2f16846Automatic Updater$ <strong class="userinput"><code>/configure --enable-exportlib <em class="replaceable"><code>[other flags]</code></em></code></strong>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein$ <strong class="userinput"><code>make</code></strong>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein This will create (in addition to usual BIND 9 programs) and a
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence separate set of libraries under the lib/export directory. For
0cfbb9285a96f1355e5a3bd458624eaed2f16846Automatic Updater example, <code class="filename">lib/export/dns/libdns.a</code> is the archive file of the
8862388bcb44f634cbfc3e69f11ff4cb76590a4bMark Andrews export version of the BIND 9 DNS library. Sample application
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence programs using the libraries will also be built under the
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence lib/export/samples directory (see below).</p>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="titlepage"><div><div><h3 class="title">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<a name="id2614426"></a>Installation</h3></div></div></div>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence$ <strong class="userinput"><code>cd lib/export</code></strong>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence$ <strong class="userinput"><code>make install</code></strong>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This will install library object files under the directory
61e9c1cdbe29683bb2db388e4fc6a6fd59315cefDavid Lawrence specified by the --with-export-libdir configure option (default:
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein EPREFIX/lib/bind9), and header files under the directory
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specified by the --with-export-includedir configure option
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein Root privilege is normally required.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence "<span><strong class="command">make install</strong></span>" at the top directory will do the
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence To see how to build your own
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence application after the installation, see
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <code class="filename">lib/export/samples/Makefile-postinstall.in</code>.</p>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="titlepage"><div><div><h3 class="title">
1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff<a name="id2614457"></a>Known Defects/Restrictions</h3></div></div></div>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<li><p>Currently, win32 is not supported for the export
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence library. (Normal BIND 9 application can be built as
c4958494a98a59ce25e9fecad76a9ab0e36cc59fDanny Mayer<p>The "fixed" RRset order is not (currently) supported in
c4958494a98a59ce25e9fecad76a9ab0e36cc59fDanny Mayer the export library. If you want to use "fixed" RRset order
c4958494a98a59ce25e9fecad76a9ab0e36cc59fDanny Mayer for, e.g. <span><strong class="command">named</strong></span> while still building the
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein export library even without the fixed order support, build
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence them separately:
1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff$ <strong class="userinput"><code>/configure --enable-fixed-rrset <em class="replaceable"><code>[other flags, but not --enable-exportlib]</code></em></code></strong>
1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff$ <strong class="userinput"><code>make</code></strong>
1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff$ <strong class="userinput"><code>/configure --enable-exportlib <em class="replaceable"><code>[other flags, but not --enable-fixed-rrset]</code></em></code></strong>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence$ <strong class="userinput"><code>cd lib/export</code></strong>
5fe5a0c02634eaadfcbc3528bf2c184557110a3bAndreas Gustafsson$ <strong class="userinput"><code>make</code></strong>
ecf7a1812527d5557564b71363dabec491980246Mark Andrews<li><p>The client module and the IRS library currently do not
88f7da46901f5d1218e354768674e72e9190d05aMichael Graff support DNSSEC validation using DLV (the underlying modules
e502b133d630bda0ee64c1e2ce6729d96750d8abMark Andrews can handle it, but there is no tunable interface to enable
1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff<li><p>RFC 5011 is not supported in the validating stub
b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence resolver of the export library. In fact, it is not clear
b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence whether it should: trust anchors would be a system-wide
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence configuration which would be managed by an administrator,
edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence while the stub resolver will be used by ordinary applications
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<li><p>Not all common <code class="filename">/etc/resolv.conf</code>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence options are supported
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence in the IRS library. The only available options in this
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="titlepage"><div><div><h3 class="title">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<a name="id2614602"></a>The dns.conf File</h3></div></div></div>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<p>The IRS library supports an "advanced" configuration file
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence related to the DNS library for configuration parameters that
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence would be beyond the capability of the
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Specifically, it is intended to provide DNSSEC related
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein configuration parameters. By default the path to this
1b106e224d3931e85d68c091fe1ec7758d9f07cbAndreas Gustafsson configuration file is <code class="filename">/etc/dns.conf</code>.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein This module is very
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence experimental and the configuration syntax or library interfaces
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence may change in future versions. Currently, only the
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein <span><strong class="command">trusted-keys</strong></span>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein statement is supported, whose syntax is the same as the same name
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence of statement for <code class="filename">named.conf</code>. (See
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <a href="Bv9ARM.ch06.html#trusted-keys" title="trusted-keys Statement Grammar">the section called “<span><strong class="command">trusted-keys</strong></span> Statement Grammar”</a> for details.)</p>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="titlepage"><div><div><h3 class="title">
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<a name="id2614629"></a>Sample Applications</h3></div></div></div>
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>Some sample application programs using this API are
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence provided for reference. The following is a brief description of
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence these applications.
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<div class="titlepage"><div><div><h4 class="title">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<a name="id2614637"></a>sample: a simple stub resolver utility</h4></div></div></div>
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence It sends a query of a given name (of a given optional RR type) to a
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence specified recursive server, and prints the result as a list of
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence RRs. It can also act as a validating stub resolver if a trust
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence anchor is given via a set of command line options.</p>
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Usage: sample [options] server_address hostname
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein Options and Arguments:
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein specify the RR type of the query. The default is the A RR.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein [-a algorithm] [-e] -k keyname -K keystring
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein specify a command-line DNS key to validate the answer. For
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence example, to specify the following DNSKEY of example.com:
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence����������������example.com.�3600�IN�DNSKEY�257�3�5�xxx<br>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specify the options as follows:
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence -e means that this key is a zone's "key signing key" (as known
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence as "secure Entry point").
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence When -a is omitted rsasha1 will be used by default.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein -s domain:alt_server_address
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein specify a separate recursive server address for the specific
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence "domain". Example: -s example.com:2001:db8::1234
edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence<dt><span class="term">server_address</span></dt>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein an IP(v4/v6) address of the recursive server to which queries
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence the domain name for the query
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="titlepage"><div><div><h4 class="title">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<a name="id2614728"></a>sample-async: a simple stub resolver, working asynchronously</h4></div></div></div>
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Similar to "sample", but accepts a list
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence of (query) domain names as a separate file and resolves the names
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence asynchronously.</p>
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Usage: sample-async [-s server_address] [-t RR_type] input_file</p>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein Options and Arguments:
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence -s server_address
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence an IPv4 address of the recursive server to which queries are sent.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence (IPv6 addresses are not supported in this implementation)
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specify the RR type of the queries. The default is the A
edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence a list of domain names to be resolved. each line
edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence consists of a single domain name. Example:
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="titlepage"><div><div><h4 class="title">
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<a name="id2614781"></a>sample-request: a simple DNS transaction client</h4></div></div></div>
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence It sends a query to a specified server, and
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein prints the response with minimal processing. It doesn't act as a
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence "stub resolver": it stops the processing once it gets any
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein response from the server, whether it's a referral or an alias
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence (CNAME or DNAME) that would require further queries to get the
0bd4e3591ac1a729c7ec8f811844119473350975David Lawrence ultimate answer. In other words, this utility acts as a very
edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence simplified <span><strong class="command">dig</strong></span>.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Usage: sample-request [-t RRtype] server_address hostname
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein Options and Arguments:
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specify the RR type of
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein the queries. The default is the A RR.
ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence server_address
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence address of the recursive server to which the query is sent.
ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence the domain name for the query
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="titlepage"><div><div><h4 class="title">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2614845"></a>sample-gai: getaddrinfo() and getnameinfo() test code</h4></div></div></div>
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence This is a test program
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence to check getaddrinfo() and getnameinfo() behavior. It takes a
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence host name as an argument, calls getaddrinfo() with the given host
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence name, and calls getnameinfo() with the resulting IP addresses
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence returned by getaddrinfo(). If the dns.conf file exists and
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein defines a trust anchor, the underlying resolver will act as a
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence validating resolver, and getaddrinfo()/getnameinfo() will fail
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence with an EAI_INSECUREDATA error when DNSSEC validation fails.
ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence Usage: sample-gai hostname
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="titlepage"><div><div><h4 class="title">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2614860"></a>sample-update: a simple dynamic update client program</h4></div></div></div>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein It accepts a single update command as a
ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence command-line argument, sends an update request message to the
ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence authoritative server, and shows the response from the server. In
ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence other words, this is a simplified <span><strong class="command">nsupdate</strong></span>.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Usage: sample-update [options] (add|delete) "update data"
ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence Options and Arguments:
ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence -a auth_server
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein An IP address of the authoritative server that has authority
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein for the zone containing the update name. This should normally
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence be the primary authoritative server that accepts dynamic
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence updates. It can also be a secondary server that is configured
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein to forward update requests to the primary server.
edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence A TSIG key file to secure the update transaction. The keyfile
87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence format is the same as that for the nsupdate utility.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence -p prerequisite
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein A prerequisite for the update (only one prerequisite can be
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specified). The prerequisite format is the same as that is
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence accepted by the nsupdate utility.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence -r recursive_server
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein An IP address of a recursive server that this utility will
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence use. A recursive server may be necessary to identify the
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence authoritative server address to which the update request is
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The domain name of the zone that contains
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Specify the type of update operation. Either "add" or "delete"
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein must be specified.
863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence "update data"
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Specify the data to be updated. A typical example of the data
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein would look like "name TTL RRtype RDATA".
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<h3 class="title">Note</h3>In practice, either -a or -r must be specified. Others can
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein be optional; the underlying library routine tries to identify the
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence appropriate server and the zone name for the update.</div>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Examples: assuming the primary authoritative server of the
00fb0253c9df8a4686115745ae91d501f62c7451Mark Andrews dynamic.example.com zone has an IPv6 address 2001:db8::1234,
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key add "foo.dynamic.example.com 30 IN A 192.168.2.1"</code></strong></pre>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence adds an A RR for foo.dynamic.example.com using the given key.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key delete "foo.dynamic.example.com 30 IN A"</code></strong></pre>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence removes all A RRs for foo.dynamic.example.com using the given key.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence$ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mmmm.key delete "foo.dynamic.example.com"</code></strong></pre>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein removes all RRs for foo.dynamic.example.com using the given key.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="titlepage"><div><div><h4 class="title">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2616289"></a>nsprobe: domain/name server checker in terms of RFC 4074</h4></div></div></div>
87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence It checks a set
87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence of domains to see the name servers of the domains behave
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein correctly in terms of RFC 4074. This is included in the set of
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence sample programs to show how the export library can be used in a
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence DNS-related application.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein Usage: nsprobe [-d] [-v [-v...]] [-c cache_address] [input_file]
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence run in the "debug" mode. with this option nsprobe will dump
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein every RRs it receives.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein increase verbosity of other normal log messages. This can be
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specified multiple times
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence -c cache_address
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specify an IP address of a recursive (caching) name server.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence nsprobe uses this server to get the NS RRset of each domain and
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the A and/or AAAA RRsets for the name servers. The default
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein value is 127.0.0.1.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence a file name containing a list of domain (zone) names to be
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein probed. when omitted the standard input will be used. Each
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence line of the input file specifies a single domain name such as
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence "example.com". In general this domain name must be the apex
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence name of some DNS zone (unlike normal "host names" such as
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein "www.example.com"). nsprobe first identifies the NS RRsets for
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the given domain name, and sends A and AAAA queries to these
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence servers for some "widely used" names under the zone;
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specifically, adding "www" and "ftp" to the zone name.
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="titlepage"><div><div><h3 class="title">
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2616353"></a>Library References</h3></div></div></div>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>As of this writing, there is no formal "manual" of the
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein libraries, except this document, header files (some of them
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein provide pretty detailed explanations), and sample application
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence programs.</p>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<table width="100%" summary="Navigation footer">
fc6f5743aa860861fe39ca2680d9aa08e39d3039Andreas Gustafsson<a accesskey="p" href="Bv9ARM.ch11.html">Prev</a>�</td>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<td width="40%" align="right">�<a accesskey="n" href="Bv9ARM.ch13.html">Next</a>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<td width="40%" align="left" valign="top">Appendix�C.�General <acronym class="acronym">DNS</acronym> Reference Information�</td>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="40%" align="right" valign="top">�Manual pages</td>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<p style="text-align: center;">BIND 9.11.0pre-alpha</p>