man.rndc.html revision bec154197d3d640b0d5b416cd5218ea58dca5d3a
bec154197d3d640b0d5b416cd5218ea58dca5d3aTinderbox User - Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - Permission to use, copy, modify, and/or distribute this software for any
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - purpose with or without fee is hereby granted, provided that the above
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - copyright notice and this permission notice appear in all copies.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews - PERFORMANCE OF THIS SOFTWARE.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<link rel="prev" href="man.nsupdate.html" title="nsupdate">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<link rel="next" href="man.rndc.conf.html" title="rndc.conf">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<table width="100%" summary="Navigation header">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<tr><th colspan="3" align="center"><span class="application">rndc</span></th></tr>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<a accesskey="p" href="man.nsupdate.html">Prev</a>�</td>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<th width="60%" align="center">Manual pages</th>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<td width="20%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<a name="man.rndc"></a><div class="titlepage"></div>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p><span class="application">rndc</span> — name server control utility</p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="cmdsynopsis"><p><code class="command">rndc</code> [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p><span><strong class="command">rndc</strong></span>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews controls the operation of a name
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews server. It supersedes the <span><strong class="command">ndc</strong></span> utility
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews that was provided in old BIND releases. If
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <span><strong class="command">rndc</strong></span> is invoked with no command line
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews options or arguments, it prints a short summary of the
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews supported commands and the available options and their
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p><span><strong class="command">rndc</strong></span>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews communicates with the name server
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews over a TCP connection, sending commands authenticated with
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews digital signatures. In the current versions of
c247e3f281613fabe1af362e9f3157e35ebbe52cMark Andrews <span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span>,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews the only supported authentication algorithm is HMAC-MD5,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews which uses a shared secret on each end of the connection.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews This provides TSIG-style authentication for the command
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews request and the name server's response. All commands sent
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews over the channel must be signed by a key_id known to the
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p><span><strong class="command">rndc</strong></span>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews reads a configuration file to
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews determine how to contact the name server and decide what
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews algorithm and key it should use.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Use <em class="replaceable"><code>source-address</code></em>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews as the source address for the connection to the server.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Multiple instances are permitted to allow setting of both
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews the IPv4 and IPv6 source addresses.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Use <em class="replaceable"><code>config-file</code></em>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews as the configuration file instead of the default,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Use <em class="replaceable"><code>key-file</code></em>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews as the key file instead of the default,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <code class="filename">/etc/rndc.key</code>. The key in
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <code class="filename">/etc/rndc.key</code> will be used to
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews authenticate
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews commands sent to the server if the <em class="replaceable"><code>config-file</code></em>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews does not exist.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dd><p><em class="replaceable"><code>server</code></em> is
1224c3b69b3d18f7127aa042644936af25a2d679Mark Andrews the name or address of the server which matches a
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews server statement in the configuration file for
1224c3b69b3d18f7127aa042644936af25a2d679Mark Andrews <span><strong class="command">rndc</strong></span>. If no server is supplied on the
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews command line, the host named by the default-server clause
1224c3b69b3d18f7127aa042644936af25a2d679Mark Andrews in the options statement of the <span><strong class="command">rndc</strong></span>
1224c3b69b3d18f7127aa042644936af25a2d679Mark Andrews configuration file will be used.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Send commands to TCP port
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews of BIND 9's default control channel port, 953.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Enable verbose logging.
c247e3f281613fabe1af362e9f3157e35ebbe52cMark Andrews<dt><span class="term">-y <em class="replaceable"><code>key_id</code></em></span></dt>
c247e3f281613fabe1af362e9f3157e35ebbe52cMark Andrews Use the key <em class="replaceable"><code>key_id</code></em>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews from the configuration file.
c247e3f281613fabe1af362e9f3157e35ebbe52cMark Andrews <em class="replaceable"><code>key_id</code></em>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews known by named with the same algorithm and secret string
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews in order for control message validation to succeed.
c247e3f281613fabe1af362e9f3157e35ebbe52cMark Andrews If no <em class="replaceable"><code>key_id</code></em>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews is specified, <span><strong class="command">rndc</strong></span> will first look
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews for a key clause in the server statement of the server
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews being used, or if no server statement is present for that
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews host, then the default-key clause of the options statement.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Note that the configuration file contains shared secrets
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews which are used to send authenticated control commands
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews to name servers. It should therefore not have general read
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews or write access.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews For the complete set of commands supported by <span><strong class="command">rndc</strong></span>,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews see the BIND 9 Administrator Reference Manual or run
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <span><strong class="command">rndc</strong></span> without arguments to see its help
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p><span><strong class="command">rndc</strong></span>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews does not yet support all the commands of
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews the BIND 8 <span><strong class="command">ndc</strong></span> utility.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews There is currently no way to provide the shared secret for a
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <code class="option">key_id</code> without using the configuration file.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Several error messages could be clearer.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
1d216bfaa764f2b40c57cf61987453c5a6fa9b0aMark Andrews <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
d71e2e0c61df16ff37c9934c371a4a60c08974f7Mark Andrews <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p><span class="corpauthor">Internet Systems Consortium</span>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<table width="100%" summary="Navigation footer">
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<a accesskey="p" href="man.nsupdate.html">Prev</a>�</td>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<td width="40%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
0c6ada0a814f3c5417daa1654129bc2af56ed504Automatic Updater<span class="application">nsupdate</span>�</td>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
4abdfc917e6635a7c81d1f931a0c79227e72d025Mark Andrews<td width="40%" align="right" valign="top">�<code class="filename">rndc.conf</code>