man.rndc.html revision c247e3f281613fabe1af362e9f3157e35ebbe52c
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - Copyright (C) 2000-2003 Internet Software Consortium.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - Permission to use, copy, modify, and distribute this software for any
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - purpose with or without fee is hereby granted, provided that the above
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - copyright notice and this permission notice appear in all copies.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina - PERFORMANCE OF THIS SOFTWARE.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<!-- $Id: man.rndc.html,v 1.53 2007/05/31 23:28:55 marka Exp $ -->
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<link rel="prev" href="man.named.html" title="named">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<link rel="next" href="man.rndc.conf.html" title="rndc.conf">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<table width="100%" summary="Navigation header">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<tr><th colspan="3" align="center"><span class="application">rndc</span></th></tr>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<a accesskey="p" href="man.named.html">Prev</a>�</td>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<th width="60%" align="center">Manual pages</th>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<td width="20%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<a name="man.rndc"></a><div class="titlepage"></div>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<p><span class="application">rndc</span> — name server control utility</p>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<div class="cmdsynopsis"><p><code class="command">rndc</code> [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<p><span><strong class="command">rndc</strong></span>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina controls the operation of a name
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina server. It supersedes the <span><strong class="command">ndc</strong></span> utility
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina that was provided in old BIND releases. If
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <span><strong class="command">rndc</strong></span> is invoked with no command line
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina options or arguments, it prints a short summary of the
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina supported commands and the available options and their
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<p><span><strong class="command">rndc</strong></span>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina communicates with the name server
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina over a TCP connection, sending commands authenticated with
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina digital signatures. In the current versions of
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span>,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina the only supported authentication algorithm is HMAC-MD5,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina which uses a shared secret on each end of the connection.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina This provides TSIG-style authentication for the command
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina request and the name server's response. All commands sent
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina over the channel must be signed by a key_id known to the
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<p><span><strong class="command">rndc</strong></span>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina reads a configuration file to
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina determine how to contact the name server and decide what
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina algorithm and key it should use.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Use <em class="replaceable"><code>source-address</code></em>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina as the source address for the connection to the server.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Multiple instances are permitted to allow setting of both
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina the IPv4 and IPv6 source addresses.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Use <em class="replaceable"><code>config-file</code></em>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina as the configuration file instead of the default,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Use <em class="replaceable"><code>key-file</code></em>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina as the key file instead of the default,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <code class="filename">/etc/rndc.key</code>. The key in
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <code class="filename">/etc/rndc.key</code> will be used to
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina commands sent to the server if the <em class="replaceable"><code>config-file</code></em>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina does not exist.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<dd><p><em class="replaceable"><code>server</code></em> is
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina the name or address of the server which matches a
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina server statement in the configuration file for
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <span><strong class="command">rndc</strong></span>. If no server is supplied on
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina command line, the host named by the default-server clause
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina in the option statement of the configuration file will be
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Send commands to TCP port
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <em class="replaceable"><code>port</code></em>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina of BIND 9's default control channel port, 953.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Enable verbose logging.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<dt><span class="term">-y <em class="replaceable"><code>key_id</code></em></span></dt>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Use the key <em class="replaceable"><code>key_id</code></em>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina from the configuration file.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <em class="replaceable"><code>key_id</code></em>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina known by named with the same algorithm and secret string
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina in order for control message validation to succeed.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina If no <em class="replaceable"><code>key_id</code></em>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina is specified, <span><strong class="command">rndc</strong></span> will first look
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina for a key clause in the server statement of the server
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina being used, or if no server statement is present for that
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina host, then the default-key clause of the options statement.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Note that the configuration file contains shared secrets
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina which are used to send authenticated control commands
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina to name servers. It should therefore not have general read
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina or write access.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina For the complete set of commands supported by <span><strong class="command">rndc</strong></span>,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina see the BIND 9 Administrator Reference Manual or run
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <span><strong class="command">rndc</strong></span> without arguments to see its help
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<p><span><strong class="command">rndc</strong></span>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina does not yet support all the commands of
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina the BIND 8 <span><strong class="command">ndc</strong></span> utility.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina There is currently no way to provide the shared secret for a
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <code class="option">key_id</code> without using the configuration file.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina Several error messages could be clearer.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>,
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<p><span class="corpauthor">Internet Systems Consortium</span>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<table width="100%" summary="Navigation footer">
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<a accesskey="p" href="man.named.html">Prev</a>�</td>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<td width="40%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina<td width="40%" align="right" valign="top">�<code class="filename">rndc.conf</code>