doc/arm/man.rndc.html

	man.rndc.html revision 68abac6cb23aa2c6489ccc16663e051d7aad3ad9
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<!--
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
37fef4ce36912bd528fe400406d24f115de1422eAutomatic Updater - Copyright (C) 2000-2003 Internet Software Consortium.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt -
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - Permission to use, copy, modify, and distribute this software for any
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - purpose with or without fee is hereby granted, provided that the above
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - copyright notice and this permission notice appear in all copies.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt -
37fef4ce36912bd528fe400406d24f115de1422eAutomatic Updater - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
37fef4ce36912bd528fe400406d24f115de1422eAutomatic Updater - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt - PERFORMANCE OF THIS SOFTWARE.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt-->
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<!-- $Id: man.rndc.html,v 1.10 2005/11/02 23:27:15 marka Exp $ -->
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<html>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<head>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<title>rndc</title>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<meta name="generator" content="DocBook XSL Stylesheets V1.69.1">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<link rel="prev" href="man.named.html" title="named">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<link rel="next" href="man.rndc.conf.html" title="rndc.conf">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</head>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="navheader">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<table width="100%" summary="Navigation header">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<tr><th colspan="3" align="center"><span class="application">rndc</span></th></tr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<tr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<td width="20%" align="left">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<a accesskey="p" href="man.named.html">Prev</a>�</td>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<th width="60%" align="center">Manual pages</th>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<td width="20%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</td>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</tr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</table>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<hr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="refentry" lang="en">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<a name="man.rndc"></a><div class="titlepage"></div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="refnamediv">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<h2>Name</h2>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p><span class="application">rndc</span> &#8212; name server control utility</p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="refsynopsisdiv">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<h2>Synopsis</h2>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="cmdsynopsis"><p><code class="command">rndc</code>  [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="refsect1" lang="en">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<a name="id2585643"></a><h2>DESCRIPTION</h2>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p><span><strong class="command">rndc</strong></span>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      controls the operation of a name
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      server.  It supersedes the <span><strong class="command">ndc</strong></span> utility
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      that was provided in old BIND releases.  If
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      <span><strong class="command">rndc</strong></span> is invoked with no command line
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      options or arguments, it prints a short summary of the
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      supported commands and the available options and their
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      arguments.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p><span><strong class="command">rndc</strong></span>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      communicates with the name server
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      over a TCP connection, sending commands authenticated with
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      digital signatures.  In the current versions of
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      <span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span> named
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      the only supported authentication algorithm is HMAC-MD5,
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      which uses a shared secret on each end of the connection.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      This provides TSIG-style authentication for the command
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      request and the name server's response.  All commands sent
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      over the channel must be signed by a key_id known to the
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      server.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p><span><strong class="command">rndc</strong></span>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      reads a configuration file to
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      determine how to contact the name server and decide what
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      algorithm and key it should use.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="refsect1" lang="en">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<a name="id2585762"></a><h2>OPTIONS</h2>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="variablelist"><dl>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dd><p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            Use <em class="replaceable"><code>source-address</code></em>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            as the source address for the connection to the server.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            Multiple instances are permitted to allow setting of both
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            the IPv4 and IPv6 source addresses.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt          </p></dd>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dd><p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            Use <em class="replaceable"><code>config-file</code></em>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            as the configuration file instead of the default,
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            <code class="filename">/etc/rndc.conf</code>.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt          </p></dd>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dd><p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            Use <em class="replaceable"><code>key-file</code></em>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            as the key file instead of the default,
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            <code class="filename">/etc/rndc.key</code>.  The key in
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            <code class="filename">/etc/rndc.key</code> will be used to
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            authenticate
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            commands sent to the server if the <em class="replaceable"><code>config-file</code></em>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            does not exist.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt          </p></dd>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dd><p><em class="replaceable"><code>server</code></em> is
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt                       the name or address of the server which matches a
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            server statement in the configuration file for
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            <span><strong class="command">rndc</strong></span>.  If no server is supplied on
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            the
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            command line, the host named by the default-server clause
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            in the option statement of the configuration file will be
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            used.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt          </p></dd>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dd><p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            Send commands to TCP port
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            <em class="replaceable"><code>port</code></em>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            instead
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            of BIND 9's default control channel port, 953.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt          </p></dd>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dt><span class="term">-V</span></dt>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dd><p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            Enable verbose logging.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt          </p></dd>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dt><span class="term">-y <em class="replaceable"><code>keyid</code></em></span></dt>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<dd><p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            Use the key <em class="replaceable"><code>keyid</code></em>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            from the configuration file.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            <em class="replaceable"><code>keyid</code></em>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            must be
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            known by named with the same algorithm and secret string
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            in order for control message validation to succeed.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            If no <em class="replaceable"><code>keyid</code></em>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            is specified, <span><strong class="command">rndc</strong></span> will first look
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            for a key clause in the server statement of the server
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            being used, or if no server statement is present for that
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            host, then the default-key clause of the options statement.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            Note that the configuration file contains shared secrets
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            which are used to send authenticated control commands
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            to name servers.  It should therefore not have general read
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt            or write access.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt          </p></dd>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</dl></div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      For the complete set of commands supported by <span><strong class="command">rndc</strong></span>,
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      see the BIND 9 Administrator Reference Manual or run
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      <span><strong class="command">rndc</strong></span> without arguments to see its help
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      message.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="refsect1" lang="en">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<a name="id2585980"></a><h2>LIMITATIONS</h2>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p><span><strong class="command">rndc</strong></span>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      does not yet support all the commands of
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      the BIND 8 <span><strong class="command">ndc</strong></span> utility.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      There is currently no way to provide the shared secret for a
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      <code class="option">key_id</code> without using the configuration file.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      Several error messages could be clearer.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="refsect1" lang="en">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<a name="id2586353"></a><h2>SEE ALSO</h2>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      <span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>,
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="refsect1" lang="en">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<a name="id2586400"></a><h2>AUTHOR</h2>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<p><span class="corpauthor">Internet Systems Consortium</span>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt    </p>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<div class="navfooter">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<hr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<table width="100%" summary="Navigation footer">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<tr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<td width="40%" align="left">
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<a accesskey="p" href="man.named.html">Prev</a>�</td>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<td width="40%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</td>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</tr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<tr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<td width="40%" align="left" valign="top"><span class="application">named</span>�</td>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt<td width="40%" align="right" valign="top">�<code class="filename">rndc.conf</code></td>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</tr>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</table>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</div>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</body>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt</html>
ef421f66f47224a42073deaf087378c5d0c9952eEvan Hunt