man.nsupdate.html revision 30c0c7470d5bfabd8f43c563f4eca636d06cc484
990d0e893f5b70e735cdf990af66e9ec6e91fa78Tinderbox User - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
6a42ab64276ff832a47e009be1208f7c7d4da22dAutomatic Updater - Copyright (C) 2000-2003 Internet Software Consortium.
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - Permission to use, copy, modify, and/or distribute this software for any
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater - purpose with or without fee is hereby granted, provided that the above
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater - copyright notice and this permission notice appear in all copies.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
6a42ab64276ff832a47e009be1208f7c7d4da22dAutomatic Updater - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater - PERFORMANCE OF THIS SOFTWARE.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
b6b8f8a0362da8c749021c4b6376cfb96047912bTinderbox User<link rel="prev" href="man.named-rrchecker.html" title="named-rrchecker">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<link rel="next" href="man.rndc.html" title="rndc">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<table width="100%" summary="Navigation header">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<tr><th colspan="3" align="center"><span class="application">nsupdate</span></th></tr>
b6b8f8a0362da8c749021c4b6376cfb96047912bTinderbox User<a accesskey="p" href="man.named-rrchecker.html">Prev</a>�</td>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<th width="60%" align="center">Manual pages</th>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<td width="20%" align="right">�<a accesskey="n" href="man.rndc.html">Next</a>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<a name="man.nsupdate"></a><div class="titlepage"></div>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<p><span class="application">nsupdate</span> — Dynamic DNS update utility</p>
b46346eb3026ba4bebc093bc93cfe159131e541eTinderbox User<div class="cmdsynopsis"><p><code class="command">nsupdate</code> [<code class="option">-d</code>] [<code class="option">-D</code>] [[<code class="option">-g</code>] | [<code class="option">-o</code>] | [<code class="option">-l</code>] | [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]keyname:secret</code></em></code>] | [<code class="option">-k <em class="replaceable"><code>keyfile</code></em></code>]] [<code class="option">-t <em class="replaceable"><code>timeout</code></em></code>] [<code class="option">-u <em class="replaceable"><code>udptimeout</code></em></code>] [<code class="option">-r <em class="replaceable"><code>udpretries</code></em></code>] [<code class="option">-R <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-v</code>] [<code class="option">-T</code>] [<code class="option">-P</code>] [<code class="option">-V</code>] [filename]</p></div>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<p><span><strong class="command">nsupdate</strong></span>
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater is used to submit Dynamic DNS Update requests as defined in RFC 2136
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater to a name server.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater This allows resource records to be added or removed from a zone
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater without manually editing the zone file.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater A single update request can contain requests to add or remove more than
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater resource record.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Zones that are under dynamic control via
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater or a DHCP server should not be edited by hand.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Manual edits could
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater conflict with dynamic updates and cause data to be lost.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The resource records that are dynamically added or removed with
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater have to be in the same zone.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Requests are sent to the zone's master server.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater This is identified by the MNAME field of the zone's SOA record.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater operate in debug mode.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater This provides tracing information about the update requests that are
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater made and the replies received from the name server.
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater The <code class="option">-D</code> option makes <span><strong class="command">nsupdate</strong></span>
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater report additional debugging information to <code class="option">-d</code>.
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater The <code class="option">-L</code> option with an integer argument of zero or
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater higher sets the logging debug level. If zero, logging is disabled.
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater Transaction signatures can be used to authenticate the Dynamic
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater DNS updates. These use the TSIG resource record type described
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater in RFC 2845 or the SIG(0) record described in RFC 2535 and
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater RFC 2931 or GSS-TSIG as described in RFC 3645. TSIG relies on
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater a shared secret that should only be known to
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater <span><strong class="command">nsupdate</strong></span> and the name server. Currently,
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater the only supported encryption algorithm for TSIG is HMAC-MD5,
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater which is defined in RFC 2104. Once other algorithms are
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater defined for TSIG, applications will need to ensure they select
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater the appropriate algorithm as well as the key when authenticating
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater each other. For instance, suitable <span class="type">key</span> and
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater <span class="type">server</span> statements would be added to
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater <code class="filename">/etc/named.conf</code> so that the name server
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater can associate the appropriate secret key and algorithm with
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater the IP address of the client application that will be using
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater TSIG authentication. SIG(0) uses public key cryptography.
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater To use a SIG(0) key, the public key must be stored in a KEY
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater record in a zone served by the name server.
ed4475f3f583f6137b4ff7fea775c5363a4fdb29Automatic Updater <span><strong class="command">nsupdate</strong></span> does not read
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <code class="filename">/etc/named.conf</code>.
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater GSS-TSIG uses Kerberos credentials. Standard GSS-TSIG mode
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater is switched on with the <code class="option">-g</code> flag. A
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater non-standards-compliant variant of GSS-TSIG used by Windows
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater 2000 can be switched on with the <code class="option">-o</code> flag.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<p><span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater uses the <code class="option">-y</code> or <code class="option">-k</code> option
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater to provide the shared secret needed to generate a TSIG record
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater for authenticating Dynamic DNS update requests, default type
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater HMAC-MD5. These options are mutually exclusive.
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater When the <code class="option">-y</code> option is used, a signature is
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater generated from
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater [<span class="optional"><em class="parameter"><code>hmac:</code></em></span>]<em class="parameter"><code>keyname:secret.</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>keyname</code></em> is the name of the key, and
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater <em class="parameter"><code>secret</code></em> is the base64 encoded shared secret.
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User <em class="parameter"><code>hmac</code></em> is the name of the key algorithm;
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User valid choices are <code class="literal">hmac-md5</code>,
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User <code class="literal">hmac-sha1</code>, <code class="literal">hmac-sha224</code>,
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User <code class="literal">hmac-sha256</code>, <code class="literal">hmac-sha384</code>, or
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User <code class="literal">hmac-sha512</code>. If <em class="parameter"><code>hmac</code></em>
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User is not specified, the default is <code class="literal">hmac-md5</code>.
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User NOTE: Use of the <code class="option">-y</code> option is discouraged because the
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater shared secret is supplied as a command line argument in clear text.
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater This may be visible in the output from
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater <span class="citerefentry"><span class="refentrytitle">ps</span>(1)</span>
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater or in a history file maintained by the user's shell.
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater <code class="option">-k</code> option, <span><strong class="command">nsupdate</strong></span> reads
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater the shared secret from the file <em class="parameter"><code>keyfile</code></em>.
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater Keyfiles may be in two formats: a single file containing
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater a <code class="filename">named.conf</code>-format <span><strong class="command">key</strong></span>
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater statement, which may be generated automatically by
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater <span><strong class="command">ddns-confgen</strong></span>, or a pair of files whose names are
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater of the format <code class="filename">K{name}.+157.+{random}.key</code> and
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater <code class="filename">K{name}.+157.+{random}.private</code>, which can be
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater generated by <span><strong class="command">dnssec-keygen</strong></span>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The <code class="option">-k</code> may also be used to specify a SIG(0) key used
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater to authenticate Dynamic DNS update requests. In this case, the key
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater specified is not an HMAC-MD5 key.
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater <span><strong class="command">nsupdate</strong></span> can be run in a local-host only mode
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater using the <code class="option">-l</code> flag. This sets the server address to
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater localhost (disabling the <span><strong class="command">server</strong></span> so that the server
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater address cannot be overridden). Connections to the local server will
90c38ab4e6904126bec2f2f57f60cd834ce759cbAutomatic Updater use a TSIG key found in <code class="filename">/var/run/named/session.key</code>,
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater which is automatically generated by <span><strong class="command">named</strong></span> if any
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater local master zone has set <span><strong class="command">update-policy</strong></span> to
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater <span><strong class="command">local</strong></span>. The location of this key file can be
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater overridden with the <code class="option">-k</code> option.
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater By default, <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater uses UDP to send update requests to the name server unless they are too
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater large to fit in a UDP request in which case TCP will be used.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater use a TCP connection.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater This may be preferable when a batch of update requests is made.
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater The <code class="option">-p</code> sets the default port number to use for
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater connections to a name server. The default is 53.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The <code class="option">-t</code> option sets the maximum time an update request
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater take before it is aborted. The default is 300 seconds. Zero can be
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater to disable the timeout.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The <code class="option">-u</code> option sets the UDP retry interval. The default
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater 3 seconds. If zero, the interval will be computed from the timeout
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater and number of UDP retries.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The <code class="option">-r</code> option sets the number of UDP retries. The
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater 3. If zero, only one update request will be made.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The <code class="option">-R <em class="replaceable"><code>randomdev</code></em></code> option
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater specifies a source of randomness. If the operating system
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater does not provide a <code class="filename">/dev/random</code> or
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater equivalent device, the default source of randomness is keyboard
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater input. <code class="filename">randomdev</code> specifies the name of
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater a character device or file containing random data to be used
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater instead of the default. The special value
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <code class="filename">keyboard</code> indicates that keyboard input
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater should be used. This option may be specified multiple times.
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User Other types can be entered using "TYPEXXXXX" where "XXXXX" is the
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User decimal value of the type with no leading zeros. The rdata,
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User if present, will be parsed using the UNKNOWN rdata format,
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User (<backslash> <hash> <space> <length>
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User <space> <hexstring>).
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User The <code class="option">-T</code> and <code class="option">-P</code> options print out
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User lists of non-meta types for which the type-specific presentation
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User formats are known. <code class="option">-T</code> prints out the list of
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User IANA-assigned types. <code class="option">-P</code> prints out the list of
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User private types specific to <span><strong class="command">named</strong></span>. These options
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User may be combined. <span><strong class="command">nsupdate</strong></span> will exit after the
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User lists are printed.
b46346eb3026ba4bebc093bc93cfe159131e541eTinderbox User The -V option causes <span><strong class="command">nsupdate</strong></span> to print the
b46346eb3026ba4bebc093bc93cfe159131e541eTinderbox User version number and exit.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<p><span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater reads input from
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>filename</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater or standard input.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Each command is supplied on exactly one line of input.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Some commands are for administrative purposes.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The others are either update instructions or prerequisite checks on the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater contents of the zone.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater These checks set conditions that some name or set of
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater resource records (RRset) either exists or is absent from the zone.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater These conditions must be met if the entire update request is to succeed.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Updates will be rejected if the tests for the prerequisite conditions
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Every update request consists of zero or more prerequisites
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater and zero or more updates.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater This allows a suitably authenticated update request to proceed if some
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater specified resource records are present or missing from the zone.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater A blank input line (or the <span><strong class="command">send</strong></span> command)
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater accumulated commands to be sent as one Dynamic DNS update request to the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The command formats and their meaning are as follows:
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">server</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Sends all dynamic update requests to the name server
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>servername</code></em>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater When no server statement is provided,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater will send updates to the master server of the correct zone.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The MNAME field of that zone's SOA record will identify the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater server for that zone.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>port</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater is the port number on
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>servername</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater where the dynamic update requests get sent.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater If no port number is specified, the default DNS port number of
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">local</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Sends all dynamic update requests using the local
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>address</code></em>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater When no local statement is provided,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater will send updates using an address and port chosen by the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>port</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater can additionally be used to make requests come from a specific
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater If no port number is specified, the system will assign one.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">zone</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Specifies that all updates are to be made to the zone
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>zonename</code></em>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>zone</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater statement is provided,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater will attempt determine the correct zone to update based on the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater rest of the input.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">class</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Specify the default class.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater If no <em class="parameter"><code>class</code></em> is specified, the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater default class is
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>IN</code></em>.
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater <span><strong class="command">ttl</strong></span>
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater Specify the default time to live for records to be added.
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater The value <em class="parameter"><code>none</code></em> will clear the default
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">key</strong></span>
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User [hmac:] {keyname}
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Specifies that all updates are to be TSIG-signed using the
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User <em class="parameter"><code>keyname</code></em> <em class="parameter"><code>secret</code></em> pair.
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User If <em class="parameter"><code>hmac</code></em> is specified, then it sets the
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User signing algorithm in use; the default is
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User <code class="literal">hmac-md5</code>. The <span><strong class="command">key</strong></span>
f39512a917cdd06c611d366603374f6ef570c80eTinderbox User command overrides any key specified on the command line via
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <code class="option">-y</code> or <code class="option">-k</code>.
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater <span><strong class="command">gsstsig</strong></span>
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater Use GSS-TSIG to sign the updated. This is equivalent to
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater specifying <code class="option">-g</code> on the commandline.
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater <span><strong class="command">oldgsstsig</strong></span>
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater Use the Windows 2000 version of GSS-TSIG to sign the updated.
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater This is equivalent to specifying <code class="option">-o</code> on the
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater <span><strong class="command">realm</strong></span>
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater {[<span class="optional">realm_name</span>]}
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater When using GSS-TSIG use <em class="parameter"><code>realm_name</code></em> rather
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater than the default realm in <code class="filename">krb5.conf</code>. If no
7c6b9b263898daf28d657f65dbd75c330ca4aa13Automatic Updater realm is specified the saved realm is cleared.
b68a2d272b958eb2c40cce59ee33e71c5f5f521bTinderbox User <span><strong class="command">check-names</strong></span>
b68a2d272b958eb2c40cce59ee33e71c5f5f521bTinderbox User Turn on or off check-names processing on records to
b68a2d272b958eb2c40cce59ee33e71c5f5f521bTinderbox User be added. Check-names has no effect on prerequisites
b68a2d272b958eb2c40cce59ee33e71c5f5f521bTinderbox User or records to be deleted. By default check-names
b68a2d272b958eb2c40cce59ee33e71c5f5f521bTinderbox User processing is on. If check-names processing fails
b68a2d272b958eb2c40cce59ee33e71c5f5f521bTinderbox User the record will not be added to the UPDATE message.
ce8ac1bc98ba20c1ba02e6a6ff39561140089ae3Automatic Updater <span><strong class="command">[<span class="optional">prereq</span>] nxdomain</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Requires that no resource record of any type exists with name
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>domain-name</code></em>.
ce8ac1bc98ba20c1ba02e6a6ff39561140089ae3Automatic Updater <span><strong class="command">[<span class="optional">prereq</span>] yxdomain</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>domain-name</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater exists (has as at least one resource record, of any type).
ce8ac1bc98ba20c1ba02e6a6ff39561140089ae3Automatic Updater <span><strong class="command">[<span class="optional">prereq</span>] nxrrset</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Requires that no resource record exists of the specified
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>type</code></em>,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>class</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>domain-name</code></em>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>class</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater is omitted, IN (internet) is assumed.
ce8ac1bc98ba20c1ba02e6a6ff39561140089ae3Automatic Updater <span><strong class="command">[<span class="optional">prereq</span>] yxrrset</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater This requires that a resource record of the specified
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>type</code></em>,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>class</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>domain-name</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>class</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater is omitted, IN (internet) is assumed.
ce8ac1bc98ba20c1ba02e6a6ff39561140089ae3Automatic Updater <span><strong class="command">[<span class="optional">prereq</span>] yxrrset</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>data</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater from each set of prerequisites of this form
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater sharing a common
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>type</code></em>,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>class</code></em>,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>domain-name</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater are combined to form a set of RRs. This set of RRs must
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater exactly match the set of RRs existing in the zone at the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>type</code></em>,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>class</code></em>,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>domain-name</code></em>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>data</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater are written in the standard text representation of the resource
ce8ac1bc98ba20c1ba02e6a6ff39561140089ae3Automatic Updater <span><strong class="command">[<span class="optional">update</span>] del[<span class="optional">ete</span>]</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater [type [data...]]
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Deletes any resource records named
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>domain-name</code></em>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>type</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>data</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater is provided, only matching resource records will be removed.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The internet class is assumed if
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>class</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater is not supplied. The
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>ttl</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater is ignored, and is only allowed for compatibility.
ce8ac1bc98ba20c1ba02e6a6ff39561140089ae3Automatic Updater <span><strong class="command">[<span class="optional">update</span>] add</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Adds a new resource record with the specified
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>ttl</code></em>,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>class</code></em>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <em class="parameter"><code>data</code></em>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">show</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Displays the current message, containing all of the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater prerequisites and
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater updates specified since the last send.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">send</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Sends the current message. This is equivalent to entering a
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">answer</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Displays the answer.
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater <span><strong class="command">debug</strong></span>
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater Turn on debugging.
b46346eb3026ba4bebc093bc93cfe159131e541eTinderbox User <span><strong class="command">version</strong></span>
b46346eb3026ba4bebc093bc93cfe159131e541eTinderbox User Print version number.
b46346eb3026ba4bebc093bc93cfe159131e541eTinderbox User <span><strong class="command">help</strong></span>
b46346eb3026ba4bebc093bc93cfe159131e541eTinderbox User Print a list of commands.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Lines beginning with a semicolon are comments and are ignored.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The examples below show how
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span><strong class="command">nsupdate</strong></span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater could be used to insert and delete resource records from the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Notice that the input in each example contains a trailing blank line so
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater a group of commands are sent as one dynamic update request to the
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater master name server for
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater> update delete oldhost.example.com A
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater> update add newhost.example.com 86400 A 172.16.1.1
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater Any A records for
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span class="type">oldhost.example.com</span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater And an A record for
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span class="type">newhost.example.com</span>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater with IP address 172.16.1.1 is added.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The newly-added record has a 1 day TTL (86400 seconds).
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater> prereq nxdomain nickname.example.com
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater> update add nickname.example.com 86400 CNAME somehost.example.com
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The prerequisite condition gets the name server to check that there
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater are no resource records of any type for
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span class="type">nickname.example.com</span>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater If there are, the update request fails.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater If this name does not exist, a CNAME for it is added.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater This ensures that when the CNAME is added, it cannot conflict with the
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater long-standing rule in RFC 1034 that a name must not exist as any other
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater record type if it exists as a CNAME.
d060d8669f5558690e7faf4a1c12fe5c02a7c60dAutomatic Updater (The rule has been updated for DNSSEC in RFC 2535 to allow CNAMEs to have
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater RRSIG, DNSKEY and NSEC records.)
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater used to identify default name server
90c38ab4e6904126bec2f2f57f60cd834ce759cbAutomatic Updater<dt><span class="term"><code class="constant">/var/run/named/session.key</code></span></dt>
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater sets the default TSIG key for use in local-only mode
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<dt><span class="term"><code class="constant">K{name}.+157.+{random}.key</code></span></dt>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater base-64 encoding of HMAC-MD5 key created by
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<dt><span class="term"><code class="constant">K{name}.+157.+{random}.private</code></span></dt>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater base-64 encoding of HMAC-MD5 key created by
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater <span class="citerefentry"><span class="refentrytitle">ddns-confgen</span>(8)</span>,
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater The TSIG key is redundantly stored in two separate files.
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater This is a consequence of nsupdate using the DST library
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater for its cryptographic operations, and may change in future
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<table width="100%" summary="Navigation footer">
b6b8f8a0362da8c749021c4b6376cfb96047912bTinderbox User<a accesskey="p" href="man.named-rrchecker.html">Prev</a>�</td>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<td width="40%" align="right">�<a accesskey="n" href="man.rndc.html">Next</a>
b6b8f8a0362da8c749021c4b6376cfb96047912bTinderbox User<span class="application">named-rrchecker</span>�</td>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<td width="40%" align="right" valign="top">�<span class="application">rndc</span>
30c0c7470d5bfabd8f43c563f4eca636d06cc484Tinderbox User<p style="text-align: center;">BIND 9.11.0pre-alpha</p>