/contrib/bind9/bin/check/named-checkzone.html

https://bitbucket.org/freebsd/freebsd-head/ · HTML · 270 lines · 253 code · 0 blank · 17 comment · 0 complexity · 3c8f02d7e5718cbd52611c05a1f7cdd3 MD5 · raw file 

    

  1. <!--
    2. 

  2.  - Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC")
    3. 

  3.  - Copyright (C) 2000-2002 Internet Software Consortium.
    4. 

  4.  - 
    5. 

  5.  - Permission to use, copy, modify, and/or distribute this software for any
    6. 

  6.  - purpose with or without fee is hereby granted, provided that the above
    7. 

  7.  - copyright notice and this permission notice appear in all copies.
    8. 

  8.  - 
    9. 

  9.  - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
    10. 

  10.  - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
    11. 

  11.  - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
    12. 

  12.  - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
    13. 

  13.  - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
    14. 

  14.  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
    15. 

  15.  - PERFORMANCE OF THIS SOFTWARE.
    16. 

  16. -->
    17. 

  17. <!-- $Id$ -->
    18. 

  18. <html>
    19. 

  19. <head>
    20. 

  20. <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
    21. 

  21. <title>named-checkzone</title>
    22. 

  22. <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
    23. 

  23. </head>
    24. 

  24. <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
    25. 

  25. <a name="man.named-checkzone"></a><div class="titlepage"></div>
    26. 

  26. <div class="refnamediv">
    27. 

  27. <h2>Name</h2>
    28. 

  28. <p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> &#8212; zone file validity checking or converting tool</p>
    29. 

  29. </div>
    30. 

  30. <div class="refsynopsisdiv">
    31. 

  31. <h2>Synopsis</h2>
    32. 

  32. <div class="cmdsynopsis"><p><code class="command">named-checkzone</code>  [<code class="option">-d</code>] [<code class="option">-h</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
    33. 

  33. <div class="cmdsynopsis"><p><code class="command">named-compilezone</code>  [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {<code class="option">-o <em class="replaceable"><code>filename</code></em></code>} {zonename} {filename}</p></div>
    34. 

  34. </div>
    35. 

  35. <div class="refsect1" lang="en">
    36. 

  36. <a name="id2543696"></a><h2>DESCRIPTION</h2>
    37. 

  37. <p><span><strong class="command">named-checkzone</strong></span>
    38. 

  38.       checks the syntax and integrity of a zone file.  It performs the
    39. 

  39.       same checks as <span><strong class="command">named</strong></span> does when loading a
    40. 

  40.       zone.  This makes <span><strong class="command">named-checkzone</strong></span> useful for
    41. 

  41.       checking zone files before configuring them into a name server.
    42. 

  42.     </p>
    43. 

  43. <p>
    44. 

  44.         <span><strong class="command">named-compilezone</strong></span> is similar to
    45. 

  45. 	<span><strong class="command">named-checkzone</strong></span>, but it always dumps the
    46. 

  46.         zone contents to a specified file in a specified format.
    47. 

  47. 	Additionally, it applies stricter check levels by default,
    48. 

  48.         since the dump output will be used as an actual zone file
    49. 

  49. 	loaded by <span><strong class="command">named</strong></span>.
    50. 

  50. 	When manually specified otherwise, the check levels must at
    51. 

  51.         least be as strict as those specified in the
    52. 

  52. 	<span><strong class="command">named</strong></span> configuration file.
    53. 

  53.      </p>
    54. 

  54. </div>
    55. 

  55. <div class="refsect1" lang="en">
    56. 

  56. <a name="id2543731"></a><h2>OPTIONS</h2>
    57. 

  57. <div class="variablelist"><dl>
    58. 

  58. <dt><span class="term">-d</span></dt>
    59. 

  59. <dd><p>
    60. 

  60.             Enable debugging.
    61. 

  61.           </p></dd>
    62. 

  62. <dt><span class="term">-h</span></dt>
    63. 

  63. <dd><p>
    64. 

  64.             Print the usage summary and exit.
    65. 

  65.           </p></dd>
    66. 

  66. <dt><span class="term">-q</span></dt>
    67. 

  67. <dd><p>
    68. 

  68.             Quiet mode - exit code only.
    69. 

  69.           </p></dd>
    70. 

  70. <dt><span class="term">-v</span></dt>
    71. 

  71. <dd><p>
    72. 

  72.             Print the version of the <span><strong class="command">named-checkzone</strong></span>
    73. 

  73.             program and exit.
    74. 

  74.           </p></dd>
    75. 

  75. <dt><span class="term">-j</span></dt>
    76. 

  76. <dd><p>
    77. 

  77.             When loading the zone file read the journal if it exists.
    78. 

  78.           </p></dd>
    79. 

  79. <dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
    80. 

  80. <dd><p>
    81. 

  81.             Specify the class of the zone.  If not specified, "IN" is assumed.
    82. 

  82.           </p></dd>
    83. 

  83. <dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt>
    84. 

  84. <dd>
    85. 

  85. <p>
    86. 

  86. 	      Perform post-load zone integrity checks.  Possible modes are
    87. 

  87. 	      <span><strong class="command">"full"</strong></span> (default),
    88. 

  88. 	      <span><strong class="command">"full-sibling"</strong></span>,
    89. 

  89. 	      <span><strong class="command">"local"</strong></span>,
    90. 

  90. 	      <span><strong class="command">"local-sibling"</strong></span> and
    91. 

  91. 	      <span><strong class="command">"none"</strong></span>.
    92. 

  92. 	  </p>
    93. 

  93. <p>
    94. 

  94. 	      Mode <span><strong class="command">"full"</strong></span> checks that MX records
    95. 

  95. 	      refer to A or AAAA record (both in-zone and out-of-zone
    96. 

  96. 	      hostnames).  Mode <span><strong class="command">"local"</strong></span> only
    97. 

  97. 	      checks MX records which refer to in-zone hostnames.
    98. 

  98. 	  </p>
    99. 

  99. <p>
    100. 

  100. 	      Mode <span><strong class="command">"full"</strong></span> checks that SRV records
    101. 

  101. 	      refer to A or AAAA record (both in-zone and out-of-zone
    102. 

  102. 	      hostnames).  Mode <span><strong class="command">"local"</strong></span> only
    103. 

  103. 	      checks SRV records which refer to in-zone hostnames.
    104. 

  104. 	  </p>
    105. 

  105. <p>
    106. 

  106. 	      Mode <span><strong class="command">"full"</strong></span> checks that delegation NS
    107. 

  107. 	      records refer to A or AAAA record (both in-zone and out-of-zone
    108. 

  108. 	      hostnames).  It also checks that glue address records
    109. 

  109. 	      in the zone match those advertised by the child.
    110. 

  110. 	      Mode <span><strong class="command">"local"</strong></span> only checks NS records which
    111. 

  111. 	      refer to in-zone hostnames or that some required glue exists,
    112. 

  112. 	      that is when the nameserver is in a child zone.
    113. 

  113. 	  </p>
    114. 

  114. <p>
    115. 

  115. 	      Mode <span><strong class="command">"full-sibling"</strong></span> and
    116. 

  116. 	      <span><strong class="command">"local-sibling"</strong></span> disable sibling glue
    117. 

  117. 	      checks but are otherwise the same as <span><strong class="command">"full"</strong></span>
    118. 

  118. 	      and <span><strong class="command">"local"</strong></span> respectively.
    119. 

  119. 	  </p>
    120. 

  120. <p>
    121. 

  121. 	      Mode <span><strong class="command">"none"</strong></span> disables the checks.
    122. 

  122. 	  </p>
    123. 

  123. </dd>
    124. 

  124. <dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt>
    125. 

  125. <dd><p>
    126. 

  126. 	    Specify the format of the zone file.
    127. 

  127. 	    Possible formats are <span><strong class="command">"text"</strong></span> (default)
    128. 

  128. 	    and <span><strong class="command">"raw"</strong></span>.
    129. 

  129. 	  </p></dd>
    130. 

  130. <dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt>
    131. 

  131. <dd><p>
    132. 

  132. 	    Specify the format of the output file specified.
    133. 

  133. 	    Possible formats are <span><strong class="command">"text"</strong></span> (default)
    134. 

  134. 	    and <span><strong class="command">"raw"</strong></span>.
    135. 

  135. 	    For <span><strong class="command">named-checkzone</strong></span>,
    136. 

  136. 	    this does not cause any effects unless it dumps the zone
    137. 

  137. 	    contents.
    138. 

  138. 	  </p></dd>
    139. 

  139. <dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt>
    140. 

  140. <dd><p>
    141. 

  141.             Perform <span><strong class="command">"check-names"</strong></span> checks with the
    142. 

  142. 	    specified failure mode.
    143. 

  143.             Possible modes are <span><strong class="command">"fail"</strong></span>
    144. 

  144. 	    (default for <span><strong class="command">named-compilezone</strong></span>),
    145. 

  145.             <span><strong class="command">"warn"</strong></span>
    146. 

  146. 	    (default for <span><strong class="command">named-checkzone</strong></span>) and
    147. 

  147.             <span><strong class="command">"ignore"</strong></span>.
    148. 

  148.           </p></dd>
    149. 

  149. <dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt>
    150. 

  150. <dd><p>
    151. 

  151.             Specify whether MX records should be checked to see if they
    152. 

  152.             are addresses.  Possible modes are <span><strong class="command">"fail"</strong></span>,
    153. 

  153.             <span><strong class="command">"warn"</strong></span> (default) and
    154. 

  154.             <span><strong class="command">"ignore"</strong></span>.
    155. 

  155.           </p></dd>
    156. 

  156. <dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt>
    157. 

  157. <dd><p>
    158. 

  158. 	    Check if a MX record refers to a CNAME.
    159. 

  159.             Possible modes are <span><strong class="command">"fail"</strong></span>,
    160. 

  160.             <span><strong class="command">"warn"</strong></span> (default) and
    161. 

  161.             <span><strong class="command">"ignore"</strong></span>.
    162. 

  162. 	  </p></dd>
    163. 

  163. <dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt>
    164. 

  164. <dd><p>
    165. 

  165.             Specify whether NS records should be checked to see if they
    166. 

  166.             are addresses.
    167. 

  167. 	    Possible modes are <span><strong class="command">"fail"</strong></span>
    168. 

  168. 	    (default for <span><strong class="command">named-compilezone</strong></span>),
    169. 

  169.             <span><strong class="command">"warn"</strong></span>
    170. 

  170. 	    (default for <span><strong class="command">named-checkzone</strong></span>) and
    171. 

  171.             <span><strong class="command">"ignore"</strong></span>.
    172. 

  172.           </p></dd>
    173. 

  173. <dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt>
    174. 

  174. <dd><p>
    175. 

  175.             Write zone output to <code class="filename">filename</code>.
    176. 

  176. 	    If <code class="filename">filename</code> is <code class="filename">-</code> then
    177. 

  177. 	    write to standard out.
    178. 

  178. 	    This is mandatory for <span><strong class="command">named-compilezone</strong></span>.
    179. 

  179.           </p></dd>
    180. 

  180. <dt><span class="term">-r <em class="replaceable"><code>mode</code></em></span></dt>
    181. 

  181. <dd><p>
    182. 

  182.             Check for records that are treated as different by DNSSEC but
    183. 

  183. 	    are semantically equal in plain DNS.  
    184. 

  184.             Possible modes are <span><strong class="command">"fail"</strong></span>,
    185. 

  185.             <span><strong class="command">"warn"</strong></span> (default) and
    186. 

  186.             <span><strong class="command">"ignore"</strong></span>.
    187. 

  187. 	  </p></dd>
    188. 

  188. <dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt>
    189. 

  189. <dd><p>
    190. 

  190. 	    Specify the style of the dumped zone file.
    191. 

  191. 	    Possible styles are <span><strong class="command">"full"</strong></span> (default)
    192. 

  192. 	    and <span><strong class="command">"relative"</strong></span>.
    193. 

  193. 	    The full format is most suitable for processing
    194. 

  194. 	    automatically by a separate script.
    195. 

  195. 	    On the other hand, the relative format is more
    196. 

  196. 	    human-readable and is thus suitable for editing by hand.
    197. 

  197. 	    For <span><strong class="command">named-checkzone</strong></span>
    198. 

  198. 	    this does not cause any effects unless it dumps the zone
    199. 

  199. 	    contents.
    200. 

  200. 	    It also does not have any meaning if the output format
    201. 

  201. 	    is not text.
    202. 

  202. 	  </p></dd>
    203. 

  203. <dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt>
    204. 

  204. <dd><p>
    205. 

  205. 	    Check if a SRV record refers to a CNAME.
    206. 

  206.             Possible modes are <span><strong class="command">"fail"</strong></span>,
    207. 

  207.             <span><strong class="command">"warn"</strong></span> (default) and
    208. 

  208.             <span><strong class="command">"ignore"</strong></span>.
    209. 

  209. 	  </p></dd>
    210. 

  210. <dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
    211. 

  211. <dd><p>
    212. 

  212.             Chroot to <code class="filename">directory</code> so that
    213. 

  213.             include
    214. 

  214.             directives in the configuration file are processed as if
    215. 

  215.             run by a similarly chrooted named.
    216. 

  216.           </p></dd>
    217. 

  217. <dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt>
    218. 

  218. <dd><p>
    219. 

  219.             chdir to <code class="filename">directory</code> so that
    220. 

  220.             relative
    221. 

  221.             filenames in master file $INCLUDE directives work.  This
    222. 

  222.             is similar to the directory clause in
    223. 

  223.             <code class="filename">named.conf</code>.
    224. 

  224.           </p></dd>
    225. 

  225. <dt><span class="term">-D</span></dt>
    226. 

  226. <dd><p>
    227. 

  227.             Dump zone file in canonical format.
    228. 

  228. 	    This is always enabled for <span><strong class="command">named-compilezone</strong></span>.
    229. 

  229.           </p></dd>
    230. 

  230. <dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt>
    231. 

  231. <dd><p>
    232. 

  232.             Specify whether to check for non-terminal wildcards.
    233. 

  233.             Non-terminal wildcards are almost always the result of a
    234. 

  234.             failure to understand the wildcard matching algorithm (RFC 1034).
    235. 

  235.             Possible modes are <span><strong class="command">"warn"</strong></span> (default)
    236. 

  236.             and
    237. 

  237.             <span><strong class="command">"ignore"</strong></span>.
    238. 

  238.           </p></dd>
    239. 

  239. <dt><span class="term">zonename</span></dt>
    240. 

  240. <dd><p>
    241. 

  241.             The domain name of the zone being checked.
    242. 

  242.           </p></dd>
    243. 

  243. <dt><span class="term">filename</span></dt>
    244. 

  244. <dd><p>
    245. 

  245.             The name of the zone file.
    246. 

  246.           </p></dd>
    247. 

  247. </dl></div>
    248. 

  248. </div>
    249. 

  249. <div class="refsect1" lang="en">
    250. 

  250. <a name="id2544446"></a><h2>RETURN VALUES</h2>
    251. 

  251. <p><span><strong class="command">named-checkzone</strong></span>
    252. 

  252.       returns an exit status of 1 if
    253. 

  253.       errors were detected and 0 otherwise.
    254. 

  254.     </p>
    255. 

  255. </div>
    256. 

  256. <div class="refsect1" lang="en">
    257. 

  257. <a name="id2544458"></a><h2>SEE ALSO</h2>
    258. 

  258. <p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
    259. 

  259.       <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
    260. 

  260.       <em class="citetitle">RFC 1035</em>,
    261. 

  261.       <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    262. 

  262.     </p>
    263. 

  263. </div>
    264. 

  264. <div class="refsect1" lang="en">
    265. 

  265. <a name="id2544491"></a><h2>AUTHOR</h2>
    266. 

  266. <p><span class="corpauthor">Internet Systems Consortium</span>
    267. 

  267.     </p>
    268. 

  268. </div>
    269. 

  269. </div></body>
    270. 

  270. </html>
    271.