doc/arm/man.rndc.html

	man.rndc.html revision c387825f77476d046f4b3491e646889693209bd2
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<!--
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - Copyright (C) 2000-2003 Internet Software Consortium.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User -
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - Permission to use, copy, modify, and/or distribute this software for any
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - purpose with or without fee is hereby granted, provided that the above
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - copyright notice and this permission notice appear in all copies.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User -
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User - PERFORMANCE OF THIS SOFTWARE.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User-->
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<!-- $Id$ -->
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<html>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<head>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<title>rndc</title>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<link rel="prev" href="man.nsupdate.html" title="nsupdate">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<link rel="next" href="man.rndc.conf.html" title="rndc.conf">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</head>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="navheader">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<table width="100%" summary="Navigation header">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<tr><th colspan="3" align="center"><span class="application">rndc</span></th></tr>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<tr>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<td width="20%" align="left">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<a accesskey="p" href="man.nsupdate.html">Prev</a>�</td>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<th width="60%" align="center">Manual pages</th>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<td width="20%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</td>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</tr>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</table>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<hr>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</div>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="refentry" lang="en">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<a name="man.rndc"></a><div class="titlepage"></div>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="refnamediv">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<h2>Name</h2>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<p><span class="application">rndc</span> &#8212; name server control utility</p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</div>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="refsynopsisdiv">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<h2>Synopsis</h2>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="cmdsynopsis"><p><code class="command">rndc</code>  [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</div>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="refsect1" lang="en">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<a name="id2642903"></a><h2>DESCRIPTION</h2>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<p><span><strong class="command">rndc</strong></span>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      controls the operation of a name
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      server.  It supersedes the <span><strong class="command">ndc</strong></span> utility
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      that was provided in old BIND releases.  If
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      <span><strong class="command">rndc</strong></span> is invoked with no command line
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      options or arguments, it prints a short summary of the
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      supported commands and the available options and their
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      arguments.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User    </p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<p><span><strong class="command">rndc</strong></span>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      communicates with the name server
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      over a TCP connection, sending commands authenticated with
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      digital signatures.  In the current versions of
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      <span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span>,
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      the only supported authentication algorithm is HMAC-MD5,
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      which uses a shared secret on each end of the connection.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      This provides TSIG-style authentication for the command
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      request and the name server's response.  All commands sent
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      over the channel must be signed by a key_id known to the
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      server.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User    </p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<p><span><strong class="command">rndc</strong></span>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      reads a configuration file to
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      determine how to contact the name server and decide what
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      algorithm and key it should use.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User    </p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</div>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="refsect1" lang="en">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<a name="id2642953"></a><h2>OPTIONS</h2>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="variablelist"><dl>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dd><p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            Use <em class="replaceable"><code>source-address</code></em>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            as the source address for the connection to the server.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            Multiple instances are permitted to allow setting of both
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            the IPv4 and IPv6 source addresses.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User          </p></dd>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dd><p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            Use <em class="replaceable"><code>config-file</code></em>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            as the configuration file instead of the default,
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            <code class="filename">/etc/rndc.conf</code>.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User          </p></dd>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dd><p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            Use <em class="replaceable"><code>key-file</code></em>
ad8f23aed6c75f94f238c1f23f4e17515d28eb55Tinderbox User            as the key file instead of the default,
ad8f23aed6c75f94f238c1f23f4e17515d28eb55Tinderbox User            <code class="filename">/etc/rndc.key</code>.  The key in
ad8f23aed6c75f94f238c1f23f4e17515d28eb55Tinderbox User            <code class="filename">/etc/rndc.key</code> will be used to
ad8f23aed6c75f94f238c1f23f4e17515d28eb55Tinderbox User            authenticate
ad8f23aed6c75f94f238c1f23f4e17515d28eb55Tinderbox User            commands sent to the server if the <em class="replaceable"><code>config-file</code></em>
ad8f23aed6c75f94f238c1f23f4e17515d28eb55Tinderbox User            does not exist.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User          </p></dd>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dd><p><em class="replaceable"><code>server</code></em> is
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            the name or address of the server which matches a
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            server statement in the configuration file for
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            <span><strong class="command">rndc</strong></span>.  If no server is supplied on the
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            command line, the host named by the default-server clause
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            in the options statement of the <span><strong class="command">rndc</strong></span>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User        configuration file will be used.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User          </p></dd>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dd><p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            Send commands to TCP port
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            <em class="replaceable"><code>port</code></em>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            instead
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            of BIND 9's default control channel port, 953.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User          </p></dd>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dt><span class="term">-V</span></dt>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dd><p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            Enable verbose logging.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User          </p></dd>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dt><span class="term">-y <em class="replaceable"><code>key_id</code></em></span></dt>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<dd><p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            Use the key <em class="replaceable"><code>key_id</code></em>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            from the configuration file.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            <em class="replaceable"><code>key_id</code></em>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            must be
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            known by named with the same algorithm and secret string
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            in order for control message validation to succeed.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            If no <em class="replaceable"><code>key_id</code></em>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            is specified, <span><strong class="command">rndc</strong></span> will first look
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            for a key clause in the server statement of the server
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            being used, or if no server statement is present for that
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            host, then the default-key clause of the options statement.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            Note that the configuration file contains shared secrets
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            which are used to send authenticated control commands
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            to name servers.  It should therefore not have general read
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User            or write access.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User          </p></dd>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</dl></div>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      For the complete set of commands supported by <span><strong class="command">rndc</strong></span>,
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      see the BIND 9 Administrator Reference Manual or run
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      <span><strong class="command">rndc</strong></span> without arguments to see its help
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      message.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User    </p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User</div>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<div class="refsect1" lang="en">
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<a name="id2643656"></a><h2>LIMITATIONS</h2>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<p><span><strong class="command">rndc</strong></span>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      does not yet support all the commands of
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      the BIND 8 <span><strong class="command">ndc</strong></span> utility.
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User    </p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User<p>
fae13836a33b474a6aa2c147df8334f5b1ffae45Tinderbox User      There is currently no way to provide the shared secret for a
      <code class="option">key_id</code> without using the configuration file.
    </p>
<p>
      Several error messages could be clearer.
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2643687"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2643742"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="man.nsupdate.html">Prev</a>�</td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
<td width="40%" align="right">�<a accesskey="n" href="man.rndc.conf.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">
<span class="application">nsupdate</span>�</td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top">�<code class="filename">rndc.conf</code>
</td>
</tr>
</table>
</div>
</body>
</html>