man.rndc.html revision 6101b9f0d904a708e900a74abc16d1e0eda67264
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater - Copyright (C) 2000-2003 Internet Software Consortium.
1167fc7904c5f0a472f8df207ac46dd52c7f1ec8Automatic Updater - Permission to use, copy, modify, and distribute this software for any
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater - purpose with or without fee is hereby granted, provided that the above
46da3117812814a29432a8d9a9ccf8acdbfdadceAutomatic Updater - copyright notice and this permission notice appear in all copies.
0519188c8e1ae76978fc4e0f799620cd36eba07aAutomatic Updater - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
79b273c187a4aa1016a62181983dfdd0521681aeMark Andrews - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
90ff38a0d8deaf5f9c2aa5916d99b2e572d28738Automatic Updater - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - PERFORMANCE OF THIS SOFTWARE.
e171a4137c6ba348957e61b7c4c3541493c0da02Automatic Updater<!-- $Id: man.rndc.html,v 1.12 2005/12/05 02:08:05 marka Exp $ -->
e130ab53e992670e2a2ecf043976ac09f21358d1Automatic Updater<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.69.1">
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
e171a4137c6ba348957e61b7c4c3541493c0da02Automatic Updater<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
831f79c4310a7d38fc3475ccfff531b2b2535641Automatic Updater<link rel="prev" href="man.named.html" title="named">
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<link rel="next" href="man.rndc.conf.html" title="rndc.conf">
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson<table width="100%" summary="Navigation header">
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater<tr><th colspan="3" align="center"><span class="application">rndc</span></th></tr>
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater<a accesskey="p" href="man.named.html">Prev</a>�</td>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater<th width="60%" align="center">Manual pages</th>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater<td width="20%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater<a name="man.rndc"></a><div class="titlepage"></div>
2d2dc37599979c83495510f8af8d1756753aa2c5Automatic Updater<p><span class="application">rndc</span> — name server control utility</p>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater<div class="cmdsynopsis"><p><code class="command">rndc</code> [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater<a name="id2585772"></a><h2>DESCRIPTION</h2>
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater<p><span><strong class="command">rndc</strong></span>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater controls the operation of a name
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater server. It supersedes the <span><strong class="command">ndc</strong></span> utility
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater that was provided in old BIND releases. If
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <span><strong class="command">rndc</strong></span> is invoked with no command line
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews options or arguments, it prints a short summary of the
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews supported commands and the available options and their
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater<p><span><strong class="command">rndc</strong></span>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews communicates with the name server
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater over a TCP connection, sending commands authenticated with
8e9f3b69914ee02a80b87c97b1f8093edb3e9ae0Automatic Updater digital signatures. In the current versions of
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span> named
930f6069e5aa157cf6987cdafd412f5757a5a558Automatic Updater the only supported authentication algorithm is HMAC-MD5,
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews which uses a shared secret on each end of the connection.
930f6069e5aa157cf6987cdafd412f5757a5a558Automatic Updater This provides TSIG-style authentication for the command
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater request and the name server's response. All commands sent
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews over the channel must be signed by a key_id known to the
930f6069e5aa157cf6987cdafd412f5757a5a558Automatic Updater<p><span><strong class="command">rndc</strong></span>
693c4232dfdffaff672197d4b9fea944c64cf80aAutomatic Updater reads a configuration file to
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews determine how to contact the name server and decide what
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater algorithm and key it should use.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater Use <em class="replaceable"><code>source-address</code></em>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson as the source address for the connection to the server.
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater Multiple instances are permitted to allow setting of both
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater the IPv4 and IPv6 source addresses.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
11af78f7dc35741bdab68dbab11b03daab005b28Automatic Updater Use <em class="replaceable"><code>config-file</code></em>
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews as the configuration file instead of the default,
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont <code class="filename">/etc/rndc.conf</code>.
8ccd7da886e93cd490fcb6f4c4e98a6514f35820Automatic Updater<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews Use <em class="replaceable"><code>key-file</code></em>
e130ab53e992670e2a2ecf043976ac09f21358d1Automatic Updater as the key file instead of the default,
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updater <code class="filename">/etc/rndc.key</code>. The key in
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <code class="filename">/etc/rndc.key</code> will be used to
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews authenticate
08e3b6797706a13054bad749dea04e94b514b8e7Automatic Updater commands sent to the server if the <em class="replaceable"><code>config-file</code></em>
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater does not exist.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt>
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updater<dd><p><em class="replaceable"><code>server</code></em> is
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updater the name or address of the server which matches a
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews server statement in the configuration file for
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <span><strong class="command">rndc</strong></span>. If no server is supplied on
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater command line, the host named by the default-server clause
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews in the option statement of the configuration file will be
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater Send commands to TCP port
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater <em class="replaceable"><code>port</code></em>
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater of BIND 9's default control channel port, 953.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson Enable verbose logging.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews<dt><span class="term">-y <em class="replaceable"><code>keyid</code></em></span></dt>
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater Use the key <em class="replaceable"><code>keyid</code></em>
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater from the configuration file.
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater <em class="replaceable"><code>keyid</code></em>
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater known by named with the same algorithm and secret string
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater in order for control message validation to succeed.
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater If no <em class="replaceable"><code>keyid</code></em>
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson is specified, <span><strong class="command">rndc</strong></span> will first look
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater for a key clause in the server statement of the server
4104e236f71eb5108fcfda6711878a97f6f4a8e7Automatic Updater being used, or if no server statement is present for that
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater host, then the default-key clause of the options statement.
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater Note that the configuration file contains shared secrets
0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater which are used to send authenticated control commands
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater to name servers. It should therefore not have general read
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater or write access.
da82e232161d67b77df2d67898bdac693f647be1Automatic Updater For the complete set of commands supported by <span><strong class="command">rndc</strong></span>,
e130ab53e992670e2a2ecf043976ac09f21358d1Automatic Updater see the BIND 9 Administrator Reference Manual or run
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater <span><strong class="command">rndc</strong></span> without arguments to see its help
da82e232161d67b77df2d67898bdac693f647be1Automatic Updater<a name="id2586246"></a><h2>LIMITATIONS</h2>
9c446b72069d0ab9f710502f4d7048e50875fccbAutomatic Updater<p><span><strong class="command">rndc</strong></span>
e85565067cf73f8cc21ee29b11761659f1d47ee9Automatic Updater does not yet support all the commands of
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater the BIND 8 <span><strong class="command">ndc</strong></span> utility.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater There is currently no way to provide the shared secret for a
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater <code class="option">key_id</code> without using the configuration file.
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater Several error messages could be clearer.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
19b3dc94bce93fa76bd7e066f9298630dbc9dcb4Automatic Updater <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater <span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>,
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater<p><span class="corpauthor">Internet Systems Consortium</span>
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater<table width="100%" summary="Navigation footer">
4cda4fd158d6ded5586bacea8c388445d99611eaAutomatic Updater<a accesskey="p" href="man.named.html">Prev</a>�</td>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater<td width="40%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater<td width="40%" align="left" valign="top"><span class="application">named</span>�</td>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<td width="40%" align="right" valign="top">�<code class="filename">rndc.conf</code></td>