b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<html>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<head>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<title>nsupdate</title>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">

899f7f9af527d3dfe8345dcc8210d7c23fc950afDavid Lawrence<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">

c4717613e45323ed23dc6e9162cba89f1f83830cDavid Lawrence<link rel="prev" href="man.named-rrchecker.html" title="named-rrchecker">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<link rel="next" href="man.rndc.html" title="rndc">

9550eb2dab1d03e03e6c060f92e655d47ac1fc1bMichael Graff</head>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson<div class="navheader">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<table width="100%" summary="Navigation header">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<tr><th colspan="3" align="center"><span class="application">nsupdate</span></th></tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="left">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a accesskey="p" href="man.named-rrchecker.html">Prev</a>�</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<th width="60%" align="center">Manual pages</th>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="right">�<a accesskey="n" href="man.rndc.html">Next</a>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</tr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</table>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<hr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refentry" lang="en">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="man.nsupdate"></a><div class="titlepage"></div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refnamediv">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<h2>Name</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p><span class="application">nsupdate</span> &#8212; Dynamic DNS update utility</p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refsynopsisdiv">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<h2>Synopsis</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="cmdsynopsis"><p><code class="command">nsupdate</code> [<code class="option">-d</code>] [<code class="option">-D</code>] [<code class="option">-L <em class="replaceable"><code>level</code></em></code>] [[<code class="option">-g</code>] | [<code class="option">-o</code>] | [<code class="option">-l</code>] | [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]keyname:secret</code></em></code>] | [<code class="option">-k <em class="replaceable"><code>keyfile</code></em></code>]] [<code class="option">-t <em class="replaceable"><code>timeout</code></em></code>] [<code class="option">-u <em class="replaceable"><code>udptimeout</code></em></code>] [<code class="option">-r <em class="replaceable"><code>udpretries</code></em></code>] [<code class="option">-R <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-v</code>] [<code class="option">-T</code>] [<code class="option">-P</code>] [<code class="option">-V</code>] [filename]</p></div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refsect1" lang="en">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2657017"></a><h2>DESCRIPTION</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p><span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is used to submit Dynamic DNS Update requests as defined in RFC 2136

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence to a name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This allows resource records to be added or removed from a zone

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence without manually editing the zone file.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence A single update request can contain requests to add or remove more than

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence one

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence resource record.

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Zones that are under dynamic control via

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence or a DHCP server should not be edited by hand.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Manual edits could

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence conflict with dynamic updates and cause data to be lost.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The resource records that are dynamically added or removed with

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence have to be in the same zone.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Requests are sent to the zone's master server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This is identified by the MNAME field of the zone's SOA record.

d409ceeda41a256e8114423674d844d5f5035ee8Bob Halley </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson Transaction signatures can be used to authenticate the Dynamic

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence DNS updates. These use the TSIG resource record type described

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence in RFC 2845 or the SIG(0) record described in RFC 2535 and

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson RFC 2931 or GSS-TSIG as described in RFC 3645.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence TSIG relies on

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence a shared secret that should only be known to

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson <span><strong class="command">nsupdate</strong></span> and the name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence For instance, suitable <span class="type">key</span> and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span class="type">server</span> statements would be added to

8f804834e2b537da5c8bc81f986143a46147b490Andreas Gustafsson <code class="filename">/etc/named.conf</code> so that the name server

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence can associate the appropriate secret key and algorithm with

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the IP address of the client application that will be using

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence TSIG authentication. You can use <span><strong class="command">ddns-confgen</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence to generate suitable configuration fragments.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">nsupdate</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence uses the <code class="option">-y</code> or <code class="option">-k</code> options

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence to provide the TSIG shared secret. These options are mutually exclusive.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence SIG(0) uses public key cryptography.

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence To use a SIG(0) key, the public key must be stored in a KEY

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence record in a zone served by the name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence GSS-TSIG uses Kerberos credentials. Standard GSS-TSIG mode

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is switched on with the <code class="option">-g</code> flag. A

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence non-standards-compliant variant of GSS-TSIG used by Windows

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence 2000 can be switched on with the <code class="option">-o</code> flag.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

61e9c1cdbe29683bb2db388e4fc6a6fd59315cefDavid Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refsect1" lang="en">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2657174"></a><h2>OPTIONS</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="variablelist"><dl>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">-d</span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Debug mode. This provides tracing information about the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence update requests that are made and the replies received

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence from the name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">-D</span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Extra debug mode.

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">-k <em class="replaceable"><code>keyfile</code></em></span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The file containing the TSIG authentication key.

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff Keyfiles may be in two formats: a single file containing

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence a <code class="filename">named.conf</code>-format <span><strong class="command">key</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence statement, which may be generated automatically by

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff <span><strong class="command">ddns-confgen</strong></span>, or a pair of files whose names are

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff of the format <code class="filename">K{name}.+157.+{random}.key</code> and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <code class="filename">K{name}.+157.+{random}.private</code>, which can be

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff generated by <span><strong class="command">dnssec-keygen</strong></span>.

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff The <code class="option">-k</code> may also be used to specify a SIG(0) key used

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff to authenticate Dynamic DNS update requests. In this case, the key

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff specified is not an HMAC-MD5 key.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

5fe5a0c02634eaadfcbc3528bf2c184557110a3bAndreas Gustafsson<dt><span class="term">-l</span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff Local-host only mode. This sets the server address to

1a487fb7d230403bf1b5d6628542134f52c80653Michael Graff localhost (disabling the <span><strong class="command">server</strong></span> so that the server

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence address cannot be overridden). Connections to the local server will

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence use a TSIG key found in <code class="filename">/var/run/named/session.key</code>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence which is automatically generated by <span><strong class="command">named</strong></span> if any

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence local master zone has set <span><strong class="command">update-policy</strong></span> to

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">local</strong></span>. The location of this key file can be

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence overridden with the <code class="option">-k</code> option.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">-L <em class="replaceable"><code>level</code></em></span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Set the logging debug level. If zero, logging is disabled.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Set the port to use for connections to a name server. The

78aa86abc692e41742baae8c72d240ef96d8381cAndreas Gustafsson default is 53.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">-P</span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Print the list of private BIND-specific resource record

40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence types whose format is understood

1b106e224d3931e85d68c091fe1ec7758d9f07cbAndreas Gustafsson by <span><strong class="command">nsupdate</strong></span>. See also

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence the <code class="option">-T</code> option.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">-r <em class="replaceable"><code>udpretries</code></em></span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The number of UDP retries. The default is 3. If zero, only

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence one update request will be made.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">-R <em class="replaceable"><code>randomdev</code></em></span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Where to obtain randomness. If the operating system

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence does not provide a <code class="filename">/dev/random</code> or

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence equivalent device, the default source of randomness is keyboard

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence input. <code class="filename">randomdev</code> specifies the name of

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence a character device or file containing random data to be used

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence instead of the default. The special value

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <code class="filename">keyboard</code> indicates that keyboard input

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence should be used. This option may be specified multiple times.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">-t <em class="replaceable"><code>timeout</code></em></span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The maximum time an update request can take before it is

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence aborted. The default is 300 seconds. Zero can be used to

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence disable the timeout.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">-T</span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Print the list of IANA standard resource record types

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence whose format is understood by <span><strong class="command">nsupdate</strong></span>.

c4717613e45323ed23dc6e9162cba89f1f83830cDavid Lawrence <span><strong class="command">nsupdate</strong></span> will exit after the lists are

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence printed. The <code class="option">-T</code> option can be combined

c4717613e45323ed23dc6e9162cba89f1f83830cDavid Lawrence with the <code class="option">-P</code> option.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

c4717613e45323ed23dc6e9162cba89f1f83830cDavid Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Other types can be entered using "TYPEXXXXX" where "XXXXX" is the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence decimal value of the type with no leading zeros. The rdata,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence if present, will be parsed using the UNKNOWN rdata format,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence (&lt;backslash&gt; &lt;hash&gt; &lt;space&gt; &lt;length&gt;

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence &lt;space&gt; &lt;hexstring&gt;).

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">-u <em class="replaceable"><code>udptimeout</code></em></span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The UDP retry interval. The default is 3 seconds. If zero,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence the interval will be computed from the timeout interval and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence number of UDP retries.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">-v</span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Use TCP even for small update requests.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence By default, <span><strong class="command">nsupdate</strong></span>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence uses UDP to send update requests to the name server unless they are too

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence large to fit in a UDP request in which case TCP will be used.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence TCP may be preferable when a batch of update requests is made.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">-V</span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Print the version number and exit.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]keyname:secret</code></em></span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Literal TSIG authentication key.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>keyname</code></em> is the name of the key, and

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>secret</code></em> is the base64 encoded shared secret.

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence <em class="parameter"><code>hmac</code></em> is the name of the key algorithm;

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence valid choices are <code class="literal">hmac-md5</code>,

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence <code class="literal">hmac-sha1</code>, <code class="literal">hmac-sha224</code>,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <code class="literal">hmac-sha256</code>, <code class="literal">hmac-sha384</code>, or

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <code class="literal">hmac-sha512</code>. If <em class="parameter"><code>hmac</code></em>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence is not specified, the default is <code class="literal">hmac-md5</code>.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence NOTE: Use of the <code class="option">-y</code> option is discouraged because the

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence shared secret is supplied as a command line argument in clear text.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence This may be visible in the output from

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span class="citerefentry"><span class="refentrytitle">ps</span>(1)</span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence or in a history file maintained by the user's shell.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence</dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence</dl></div>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence</div>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<div class="refsect1" lang="en">

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<a name="id2687722"></a><h2>INPUT FORMAT</h2>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<p><span><strong class="command">nsupdate</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence reads input from

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>filename</code></em>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence or standard input.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Each command is supplied on exactly one line of input.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Some commands are for administrative purposes.

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence The others are either update instructions or prerequisite checks on the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence contents of the zone.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence These checks set conditions that some name or set of

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence resource records (RRset) either exists or is absent from the zone.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence These conditions must be met if the entire update request is to succeed.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Updates will be rejected if the tests for the prerequisite conditions

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence fail.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Every update request consists of zero or more prerequisites

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and zero or more updates.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This allows a suitably authenticated update request to proceed if some

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specified resource records are present or missing from the zone.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence A blank input line (or the <span><strong class="command">send</strong></span> command)

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence causes the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence accumulated commands to be sent as one Dynamic DNS update request to the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence name server.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence<p>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence The command formats and their meaning are as follows:

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<div class="variablelist"><dl>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">server</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence {servername}

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence [port]

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Sends all dynamic update requests to the name server

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>servername</code></em>.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence When no server statement is provided,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">nsupdate</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence will send updates to the master server of the correct zone.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence The MNAME field of that zone's SOA record will identify the

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence master

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence server for that zone.

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>port</code></em>

0bd4e3591ac1a729c7ec8f811844119473350975David Lawrence is the port number on

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence <em class="parameter"><code>servername</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence where the dynamic update requests get sent.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence If no port number is specified, the default DNS port number of

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence 53 is

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence used.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence<dt><span class="term">

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <span><strong class="command">local</strong></span>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence {address}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [port]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Sends all dynamic update requests using the local

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>address</code></em>.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence When no local statement is provided,

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <span><strong class="command">nsupdate</strong></span>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence will send updates using an address and port chosen by the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence system.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>port</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence can additionally be used to make requests come from a specific

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence port.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence If no port number is specified, the system will assign one.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </p></dd>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence<dt><span class="term">

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <span><strong class="command">zone</strong></span>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence {zonename}

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Specifies that all updates are to be made to the zone

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>zonename</code></em>.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence If no

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>zone</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence statement is provided,

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <span><strong class="command">nsupdate</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence will attempt determine the correct zone to update based on the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence rest of the input.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">class</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {classname}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Specify the default class.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence If no <em class="parameter"><code>class</code></em> is specified, the

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence default class is

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <em class="parameter"><code>IN</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">ttl</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {seconds}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence<dd><p>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence Specify the default time to live for records to be added.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence The value <em class="parameter"><code>none</code></em> will clear the default

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence ttl.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">key</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [hmac:] {keyname}

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence {secret}

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence </span></dt>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence<dd><p>

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence Specifies that all updates are to be TSIG-signed using the

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <em class="parameter"><code>keyname</code></em> <em class="parameter"><code>secret</code></em> pair.

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence If <em class="parameter"><code>hmac</code></em> is specified, then it sets the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence signing algorithm in use; the default is

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <code class="literal">hmac-md5</code>. The <span><strong class="command">key</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence command overrides any key specified on the command line via

ff30a206ecc63b6681716322ed7f017e3f51ea7fDavid Lawrence <code class="option">-y</code> or <code class="option">-k</code>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">gsstsig</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Use GSS-TSIG to sign the updated. This is equivalent to

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence specifying <code class="option">-g</code> on the command line.

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence </p></dd>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence<dt><span class="term">

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence <span><strong class="command">oldgsstsig</strong></span>

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Use the Windows 2000 version of GSS-TSIG to sign the updated.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This is equivalent to specifying <code class="option">-o</code> on the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence command line.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">realm</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {[<span class="optional">realm_name</span>]}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence When using GSS-TSIG use <em class="parameter"><code>realm_name</code></em> rather

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence than the default realm in <code class="filename">krb5.conf</code>. If no

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence realm is specified the saved realm is cleared.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">check-names</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {[<span class="optional">yes_or_no</span>]}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Turn on or off check-names processing on records to

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence be added. Check-names has no effect on prerequisites

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence or records to be deleted. By default check-names

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence processing is on. If check-names processing fails

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence the record will not be added to the UPDATE message.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence<dt><span class="term">

2918b5bda6a55c301eb87992b5f2acd7176d0737David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] nxdomain</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence </span></dt>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dd><p>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence Requires that no resource record of any type exists with name

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence <em class="parameter"><code>domain-name</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] yxdomain</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Requires that

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence exists (has as at least one resource record, of any type).

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] nxrrset</strong></span>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence {domain-name}

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {type}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Requires that no resource record exists of the specified

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>type</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence If

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is omitted, IN (internet) is assumed.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] yxrrset</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {type}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This requires that a resource record of the specified

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence <em class="parameter"><code>type</code></em>,

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence <em class="parameter"><code>class</code></em>

87cafc5e70f79f2586d067fbdd64f61bbab069d2David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence must exist.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence If

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is omitted, IN (internet) is assumed.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">prereq</span>] yxrrset</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {type}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {data...}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>data</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence from each set of prerequisites of this form

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence sharing a common

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>type</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence are combined to form a set of RRs. This set of RRs must

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence exactly match the set of RRs existing in the zone at the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence given

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>type</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>data</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence are written in the standard text representation of the resource

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence record's

40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence RDATA.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">update</span>] del[<span class="optional">ete</span>]</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [ttl]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [type [data...]]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Deletes any resource records named

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>domain-name</code></em>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence If

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>type</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>data</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is provided, only matching resource records will be removed.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The internet class is assumed if

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>class</code></em>

863ac191b448a13ae1a3a8ee3458344e11602737David Lawrence is not supplied. The

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="parameter"><code>ttl</code></em>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence is ignored, and is only allowed for compatibility.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">[<span class="optional">update</span>] add</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {domain-name}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {ttl}

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence [class]

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence {type}

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence {data...}

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </span></dt>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<dd><p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence Adds a new resource record with the specified

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence <em class="parameter"><code>ttl</code></em>,

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence <em class="parameter"><code>class</code></em>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence and

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence <em class="parameter"><code>data</code></em>.

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington </p></dd>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<dt><span class="term">

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence <span><strong class="command">show</strong></span>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Displays the current message, containing all of the

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence prerequisites and

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence updates specified since the last send.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">send</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Sends the current message. This is equivalent to entering a

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence blank line.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">answer</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<dd><p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence Displays the answer.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p></dd>

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington<dt><span class="term">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span><strong class="command">debug</strong></span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </span></dt>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<dd><p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence Turn on debugging.

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </p></dd>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<dt><span class="term">

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence <span><strong class="command">version</strong></span>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </span></dt>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<dd><p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence Print version number.

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </p></dd>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<dt><span class="term">

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence <span><strong class="command">help</strong></span>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </span></dt>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<dd><p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence Print a list of commands.

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </p></dd>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence</dl></div>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence Lines beginning with a semicolon are comments and are ignored.

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence</div>

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington<div class="refsect1" lang="en">

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<a name="id2688864"></a><h2>EXAMPLES</h2>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence The examples below show how

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence <span><strong class="command">nsupdate</strong></span>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence could be used to insert and delete resource records from the

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence <span class="type">example.com</span>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence zone.

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence Notice that the input in each example contains a trailing blank line so

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence that

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence a group of commands are sent as one dynamic update request to the

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence master name server for

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence <span class="type">example.com</span>.

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence </p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<pre class="programlisting">

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence# nsupdate

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence&gt; update delete oldhost.example.com A

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence&gt; update add newhost.example.com 86400 A 172.16.1.1

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence&gt; send

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence</pre>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<p>

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington </p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence<p>

00a1623a59b1540c28781e8ccd8341c8114dbc75David Lawrence Any A records for

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span class="type">oldhost.example.com</span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence are deleted.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence And an A record for

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span class="type">newhost.example.com</span>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence with IP address 172.16.1.1 is added.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The newly-added record has a 1 day TTL (86400 seconds).

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<pre class="programlisting">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence# nsupdate

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence&gt; prereq nxdomain nickname.example.com

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence&gt; update add nickname.example.com 86400 CNAME somehost.example.com

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence&gt; send

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence</pre>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence The prerequisite condition gets the name server to check that there

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence are no resource records of any type for

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence <span class="type">nickname.example.com</span>.

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence If there are, the update request fails.

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence If this name does not exist, a CNAME for it is added.

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington This ensures that when the CNAME is added, it cannot conflict with the

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence long-standing rule in RFC 1034 that a name must not exist as any other

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence record type if it exists as a CNAME.

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence (The rule has been updated for DNSSEC in RFC 2535 to allow CNAMEs to have

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence RRSIG, DNSKEY and NSEC records.)

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence </p>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence</div>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<div class="refsect1" lang="en">

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<a name="id2688914"></a><h2>FILES</h2>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<div class="variablelist"><dl>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<dd><p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence used to identify default name server

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </p></dd>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<dt><span class="term"><code class="constant">/var/run/named/session.key</code></span></dt>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<dd><p>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence sets the default TSIG key for use in local-only mode

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </p></dd>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<dt><span class="term"><code class="constant">K{name}.+157.+{random}.key</code></span></dt>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<dd><p>

0c7b7a19e5a3c23fbb789238dcc4d43cd55387a0Brian Wellington base-64 encoding of HMAC-MD5 key created by

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence </p></dd>

b161f87be81548d1b6d0210a7e138a08fbb2d3e5David Lawrence<dt><span class="term"><code class="constant">K{name}.+157.+{random}.private</code></span></dt>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence<dd><p>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence base-64 encoding of HMAC-MD5 key created by

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence </p></dd>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence</dl></div>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refsect1" lang="en">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2689000"></a><h2>SEE ALSO</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="citetitle">RFC 2136</em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="citetitle">RFC 3007</em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="citetitle">RFC 2104</em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="citetitle">RFC 2845</em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="citetitle">RFC 1034</em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="citetitle">RFC 2535</em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <em class="citetitle">RFC 2931</em>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span class="citerefentry"><span class="refentrytitle">ddns-confgen</span>(8)</span>,

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="refsect1" lang="en">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a name="id2689126"></a><h2>BUGS</h2>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence The TSIG key is redundantly stored in two separate files.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence This is a consequence of nsupdate using the DST library

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence for its cryptographic operations, and may change in future

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence releases.

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence </p>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</div>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<div class="navfooter">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<hr>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<table width="100%" summary="Navigation footer">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<tr>

40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence<td width="40%" align="left">

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<a accesskey="p" href="man.named-rrchecker.html">Prev</a>�</td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence<td width="40%" align="right">�<a accesskey="n" href="man.rndc.html">Next</a>

fc80027fb54b501cdd88461bf879d078259e0226David Lawrence</td>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson</tr>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson<tr>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson<td width="40%" align="left" valign="top">

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson<span class="application">named-rrchecker</span>�</td>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson<td width="40%" align="right" valign="top">�<span class="application">rndc</span>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson</td>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson</tr>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson</table>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson</div>

30576c592b538cab293cf6e1f6265d376cd5a12cAndreas Gustafsson<p style="text-align: center;">BIND 9.11.0pre-alpha</p>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence</body>

edcd1247ad7e81bb8b430e610d9718f64c70f05dDavid Lawrence</html>

1b038dbf0659fce246485562601ee851a9841ba1David Lawrence