ecf7a1812527d5557564b71363dabec491980246Mark Andrews<html>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<head>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<title>nsupdate</title>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">

899f7f9af527d3dfe8345dcc8210d7c23fc950afDavid Lawrence<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">

c4717613e45323ed23dc6e9162cba89f1f83830cDavid Lawrence<link rel="prev" href="man.named-rrchecker.html" title="named-rrchecker">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<link rel="next" href="man.rndc.html" title="rndc">

9550eb2dab1d03e03e6c060f92e655d47ac1fc1bMichael Graff</head>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">

c4958494a98a59ce25e9fecad76a9ab0e36cc59fDanny Mayer<div class="navheader">

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson<table width="100%" summary="Navigation header">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<tr><th colspan="3" align="center"><span class="application">nsupdate</span></th></tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="left">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a accesskey="p" href="man.named-rrchecker.html">Prev</a>�</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<th width="60%" align="center">Manual pages</th>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="right">�<a accesskey="n" href="man.rndc.html">Next</a>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</table>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<hr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refentry" lang="en">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="man.nsupdate"></a><div class="titlepage"></div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refnamediv">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<h2>Name</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p><span class="application">nsupdate</span> &#8212; Dynamic DNS update utility</p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refsynopsisdiv">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<h2>Synopsis</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="cmdsynopsis"><p><code class="command">nsupdate</code> [<code class="option">-d</code>] [<code class="option">-D</code>] [[<code class="option">-g</code>] | [<code class="option">-o</code>] | [<code class="option">-l</code>] | [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]keyname:secret</code></em></code>] | [<code class="option">-k <em class="replaceable"><code>keyfile</code></em></code>]] [<code class="option">-t <em class="replaceable"><code>timeout</code></em></code>] [<code class="option">-u <em class="replaceable"><code>udptimeout</code></em></code>] [<code class="option">-r <em class="replaceable"><code>udpretries</code></em></code>] [<code class="option">-R <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-v</code>] [<code class="option">-T</code>] [<code class="option">-P</code>] [<code class="option">-V</code>] [filename]</p></div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refsect1" lang="en">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2654534"></a><h2>DESCRIPTION</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p><span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is used to submit Dynamic DNS Update requests as defined in RFC 2136

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence to a name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This allows resource records to be added or removed from a zone

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence without manually editing the zone file.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence A single update request can contain requests to add or remove more than

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence one

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence resource record.

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence </p>

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Zones that are under dynamic control via

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence or a DHCP server should not be edited by hand.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Manual edits could

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence conflict with dynamic updates and cause data to be lost.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The resource records that are dynamically added or removed with

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence have to be in the same zone.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Requests are sent to the zone's master server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This is identified by the MNAME field of the zone's SOA record.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

d409ceeda41a256e8114423674d844d5f5035ee8Bob Halley<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson <code class="option">-d</code>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence option makes

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">nsupdate</strong></span>

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson operate in debug mode.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This provides tracing information about the update requests that are

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence made and the replies received from the name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson The <code class="option">-D</code> option makes <span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence report additional debugging information to <code class="option">-d</code>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The <code class="option">-L</code> option with an integer argument of zero or

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence higher sets the logging debug level. If zero, logging is disabled.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Transaction signatures can be used to authenticate the Dynamic

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence DNS updates. These use the TSIG resource record type described

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence in RFC 2845 or the SIG(0) record described in RFC 2535 and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence RFC 2931 or GSS-TSIG as described in RFC 3645. TSIG relies on

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence a shared secret that should only be known to

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence <span><strong class="command">nsupdate</strong></span> and the name server. Currently,

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence the only supported encryption algorithm for TSIG is HMAC-MD5,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence which is defined in RFC 2104. Once other algorithms are

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence defined for TSIG, applications will need to ensure they select

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the appropriate algorithm as well as the key when authenticating

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence each other. For instance, suitable <span class="type">key</span> and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span class="type">server</span> statements would be added to

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <code class="filename">/etc/named.conf</code> so that the name server

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence can associate the appropriate secret key and algorithm with

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the IP address of the client application that will be using

61e9c1cdbe29683bb2db388e4fc6a6fd59315cefDavid Lawrence TSIG authentication. SIG(0) uses public key cryptography.

f8da2d95835c5216570a45e9000f740321503ae3David Lawrence To use a SIG(0) key, the public key must be stored in a KEY

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence record in a zone served by the name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">nsupdate</strong></span> does not read

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <code class="filename">/etc/named.conf</code>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence GSS-TSIG uses Kerberos credentials. Standard GSS-TSIG mode

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is switched on with the <code class="option">-g</code> flag. A

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence non-standards-compliant variant of GSS-TSIG used by Windows

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence 2000 can be switched on with the <code class="option">-o</code> flag.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p><span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence uses the <code class="option">-y</code> or <code class="option">-k</code> option

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff to provide the shared secret needed to generate a TSIG record

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence for authenticating Dynamic DNS update requests, default type

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence HMAC-MD5. These options are mutually exclusive.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence When the <code class="option">-y</code> option is used, a signature is

c4958494a98a59ce25e9fecad76a9ab0e36cc59fDanny Mayer generated from

c4958494a98a59ce25e9fecad76a9ab0e36cc59fDanny Mayer [<span class="optional"><em class="parameter"><code>hmac:</code></em></span>]<em class="parameter"><code>keyname:secret.</code></em>

c4958494a98a59ce25e9fecad76a9ab0e36cc59fDanny Mayer <em class="parameter"><code>keyname</code></em> is the name of the key, and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>secret</code></em> is the base64 encoded shared secret.

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff <em class="parameter"><code>hmac</code></em> is the name of the key algorithm;

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff valid choices are <code class="literal">hmac-md5</code>,

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff <code class="literal">hmac-sha1</code>, <code class="literal">hmac-sha224</code>,

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff <code class="literal">hmac-sha256</code>, <code class="literal">hmac-sha384</code>, or

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <code class="literal">hmac-sha512</code>. If <em class="parameter"><code>hmac</code></em>

5fe5a0c02634eaadfcbc3528bf2c184557110a3bAndreas Gustafsson is not specified, the default is <code class="literal">hmac-md5</code>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence NOTE: Use of the <code class="option">-y</code> option is discouraged because the

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff shared secret is supplied as a command line argument in clear text.

df0f58959ed82a2a43ca8d816ce9592541df9f2fMark Andrews This may be visible in the output from

ecf7a1812527d5557564b71363dabec491980246Mark Andrews <span class="citerefentry"><span class="refentrytitle">ps</span>(1)</span>

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff or in a history file maintained by the user's shell.

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence With the

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence <code class="option">-k</code> option, <span><strong class="command">nsupdate</strong></span> reads

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the shared secret from the file <em class="parameter"><code>keyfile</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Keyfiles may be in two formats: a single file containing

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence a <code class="filename">named.conf</code>-format <span><strong class="command">key</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence statement, which may be generated automatically by

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">ddns-confgen</strong></span>, or a pair of files whose names are

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence of the format <code class="filename">K{name}.+157.+{random}.key</code> and

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <code class="filename">K{name}.+157.+{random}.private</code>, which can be

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence generated by <span><strong class="command">dnssec-keygen</strong></span>.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The <code class="option">-k</code> may also be used to specify a SIG(0) key used

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence to authenticate Dynamic DNS update requests. In this case, the key

78aa86abc692e41742baae8c72d240ef96d8381cAndreas Gustafsson specified is not an HMAC-MD5 key.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">nsupdate</strong></span> can be run in a local-host only mode

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence using the <code class="option">-l</code> flag. This sets the server address to

40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence localhost (disabling the <span><strong class="command">server</strong></span> so that the server

1b106e224d3931e85d68c091fe1ec7758d9f07cbAndreas Gustafsson address cannot be overridden). Connections to the local server will

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence use a TSIG key found in <code class="filename">/var/run/named/session.key</code>,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence which is automatically generated by <span><strong class="command">named</strong></span> if any

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence local master zone has set <span><strong class="command">update-policy</strong></span> to

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">local</strong></span>. The location of this key file can be

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence overridden with the <code class="option">-k</code> option.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence By default, <span><strong class="command">nsupdate</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence uses UDP to send update requests to the name server unless they are too

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence large to fit in a UDP request in which case TCP will be used.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <code class="option">-v</code>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence option makes

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">nsupdate</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence use a TCP connection.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence This may be preferable when a batch of update requests is made.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The <code class="option">-p</code> sets the default port number to use for

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence connections to a name server. The default is 53.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The <code class="option">-t</code> option sets the maximum time an update request

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence can

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence take before it is aborted. The default is 300 seconds. Zero can be

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence used

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence to disable the timeout.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

c4717613e45323ed23dc6e9162cba89f1f83830cDavid Lawrence The <code class="option">-u</code> option sets the UDP retry interval. The default

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is

c4717613e45323ed23dc6e9162cba89f1f83830cDavid Lawrence 3 seconds. If zero, the interval will be computed from the timeout

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence interval

c4717613e45323ed23dc6e9162cba89f1f83830cDavid Lawrence and number of UDP retries.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The <code class="option">-r</code> option sets the number of UDP retries. The

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence default is

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence 3. If zero, only one update request will be made.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The <code class="option">-R <em class="replaceable"><code>randomdev</code></em></code> option

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence specifies a source of randomness. If the operating system

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence does not provide a <code class="filename">/dev/random</code> or

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence equivalent device, the default source of randomness is keyboard

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence input. <code class="filename">randomdev</code> specifies the name of

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence a character device or file containing random data to be used

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence instead of the default. The special value

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <code class="filename">keyboard</code> indicates that keyboard input

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence should be used. This option may be specified multiple times.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence<p>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence Other types can be entered using "TYPEXXXXX" where "XXXXX" is the

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence decimal value of the type with no leading zeros. The rdata,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence if present, will be parsed using the UNKNOWN rdata format,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence (&lt;backslash&gt; &lt;hash&gt; &lt;space&gt; &lt;length&gt;

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence &lt;space&gt; &lt;hexstring&gt;).

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The <code class="option">-T</code> and <code class="option">-P</code> options print out

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence lists of non-meta types for which the type-specific presentation

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence formats are known. <code class="option">-T</code> prints out the list of

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence IANA-assigned types. <code class="option">-P</code> prints out the list of

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence private types specific to <span><strong class="command">named</strong></span>. These options

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence may be combined. <span><strong class="command">nsupdate</strong></span> will exit after the

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence lists are printed.

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence </p>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The -V option causes <span><strong class="command">nsupdate</strong></span> to print the

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence version number and exit.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence</div>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<div class="refsect1" lang="en">

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<a name="id2686637"></a><h2>INPUT FORMAT</h2>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p><span><strong class="command">nsupdate</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence reads input from

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>filename</code></em>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence or standard input.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Each command is supplied on exactly one line of input.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Some commands are for administrative purposes.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The others are either update instructions or prerequisite checks on the

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence contents of the zone.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence These checks set conditions that some name or set of

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence resource records (RRset) either exists or is absent from the zone.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence These conditions must be met if the entire update request is to succeed.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Updates will be rejected if the tests for the prerequisite conditions

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence fail.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Every update request consists of zero or more prerequisites

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence and zero or more updates.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This allows a suitably authenticated update request to proceed if some

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specified resource records are present or missing from the zone.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence A blank input line (or the <span><strong class="command">send</strong></span> command)

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence causes the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence accumulated commands to be sent as one Dynamic DNS update request to the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The command formats and their meaning are as follows:

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="variablelist"><dl>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">server</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {servername}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [port]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence Sends all dynamic update requests to the name server

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence <em class="parameter"><code>servername</code></em>.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence When no server statement is provided,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">nsupdate</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence will send updates to the master server of the correct zone.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The MNAME field of that zone's SOA record will identify the

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence master

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence server for that zone.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>port</code></em>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence is the port number on

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>servername</code></em>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence where the dynamic update requests get sent.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence If no port number is specified, the default DNS port number of

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence 53 is

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence used.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">local</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence {address}

0bd4e3591ac1a729c7ec8f811844119473350975David Lawrence [port]

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Sends all dynamic update requests using the local

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>address</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence When no local statement is provided,

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <span><strong class="command">nsupdate</strong></span>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence will send updates using an address and port chosen by the

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence system.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>port</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence can additionally be used to make requests come from a specific

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence port.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence If no port number is specified, the system will assign one.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence<dt><span class="term">

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <span><strong class="command">zone</strong></span>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence {zonename}

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

6a8832f784bd53aa6afbda22f6187cea6490e1e1Andreas Gustafsson Specifies that all updates are to be made to the zone

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>zonename</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence If no

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <em class="parameter"><code>zone</code></em>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence statement is provided,

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <span><strong class="command">nsupdate</strong></span>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence will attempt determine the correct zone to update based on the

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence rest of the input.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">class</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {classname}

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Specify the default class.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence If no <em class="parameter"><code>class</code></em> is specified, the

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence default class is

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>IN</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">ttl</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {seconds}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Specify the default time to live for records to be added.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence The value <em class="parameter"><code>none</code></em> will clear the default

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence ttl.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">key</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [hmac:] {keyname}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {secret}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence<dd><p>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence Specifies that all updates are to be TSIG-signed using the

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <em class="parameter"><code>keyname</code></em> <em class="parameter"><code>secret</code></em> pair.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence If <em class="parameter"><code>hmac</code></em> is specified, then it sets the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence signing algorithm in use; the default is

6a8832f784bd53aa6afbda22f6187cea6490e1e1Andreas Gustafsson <code class="literal">hmac-md5</code>. The <span><strong class="command">key</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence command overrides any key specified on the command line via

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <code class="option">-y</code> or <code class="option">-k</code>.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </p></dd>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence<dt><span class="term">

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <span><strong class="command">gsstsig</strong></span>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </span></dt>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence<dd><p>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence Use GSS-TSIG to sign the updated. This is equivalent to

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specifying <code class="option">-g</code> on the commandline.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <span><strong class="command">oldgsstsig</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Use the Windows 2000 version of GSS-TSIG to sign the updated.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This is equivalent to specifying <code class="option">-o</code> on the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence commandline.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence <span><strong class="command">realm</strong></span>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence {[<span class="optional">realm_name</span>]}

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence </span></dt>

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence When using GSS-TSIG use <em class="parameter"><code>realm_name</code></em> rather

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence than the default realm in <code class="filename">krb5.conf</code>. If no

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence realm is specified the saved realm is cleared.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] nxdomain</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Requires that no resource record of any type exists with name

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] yxdomain</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Requires that

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence exists (has as at least one resource record, of any type).

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] nxrrset</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [class]

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence {type}

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Requires that no resource record exists of the specified

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>type</code></em>,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>class</code></em>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence If

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is omitted, IN (internet) is assumed.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] yxrrset</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {type}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence This requires that a resource record of the specified

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>type</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence must exist.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence If

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is omitted, IN (internet) is assumed.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] yxrrset</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {type}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {data...}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>data</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence from each set of prerequisites of this form

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence sharing a common

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence <em class="parameter"><code>type</code></em>,

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence <em class="parameter"><code>class</code></em>,

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence are combined to form a set of RRs. This set of RRs must

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence exactly match the set of RRs existing in the zone at the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence given

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>type</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>data</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence are written in the standard text representation of the resource

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence record's

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence RDATA.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">update</span>] del[<span class="optional">ete</span>]</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [ttl]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [type [data...]]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Deletes any resource records named

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence If

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>type</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>data</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is provided, only matching resource records will be removed.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The internet class is assumed if

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is not supplied. The

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>ttl</code></em>

40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence is ignored, and is only allowed for compatibility.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">update</span>] add</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {ttl}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {type}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {data...}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Adds a new resource record with the specified

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>ttl</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>data</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">show</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Displays the current message, containing all of the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence prerequisites and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence updates specified since the last send.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">send</strong></span>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </span></dt>

fc6f5743aa860861fe39ca2680d9aa08e39d3039Andreas Gustafsson<dd><p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence Sends the current message. This is equivalent to entering a

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence blank line.

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">answer</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

c56c28c3f28526766895da7e0366799d7610b09cDavid Lawrence Displays the answer.

fc6f5743aa860861fe39ca2680d9aa08e39d3039Andreas Gustafsson </p></dd>

fc6f5743aa860861fe39ca2680d9aa08e39d3039Andreas Gustafsson<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">debug</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Turn on debugging.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">version</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Print version number.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">help</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Print a list of commands.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence</dl></div>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence Lines beginning with a semicolon are comments and are ignored.

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence</div>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<div class="refsect1" lang="en">

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<a name="id2687758"></a><h2>EXAMPLES</h2>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence The examples below show how

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence <span><strong class="command">nsupdate</strong></span>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence could be used to insert and delete resource records from the

fc6f5743aa860861fe39ca2680d9aa08e39d3039Andreas Gustafsson <span class="type">example.com</span>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence zone.

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence Notice that the input in each example contains a trailing blank line so

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington that

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence a group of commands are sent as one dynamic update request to the

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence master name server for

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence <span class="type">example.com</span>.

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<pre class="programlisting">

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence# nsupdate

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence&gt; update delete oldhost.example.com A

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence&gt; update add newhost.example.com 86400 A 172.16.1.1

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence&gt; send

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence</pre>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence Any A records for

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence <span class="type">oldhost.example.com</span>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence are deleted.

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence And an A record for

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington <span class="type">newhost.example.com</span>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence with IP address 172.16.1.1 is added.

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence The newly-added record has a 1 day TTL (86400 seconds).

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<pre class="programlisting">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence# nsupdate

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence&gt; prereq nxdomain nickname.example.com

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence&gt; update add nickname.example.com 86400 CNAME somehost.example.com

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence&gt; send

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</pre>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The prerequisite condition gets the name server to check that there

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence are no resource records of any type for

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence <span class="type">nickname.example.com</span>.

fc6f5743aa860861fe39ca2680d9aa08e39d3039Andreas Gustafsson

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence If there are, the update request fails.

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington If this name does not exist, a CNAME for it is added.

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence This ensures that when the CNAME is added, it cannot conflict with the

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence long-standing rule in RFC 1034 that a name must not exist as any other

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence record type if it exists as a CNAME.

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence (The rule has been updated for DNSSEC in RFC 2535 to allow CNAMEs to have

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence RRSIG, DNSKEY and NSEC records.)

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence </p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence</div>

fc6f5743aa860861fe39ca2680d9aa08e39d3039Andreas Gustafsson<div class="refsect1" lang="en">

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<a name="id2687809"></a><h2>FILES</h2>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<div class="variablelist"><dl>

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington<dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<dd><p>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence used to identify default name server

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence </p></dd>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<dt><span class="term"><code class="constant">/var/run/named/session.key</code></span></dt>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<dd><p>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence sets the default TSIG key for use in local-only mode

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence </p></dd>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<dt><span class="term"><code class="constant">K{name}.+157.+{random}.key</code></span></dt>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<dd><p>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence base-64 encoding of HMAC-MD5 key created by

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence </p></dd>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<dt><span class="term"><code class="constant">K{name}.+157.+{random}.private</code></span></dt>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<dd><p>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence base-64 encoding of HMAC-MD5 key created by

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence </p></dd>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence</dl></div>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence</div>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<div class="refsect1" lang="en">

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<a name="id2687892"></a><h2>SEE ALSO</h2>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<p>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <em class="citetitle">RFC 2136</em>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <em class="citetitle">RFC 3007</em>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <em class="citetitle">RFC 2104</em>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <em class="citetitle">RFC 2845</em>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <em class="citetitle">RFC 1034</em>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <em class="citetitle">RFC 2535</em>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <em class="citetitle">RFC 2931</em>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <span class="citerefentry"><span class="refentrytitle">ddns-confgen</span>(8)</span>,

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence </p>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence</div>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<div class="refsect1" lang="en">

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<a name="id2688018"></a><h2>BUGS</h2>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<p>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence The TSIG key is redundantly stored in two separate files.

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence This is a consequence of nsupdate using the DST library

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence for its cryptographic operations, and may change in future

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence releases.

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence </p>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence</div>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence</div>

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<div class="navfooter">

b74896ead5671943135727b50d86d1040d7ffbf3David Lawrence<hr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<table width="100%" summary="Navigation footer">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="40%" align="left">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a accesskey="p" href="man.named-rrchecker.html">Prev</a>�</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="40%" align="right">�<a accesskey="n" href="man.rndc.html">Next</a>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="40%" align="left" valign="top">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<span class="application">named-rrchecker</span>�</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="40%" align="right" valign="top">�<span class="application">rndc</span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</table>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p style="text-align: center;">BIND Version 9.11</p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</body>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</html>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence