man.rndc.html revision bec154197d3d640b0d5b416cd5218ea58dca5d3a
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User - Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - Permission to use, copy, modify, and/or distribute this software for any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!-- $Id$ -->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.nsupdate.html" title="nsupdate">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.rndc.conf.html" title="rndc.conf">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">rndc</span></th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.nsupdate.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
a1ff871f78b7d907d6fc3a382beea2a640fe8423Tinderbox User<a name="man.rndc"></a><div class="titlepage"></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="application">rndc</span> — name server control utility</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">rndc</code> [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<p><span><strong class="command">rndc</strong></span>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User controls the operation of a name
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User server. It supersedes the <span><strong class="command">ndc</strong></span> utility
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User that was provided in old BIND releases. If
010a51c427bfb6ab658fc0056955a1a5b69810beTinderbox User <span><strong class="command">rndc</strong></span> is invoked with no command line
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User options or arguments, it prints a short summary of the
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User supported commands and the available options and their
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<p><span><strong class="command">rndc</strong></span>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User communicates with the name server
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein over a TCP connection, sending commands authenticated with
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein digital signatures. In the current versions of
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews <span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the only supported authentication algorithm is HMAC-MD5,
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User which uses a shared secret on each end of the connection.
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User This provides TSIG-style authentication for the command
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User request and the name server's response. All commands sent
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User over the channel must be signed by a key_id known to the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">rndc</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein reads a configuration file to
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt determine how to contact the name server and decide what
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein algorithm and key it should use.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User Use <em class="replaceable"><code>source-address</code></em>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein as the source address for the connection to the server.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Multiple instances are permitted to allow setting of both
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the IPv4 and IPv6 source addresses.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Use <em class="replaceable"><code>config-file</code></em>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt as the configuration file instead of the default,
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User <code class="filename">/etc/rndc.conf</code>.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt>
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User Use <em class="replaceable"><code>key-file</code></em>
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User as the key file instead of the default,
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User <code class="filename">/etc/rndc.key</code>. The key in
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User <code class="filename">/etc/rndc.key</code> will be used to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein commands sent to the server if the <em class="replaceable"><code>config-file</code></em>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User does not exist.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p><em class="replaceable"><code>server</code></em> is
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User the name or address of the server which matches a
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User server statement in the configuration file for
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User <span><strong class="command">rndc</strong></span>. If no server is supplied on the
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater command line, the host named by the default-server clause
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt in the options statement of the <span><strong class="command">rndc</strong></span>
6f64d4ab8e68f9b2333bcbfc755396d29a4a9d7cAutomatic Updater configuration file will be used.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Send commands to TCP port
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <em class="replaceable"><code>port</code></em>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User of BIND 9's default control channel port, 953.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Enable verbose logging.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-y <em class="replaceable"><code>key_id</code></em></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Use the key <em class="replaceable"><code>key_id</code></em>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater from the configuration file.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <em class="replaceable"><code>key_id</code></em>
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User known by named with the same algorithm and secret string
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt in order for control message validation to succeed.
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User If no <em class="replaceable"><code>key_id</code></em>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User is specified, <span><strong class="command">rndc</strong></span> will first look
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User for a key clause in the server statement of the server
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User being used, or if no server statement is present for that
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User host, then the default-key clause of the options statement.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Note that the configuration file contains shared secrets
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User which are used to send authenticated control commands
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User to name servers. It should therefore not have general read
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater or write access.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User For the complete set of commands supported by <span><strong class="command">rndc</strong></span>,
bcf15a19ae0efa72a22cdfb50666a3c6ce39eb9fTinderbox User see the BIND 9 Administrator Reference Manual or run
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span><strong class="command">rndc</strong></span> without arguments to see its help
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User<p><span><strong class="command">rndc</strong></span>
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User does not yet support all the commands of
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User the BIND 8 <span><strong class="command">ndc</strong></span> utility.
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User There is currently no way to provide the shared secret for a
983df82baf1d7d0b668c98cf45928a19f175c6e7Tinderbox User <code class="option">key_id</code> without using the configuration file.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Several error messages could be clearer.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="corpauthor">Internet Systems Consortium</span>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<a accesskey="p" href="man.nsupdate.html">Prev</a>�</td>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<td width="40%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<span class="application">nsupdate</span>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<td width="40%" align="right" valign="top">�<code class="filename">rndc.conf</code>