/contrib/bind9/bin/check/named-checkzone.html
HTML | 270 lines | 253 code | 0 blank | 17 comment | 0 complexity | 3c8f02d7e5718cbd52611c05a1f7cdd3 MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception, BSD-3-Clause, LGPL-2.0, LGPL-2.1, BSD-2-Clause, 0BSD, JSON, AGPL-1.0, GPL-2.0
1<!-- 2 - Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") 3 - Copyright (C) 2000-2002 Internet Software Consortium. 4 - 5 - Permission to use, copy, modify, and/or distribute this software for any 6 - purpose with or without fee is hereby granted, provided that the above 7 - copyright notice and this permission notice appear in all copies. 8 - 9 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 - PERFORMANCE OF THIS SOFTWARE. 16--> 17<!-- $Id$ --> 18<html> 19<head> 20<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 21<title>named-checkzone</title> 22<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> 23</head> 24<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> 25<a name="man.named-checkzone"></a><div class="titlepage"></div> 26<div class="refnamediv"> 27<h2>Name</h2> 28<p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> — zone file validity checking or converting tool</p> 29</div> 30<div class="refsynopsisdiv"> 31<h2>Synopsis</h2> 32<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-h</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div> 33<div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {<code class="option">-o <em class="replaceable"><code>filename</code></em></code>} {zonename} {filename}</p></div> 34</div> 35<div class="refsect1" lang="en"> 36<a name="id2543696"></a><h2>DESCRIPTION</h2> 37<p><span><strong class="command">named-checkzone</strong></span> 38 checks the syntax and integrity of a zone file. It performs the 39 same checks as <span><strong class="command">named</strong></span> does when loading a 40 zone. This makes <span><strong class="command">named-checkzone</strong></span> useful for 41 checking zone files before configuring them into a name server. 42 </p> 43<p> 44 <span><strong class="command">named-compilezone</strong></span> is similar to 45 <span><strong class="command">named-checkzone</strong></span>, but it always dumps the 46 zone contents to a specified file in a specified format. 47 Additionally, it applies stricter check levels by default, 48 since the dump output will be used as an actual zone file 49 loaded by <span><strong class="command">named</strong></span>. 50 When manually specified otherwise, the check levels must at 51 least be as strict as those specified in the 52 <span><strong class="command">named</strong></span> configuration file. 53 </p> 54</div> 55<div class="refsect1" lang="en"> 56<a name="id2543731"></a><h2>OPTIONS</h2> 57<div class="variablelist"><dl> 58<dt><span class="term">-d</span></dt> 59<dd><p> 60 Enable debugging. 61 </p></dd> 62<dt><span class="term">-h</span></dt> 63<dd><p> 64 Print the usage summary and exit. 65 </p></dd> 66<dt><span class="term">-q</span></dt> 67<dd><p> 68 Quiet mode - exit code only. 69 </p></dd> 70<dt><span class="term">-v</span></dt> 71<dd><p> 72 Print the version of the <span><strong class="command">named-checkzone</strong></span> 73 program and exit. 74 </p></dd> 75<dt><span class="term">-j</span></dt> 76<dd><p> 77 When loading the zone file read the journal if it exists. 78 </p></dd> 79<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt> 80<dd><p> 81 Specify the class of the zone. If not specified, "IN" is assumed. 82 </p></dd> 83<dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt> 84<dd> 85<p> 86 Perform post-load zone integrity checks. Possible modes are 87 <span><strong class="command">"full"</strong></span> (default), 88 <span><strong class="command">"full-sibling"</strong></span>, 89 <span><strong class="command">"local"</strong></span>, 90 <span><strong class="command">"local-sibling"</strong></span> and 91 <span><strong class="command">"none"</strong></span>. 92 </p> 93<p> 94 Mode <span><strong class="command">"full"</strong></span> checks that MX records 95 refer to A or AAAA record (both in-zone and out-of-zone 96 hostnames). Mode <span><strong class="command">"local"</strong></span> only 97 checks MX records which refer to in-zone hostnames. 98 </p> 99<p> 100 Mode <span><strong class="command">"full"</strong></span> checks that SRV records 101 refer to A or AAAA record (both in-zone and out-of-zone 102 hostnames). Mode <span><strong class="command">"local"</strong></span> only 103 checks SRV records which refer to in-zone hostnames. 104 </p> 105<p> 106 Mode <span><strong class="command">"full"</strong></span> checks that delegation NS 107 records refer to A or AAAA record (both in-zone and out-of-zone 108 hostnames). It also checks that glue address records 109 in the zone match those advertised by the child. 110 Mode <span><strong class="command">"local"</strong></span> only checks NS records which 111 refer to in-zone hostnames or that some required glue exists, 112 that is when the nameserver is in a child zone. 113 </p> 114<p> 115 Mode <span><strong class="command">"full-sibling"</strong></span> and 116 <span><strong class="command">"local-sibling"</strong></span> disable sibling glue 117 checks but are otherwise the same as <span><strong class="command">"full"</strong></span> 118 and <span><strong class="command">"local"</strong></span> respectively. 119 </p> 120<p> 121 Mode <span><strong class="command">"none"</strong></span> disables the checks. 122 </p> 123</dd> 124<dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt> 125<dd><p> 126 Specify the format of the zone file. 127 Possible formats are <span><strong class="command">"text"</strong></span> (default) 128 and <span><strong class="command">"raw"</strong></span>. 129 </p></dd> 130<dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt> 131<dd><p> 132 Specify the format of the output file specified. 133 Possible formats are <span><strong class="command">"text"</strong></span> (default) 134 and <span><strong class="command">"raw"</strong></span>. 135 For <span><strong class="command">named-checkzone</strong></span>, 136 this does not cause any effects unless it dumps the zone 137 contents. 138 </p></dd> 139<dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt> 140<dd><p> 141 Perform <span><strong class="command">"check-names"</strong></span> checks with the 142 specified failure mode. 143 Possible modes are <span><strong class="command">"fail"</strong></span> 144 (default for <span><strong class="command">named-compilezone</strong></span>), 145 <span><strong class="command">"warn"</strong></span> 146 (default for <span><strong class="command">named-checkzone</strong></span>) and 147 <span><strong class="command">"ignore"</strong></span>. 148 </p></dd> 149<dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt> 150<dd><p> 151 Specify whether MX records should be checked to see if they 152 are addresses. Possible modes are <span><strong class="command">"fail"</strong></span>, 153 <span><strong class="command">"warn"</strong></span> (default) and 154 <span><strong class="command">"ignore"</strong></span>. 155 </p></dd> 156<dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt> 157<dd><p> 158 Check if a MX record refers to a CNAME. 159 Possible modes are <span><strong class="command">"fail"</strong></span>, 160 <span><strong class="command">"warn"</strong></span> (default) and 161 <span><strong class="command">"ignore"</strong></span>. 162 </p></dd> 163<dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt> 164<dd><p> 165 Specify whether NS records should be checked to see if they 166 are addresses. 167 Possible modes are <span><strong class="command">"fail"</strong></span> 168 (default for <span><strong class="command">named-compilezone</strong></span>), 169 <span><strong class="command">"warn"</strong></span> 170 (default for <span><strong class="command">named-checkzone</strong></span>) and 171 <span><strong class="command">"ignore"</strong></span>. 172 </p></dd> 173<dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt> 174<dd><p> 175 Write zone output to <code class="filename">filename</code>. 176 If <code class="filename">filename</code> is <code class="filename">-</code> then 177 write to standard out. 178 This is mandatory for <span><strong class="command">named-compilezone</strong></span>. 179 </p></dd> 180<dt><span class="term">-r <em class="replaceable"><code>mode</code></em></span></dt> 181<dd><p> 182 Check for records that are treated as different by DNSSEC but 183 are semantically equal in plain DNS. 184 Possible modes are <span><strong class="command">"fail"</strong></span>, 185 <span><strong class="command">"warn"</strong></span> (default) and 186 <span><strong class="command">"ignore"</strong></span>. 187 </p></dd> 188<dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt> 189<dd><p> 190 Specify the style of the dumped zone file. 191 Possible styles are <span><strong class="command">"full"</strong></span> (default) 192 and <span><strong class="command">"relative"</strong></span>. 193 The full format is most suitable for processing 194 automatically by a separate script. 195 On the other hand, the relative format is more 196 human-readable and is thus suitable for editing by hand. 197 For <span><strong class="command">named-checkzone</strong></span> 198 this does not cause any effects unless it dumps the zone 199 contents. 200 It also does not have any meaning if the output format 201 is not text. 202 </p></dd> 203<dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt> 204<dd><p> 205 Check if a SRV record refers to a CNAME. 206 Possible modes are <span><strong class="command">"fail"</strong></span>, 207 <span><strong class="command">"warn"</strong></span> (default) and 208 <span><strong class="command">"ignore"</strong></span>. 209 </p></dd> 210<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt> 211<dd><p> 212 Chroot to <code class="filename">directory</code> so that 213 include 214 directives in the configuration file are processed as if 215 run by a similarly chrooted named. 216 </p></dd> 217<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt> 218<dd><p> 219 chdir to <code class="filename">directory</code> so that 220 relative 221 filenames in master file $INCLUDE directives work. This 222 is similar to the directory clause in 223 <code class="filename">named.conf</code>. 224 </p></dd> 225<dt><span class="term">-D</span></dt> 226<dd><p> 227 Dump zone file in canonical format. 228 This is always enabled for <span><strong class="command">named-compilezone</strong></span>. 229 </p></dd> 230<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt> 231<dd><p> 232 Specify whether to check for non-terminal wildcards. 233 Non-terminal wildcards are almost always the result of a 234 failure to understand the wildcard matching algorithm (RFC 1034). 235 Possible modes are <span><strong class="command">"warn"</strong></span> (default) 236 and 237 <span><strong class="command">"ignore"</strong></span>. 238 </p></dd> 239<dt><span class="term">zonename</span></dt> 240<dd><p> 241 The domain name of the zone being checked. 242 </p></dd> 243<dt><span class="term">filename</span></dt> 244<dd><p> 245 The name of the zone file. 246 </p></dd> 247</dl></div> 248</div> 249<div class="refsect1" lang="en"> 250<a name="id2544446"></a><h2>RETURN VALUES</h2> 251<p><span><strong class="command">named-checkzone</strong></span> 252 returns an exit status of 1 if 253 errors were detected and 0 otherwise. 254 </p> 255</div> 256<div class="refsect1" lang="en"> 257<a name="id2544458"></a><h2>SEE ALSO</h2> 258<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, 259 <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>, 260 <em class="citetitle">RFC 1035</em>, 261 <em class="citetitle">BIND 9 Administrator Reference Manual</em>. 262 </p> 263</div> 264<div class="refsect1" lang="en"> 265<a name="id2544491"></a><h2>AUTHOR</h2> 266<p><span class="corpauthor">Internet Systems Consortium</span> 267 </p> 268</div> 269</div></body> 270</html>