man.rndc.html revision c92c50783e4e93699f2a42643b8f200b9b719c87
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
32098293b78922a5fbd10906afa28624820d3756Tinderbox User - Copyright (C) 2000-2003 Internet Software Consortium.
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - Permission to use, copy, modify, and/or distribute this software for any
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - purpose with or without fee is hereby granted, provided that the above
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - copyright notice and this permission notice appear in all copies.
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<!-- $Id: man.rndc.html,v 1.223 2012/01/07 01:14:55 tbox Exp $ -->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.nsupdate.html" title="nsupdate">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.rndc.conf.html" title="rndc.conf">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">rndc</span></th></tr>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a accesskey="p" href="man.nsupdate.html">Prev</a>�</td>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<th width="60%" align="center">Manual pages</th>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<td width="20%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User<a name="man.rndc"></a><div class="titlepage"></div>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<p><span class="application">rndc</span> — name server control utility</p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<div class="cmdsynopsis"><p><code class="command">rndc</code> [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">rndc</strong></span>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User controls the operation of a name
f9ce6280cec79deb16ff6d9807aa493ff23e10d9Tinderbox User server. It supersedes the <span><strong class="command">ndc</strong></span> utility
0b89eee6167201843c9a46b7e7c63cb1e4e09ba3Tinderbox User that was provided in old BIND releases. If
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <span><strong class="command">rndc</strong></span> is invoked with no command line
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User options or arguments, it prints a short summary of the
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt supported commands and the available options and their
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User<p><span><strong class="command">rndc</strong></span>
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User communicates with the name server
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User over a TCP connection, sending commands authenticated with
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User digital signatures. In the current versions of
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span>,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User the only supported authentication algorithm is HMAC-MD5,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User which uses a shared secret on each end of the connection.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User This provides TSIG-style authentication for the command
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt request and the name server's response. All commands sent
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt over the channel must be signed by a key_id known to the
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<p><span><strong class="command">rndc</strong></span>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt reads a configuration file to
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt determine how to contact the name server and decide what
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt algorithm and key it should use.
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User Use <em class="replaceable"><code>source-address</code></em>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User as the source address for the connection to the server.
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User Multiple instances are permitted to allow setting of both
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User the IPv4 and IPv6 source addresses.
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User Use <em class="replaceable"><code>config-file</code></em>
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User as the configuration file instead of the default,
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <code class="filename">/etc/rndc.conf</code>.
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt>
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User Use <em class="replaceable"><code>key-file</code></em>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User as the key file instead of the default,
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <code class="filename">/etc/rndc.key</code>. The key in
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <code class="filename">/etc/rndc.key</code> will be used to
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User commands sent to the server if the <em class="replaceable"><code>config-file</code></em>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User does not exist.
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User<dd><p><em class="replaceable"><code>server</code></em> is
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User the name or address of the server which matches a
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User server statement in the configuration file for
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <span><strong class="command">rndc</strong></span>. If no server is supplied on the
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User command line, the host named by the default-server clause
a1ff871f78b7d907d6fc3a382beea2a640fe8423Tinderbox User in the options statement of the <span><strong class="command">rndc</strong></span>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User configuration file will be used.
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User Send commands to TCP port
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <em class="replaceable"><code>port</code></em>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User of BIND 9's default control channel port, 953.
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User Enable verbose logging.
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User<dt><span class="term">-y <em class="replaceable"><code>key_id</code></em></span></dt>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User Use the key <em class="replaceable"><code>key_id</code></em>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User from the configuration file.
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User <em class="replaceable"><code>key_id</code></em>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User known by named with the same algorithm and secret string
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User in order for control message validation to succeed.
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User If no <em class="replaceable"><code>key_id</code></em>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User is specified, <span><strong class="command">rndc</strong></span> will first look
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User for a key clause in the server statement of the server
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User being used, or if no server statement is present for that
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User host, then the default-key clause of the options statement.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User Note that the configuration file contains shared secrets
a1ff871f78b7d907d6fc3a382beea2a640fe8423Tinderbox User which are used to send authenticated control commands
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User to name servers. It should therefore not have general read
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User or write access.
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User For the complete set of commands supported by <span><strong class="command">rndc</strong></span>,
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User see the BIND 9 Administrator Reference Manual or run
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User <span><strong class="command">rndc</strong></span> without arguments to see its help
550d3276d0490c4918f089ccb1528a3eb0951b0aTinderbox User<p><span><strong class="command">rndc</strong></span>
550d3276d0490c4918f089ccb1528a3eb0951b0aTinderbox User does not yet support all the commands of
550d3276d0490c4918f089ccb1528a3eb0951b0aTinderbox User the BIND 8 <span><strong class="command">ndc</strong></span> utility.
550d3276d0490c4918f089ccb1528a3eb0951b0aTinderbox User There is currently no way to provide the shared secret for a
51da15c88648a9e47d0cddff4b2b782665e99401Tinderbox User <code class="option">key_id</code> without using the configuration file.
51da15c88648a9e47d0cddff4b2b782665e99401Tinderbox User Several error messages could be clearer.
51da15c88648a9e47d0cddff4b2b782665e99401Tinderbox User<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
51da15c88648a9e47d0cddff4b2b782665e99401Tinderbox User <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
51da15c88648a9e47d0cddff4b2b782665e99401Tinderbox User <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
51da15c88648a9e47d0cddff4b2b782665e99401Tinderbox User <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
51da15c88648a9e47d0cddff4b2b782665e99401Tinderbox User <span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>,
51da15c88648a9e47d0cddff4b2b782665e99401Tinderbox User <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<p><span class="corpauthor">Internet Systems Consortium</span>
bfb7b680bf88c1fdd9949197b71c512c532280a4Tinderbox User<table width="100%" summary="Navigation footer">
bfb7b680bf88c1fdd9949197b71c512c532280a4Tinderbox User<a accesskey="p" href="man.nsupdate.html">Prev</a>�</td>
bfb7b680bf88c1fdd9949197b71c512c532280a4Tinderbox User<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
bfb7b680bf88c1fdd9949197b71c512c532280a4Tinderbox User<td width="40%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
dfae459e8c4f794f8a239e74aa9d5e11cce6ea5bTinderbox User<span class="application">nsupdate</span>�</td>
dfae459e8c4f794f8a239e74aa9d5e11cce6ea5bTinderbox User<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
dfae459e8c4f794f8a239e74aa9d5e11cce6ea5bTinderbox User<td width="40%" align="right" valign="top">�<code class="filename">rndc.conf</code>