- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: named-checkconf.html,v 1.5.2.1.4.4 2004/06/03 05:35:42 marka Exp $ -->
+<!-- $Id: named-checkconf.html,v 1.5.2.1.4.5 2004/08/22 23:38:57 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>named-checkconf</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><SPAN
CLASS="APPLICATION"
>named-checkconf</SPAN
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
><B
CLASS="COMMAND"
>named-checkconf</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-v</TT
->] [<TT
+>-v</VAR
+>] [<VAR
CLASS="OPTION"
->-j</TT
->] [<TT
+>-j</VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
-></TT
->] {filename} [<TT
+>directory</VAR
+></VAR
+>] {filename} [<VAR
CLASS="OPTION"
->-z</TT
+>-z</VAR
>]</P
></DIV
><DIV
CLASS="VARIABLELIST"
><DL
><DT
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
+>directory</VAR
></DT
><DD
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: named-checkzone.html,v 1.5.2.2.4.4 2004/06/03 05:35:43 marka Exp $ -->
+<!-- $Id: named-checkzone.html,v 1.5.2.2.4.5 2004/08/22 23:38:57 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>named-checkzone</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><SPAN
CLASS="APPLICATION"
>named-checkzone</SPAN
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
><B
CLASS="COMMAND"
>named-checkzone</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-d</TT
->] [<TT
+>-d</VAR
+>] [<VAR
CLASS="OPTION"
->-j</TT
->] [<TT
+>-j</VAR
+>] [<VAR
CLASS="OPTION"
->-q</TT
->] [<TT
+>-q</VAR
+>] [<VAR
CLASS="OPTION"
->-v</TT
->] [<TT
+>-v</VAR
+>] [<VAR
CLASS="OPTION"
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->class</I
-></TT
-></TT
->] [<TT
+>class</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->mode</I
-></TT
-></TT
->] [<TT
+>mode</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->mode</I
-></TT
-></TT
->] [<TT
+>mode</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-o <TT
+>-o <VAR
CLASS="REPLACEABLE"
-><I
->filename</I
-></TT
-></TT
->] [<TT
+>filename</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
-></TT
->] [<TT
+>directory</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-w <TT
+>-w <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
-></TT
->] [<TT
+>directory</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-D</TT
+>-D</VAR
>] {zonename} {filename}</P
></DIV
><DIV
</P
></DD
><DT
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->class</I
-></TT
+>class</VAR
></DT
><DD
><P
</P
></DD
><DT
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->mode</I
-></TT
+>mode</VAR
></DT
><DD
><P
</P
></DD
><DT
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->mode</I
-></TT
+>mode</VAR
></DT
><DD
><P
</P
></DD
><DT
->-o <TT
+>-o <VAR
CLASS="REPLACEABLE"
-><I
->filename</I
-></TT
+>filename</VAR
></DT
><DD
><P
</P
></DD
><DT
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
+>directory</VAR
></DT
><DD
><P
</P
></DD
><DT
->-w <TT
+>-w <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
+>directory</VAR
></DT
><DD
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dig.html,v 1.6.2.4.2.6 2004/06/23 09:11:02 marka Exp $ -->
+<!-- $Id: dig.html,v 1.6.2.4.2.7 2004/08/22 23:38:57 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>dig</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->dig</A
-></H1
+></A
+>dig</H1
><DIV
CLASS="REFNAMEDIV"
><A
><B
CLASS="COMMAND"
>dig</B
-> [@server] [<TT
+> [@server] [<VAR
CLASS="OPTION"
->-b <TT
+>-b <VAR
CLASS="REPLACEABLE"
-><I
->address</I
-></TT
-></TT
->] [<TT
+>address</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->class</I
-></TT
-></TT
->] [<TT
+>class</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-f <TT
+>-f <VAR
CLASS="REPLACEABLE"
-><I
->filename</I
-></TT
-></TT
->] [<TT
+>filename</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->filename</I
-></TT
-></TT
->] [<TT
+>filename</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port#</I
-></TT
-></TT
->] [<TT
+>port#</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->type</I
-></TT
-></TT
->] [<TT
+>type</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-x <TT
+>-x <VAR
CLASS="REPLACEABLE"
-><I
->addr</I
-></TT
-></TT
->] [<TT
+>addr</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-y <TT
+>-y <VAR
CLASS="REPLACEABLE"
-><I
->name:key</I
-></TT
-></TT
->] [<TT
+>name:key</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-4</TT
->] [<TT
+>-4</VAR
+>] [<VAR
CLASS="OPTION"
->-6</TT
+>-6</VAR
>] [name] [type] [class] [queryopt...]</P
><P
><B
CLASS="COMMAND"
>dig</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-h</TT
+>-h</VAR
>]</P
><P
><B
> is normally used with command-line
arguments, it also has a batch mode of operation for reading lookup
requests from a file. A brief summary of its command-line arguments
-and options is printed when the <TT
+and options is printed when the <VAR
CLASS="OPTION"
->-h</TT
+>-h</VAR
> option is given.
Unlike earlier versions, the BIND9 implementation of
<B
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->server</TT
+>server</CODE
></DT
><DD
><P
>is the name or IP address of the name server to query. This can be an IPv4
address in dotted-decimal notation or an IPv6
address in colon-delimited notation. When the supplied
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->server</I
-></TT
+>server</VAR
> argument is a hostname,
<B
CLASS="COMMAND"
>dig</B
> resolves that name before querying that name
-server. If no <TT
+server. If no <VAR
CLASS="PARAMETER"
-><I
->server</I
-></TT
+>server</VAR
> argument is provided,
<B
CLASS="COMMAND"
server that responds is displayed.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->name</TT
+>name</CODE
></DT
><DD
><P
>is the name of the resource record that is to be looked up.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->type</TT
+>type</CODE
></DT
><DD
><P
>indicates what type of query is required —
ANY, A, MX, SIG, etc.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
> can be any valid query type. If no
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
> argument is supplied,
<B
CLASS="COMMAND"
><H2
>OPTIONS</H2
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-b</TT
+>-b</VAR
> option sets the source IP address of the query
-to <TT
+to <VAR
CLASS="PARAMETER"
-><I
->address</I
-></TT
+>address</VAR
>. This must be a valid address on
one of the host's network interfaces or "0.0.0.0" or "::". An optional port
may be specified by appending "#<port>"</P
><P
>The default query class (IN for internet) is overridden by the
-<TT
+<VAR
CLASS="OPTION"
->-c</TT
-> option. <TT
+>-c</VAR
+> option. <VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
> is any valid
class, such as HS for Hesiod records or CH for CHAOSNET records.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-f</TT
+>-f</VAR
> option makes <B
CLASS="COMMAND"
>dig </B
> operate
in batch mode by reading a list of lookup requests to process from the
-file <TT
+file <VAR
CLASS="PARAMETER"
-><I
->filename</I
-></TT
+>filename</VAR
>. The file contains a number of
queries, one per line. Each entry in the file should be organised in
the same way they would be presented as queries to
> using the command-line interface.</P
><P
>If a non-standard port number is to be queried, the
-<TT
+<VAR
CLASS="OPTION"
->-p</TT
-> option is used. <TT
+>-p</VAR
+> option is used. <VAR
CLASS="PARAMETER"
-><I
->port#</I
-></TT
+>port#</VAR
> is
the port number that <B
CLASS="COMMAND"
to test a name server that has been configured to listen for queries
on a non-standard port number.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-4</TT
+>-4</VAR
> option forces <B
CLASS="COMMAND"
>dig</B
> to only
-use IPv4 query transport. The <TT
+use IPv4 query transport. The <VAR
CLASS="OPTION"
->-6</TT
+>-6</VAR
> option forces
<B
CLASS="COMMAND"
>dig</B
> to only use IPv6 query transport.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-t</TT
+>-t</VAR
> option sets the query type to
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
>. It can be any valid query type which is
supported in BIND9. The default query type "A", unless the
-<TT
+<VAR
CLASS="OPTION"
->-x</TT
+>-x</VAR
> option is supplied to indicate a reverse lookup.
A zone transfer can be requested by specifying a type of AXFR. When
an incremental zone transfer (IXFR) is required,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
-> is set to <TT
+>type</VAR
+> is set to <VAR
CLASS="LITERAL"
->ixfr=N</TT
+>ixfr=N</VAR
>.
The incremental zone transfer will contain the changes made to the zone
since the serial number in the zone's SOA record was
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->N</I
-></TT
+>N</VAR
>.</P
><P
>Reverse lookups - mapping addresses to names - are simplified by the
-<TT
+<VAR
CLASS="OPTION"
->-x</TT
-> option. <TT
+>-x</VAR
+> option. <VAR
CLASS="PARAMETER"
-><I
->addr</I
-></TT
+>addr</VAR
> is an IPv4
address in dotted-decimal notation, or a colon-delimited IPv6 address.
When this option is used, there is no need to provide the
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
->, <TT
+>name</VAR
+>, <VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
> and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
> arguments. <B
CLASS="COMMAND"
>dig</B
>
automatically performs a lookup for a name like
-<TT
+<VAR
CLASS="LITERAL"
->11.12.13.10.in-addr.arpa</TT
+>11.12.13.10.in-addr.arpa</VAR
> and sets the query type and
class to PTR and IN respectively. By default, IPv6 addresses are
looked up using nibble format under the IP6.ARPA domain.
To use the older RFC1886 method using the IP6.INT domain
-specify the <TT
+specify the <VAR
CLASS="OPTION"
->-i</TT
+>-i</VAR
> option. Bit string labels (RFC2874)
are now experimental and are not attempted.</P
><P
>dig</B
> and their
responses using transaction signatures (TSIG), specify a TSIG key file
-using the <TT
+using the <VAR
CLASS="OPTION"
->-k</TT
+>-k</VAR
> option. You can also specify the TSIG
-key itself on the command line using the <TT
+key itself on the command line using the <VAR
CLASS="OPTION"
->-y</TT
+>-y</VAR
> option;
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
> is the name of the TSIG key and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->key</I
-></TT
+>key</VAR
> is the actual key. The key is a base-64
encoded string, typically generated by <SPAN
CLASS="CITEREFENTRY"
>(8)</SPAN
>.
-Caution should be taken when using the <TT
+Caution should be taken when using the <VAR
CLASS="OPTION"
->-y</TT
+>-y</VAR
> option on
multi-user systems as the key can be visible in the output from
<SPAN
and retry strategies.</P
><P
>Each query option is identified by a keyword preceded by a plus sign
-(<TT
+(<VAR
CLASS="LITERAL"
->+</TT
+>+</VAR
>). Some keywords set or reset an option. These may be preceded
-by the string <TT
+by the string <VAR
CLASS="LITERAL"
->no</TT
+>no</VAR
> to negate the meaning of that keyword. Other
keywords assign values to options like the timeout interval. They
-have the form <TT
+have the form <VAR
CLASS="OPTION"
->+keyword=value</TT
+>+keyword=value</VAR
>.
The query options are:
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]tcp</TT
+>+[no]tcp</VAR
></DT
><DD
><P
which case a TCP connection is used.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]vc</TT
+>+[no]vc</VAR
></DT
><DD
><P
>Use [do not use] TCP when querying name servers. This alternate
-syntax to <TT
+syntax to <VAR
CLASS="PARAMETER"
-><I
->+[no]tcp</I
-></TT
+>+[no]tcp</VAR
> is provided for backwards
compatibility. The "vc" stands for "virtual circuit".</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]ignore</TT
+>+[no]ignore</VAR
></DT
><DD
><P
default, TCP retries are performed.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+domain=somename</TT
+>+domain=somename</VAR
></DT
><DD
><P
>Set the search list to contain the single domain
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->somename</I
-></TT
+>somename</VAR
>, as if specified in a
<B
CLASS="COMMAND"
CLASS="FILENAME"
>/etc/resolv.conf</TT
>, and enable search list
-processing as if the <TT
+processing as if the <VAR
CLASS="PARAMETER"
-><I
->+search</I
-></TT
+>+search</VAR
> option were given.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]search</TT
+>+[no]search</VAR
></DT
><DD
><P
The search list is not used by default.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]defname</TT
+>+[no]defname</VAR
></DT
><DD
><P
->Deprecated, treated as a synonym for <TT
+>Deprecated, treated as a synonym for <VAR
CLASS="PARAMETER"
-><I
->+[no]search</I
-></TT
+>+[no]search</VAR
></P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]aaonly</TT
+>+[no]aaonly</VAR
></DT
><DD
><P
>Sets the "aa" flag in the query.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]aaflag</TT
+>+[no]aaflag</VAR
></DT
><DD
><P
->A synonym for <TT
+>A synonym for <VAR
CLASS="PARAMETER"
-><I
->+[no]aaonly</I
-></TT
+>+[no]aaonly</VAR
>.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]adflag</TT
+>+[no]adflag</VAR
></DT
><DD
><P
completeness.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]cdflag</TT
+>+[no]cdflag</VAR
></DT
><DD
><P
requests the server to not perform DNSSEC validation of responses.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]cl</TT
+>+[no]cl</VAR
></DT
><DD
><P
>Display [do not display] the CLASS when printing the record.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]ttlid</TT
+>+[no]ttlid</VAR
></DT
><DD
><P
>Display [do not display] the TTL when printing the record.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]recurse</TT
+>+[no]recurse</VAR
></DT
><DD
><P
>dig</B
>
normally sends recursive queries. Recursion is automatically disabled
-when the <TT
+when the <VAR
CLASS="PARAMETER"
-><I
->+nssearch</I
-></TT
+>+nssearch</VAR
> or
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->+trace</I
-></TT
+>+trace</VAR
> query options are used.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]nssearch</TT
+>+[no]nssearch</VAR
></DT
><DD
><P
zone.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]trace</TT
+>+[no]trace</VAR
></DT
><DD
><P
resolve the lookup.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]cmd</TT
+>+[no]cmd</VAR
></DT
><DD
><P
been applied. This comment is printed by default.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]short</TT
+>+[no]short</VAR
></DT
><DD
><P
verbose form.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]identify</TT
+>+[no]identify</VAR
></DT
><DD
><P
>Show [or do not show] the IP address and port number that supplied the
-answer when the <TT
+answer when the <VAR
CLASS="PARAMETER"
-><I
->+short</I
-></TT
+>+short</VAR
> option is enabled. If
short form answers are requested, the default is not to show the
source address and port number of the server that provided the answer.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]comments</TT
+>+[no]comments</VAR
></DT
><DD
><P
print comments.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]stats</TT
+>+[no]stats</VAR
></DT
><DD
><P
to print the query statistics.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]qr</TT
+>+[no]qr</VAR
></DT
><DD
><P
By default, the query is not printed.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]question</TT
+>+[no]question</VAR
></DT
><DD
><P
returned. The default is to print the question section as a comment.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]answer</TT
+>+[no]answer</VAR
></DT
><DD
><P
is to display it.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]authority</TT
+>+[no]authority</VAR
></DT
><DD
><P
default is to display it.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]additional</TT
+>+[no]additional</VAR
></DT
><DD
><P
The default is to display it.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]all</TT
+>+[no]all</VAR
></DT
><DD
><P
>Set or clear all display flags.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+time=T</TT
+>+time=T</VAR
></DT
><DD
><P
> Sets the timeout for a query to
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->T</I
-></TT
+>T</VAR
> seconds. The default time out is 5 seconds.
-An attempt to set <TT
+An attempt to set <VAR
CLASS="PARAMETER"
-><I
->T</I
-></TT
+>T</VAR
> to less than 1 will result
in a query timeout of 1 second being applied.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+tries=T</TT
+>+tries=T</VAR
></DT
><DD
><P
>Sets the number of times to try UDP queries to server to
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->T</I
-></TT
+>T</VAR
> instead of the default, 3. If
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->T</I
-></TT
+>T</VAR
> is less than or equal to zero, the number of
tries is silently rounded up to 1.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+retry=T</TT
+>+retry=T</VAR
></DT
><DD
><P
>Sets the number of times to retry UDP queries to server to
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->T</I
-></TT
+>T</VAR
> instead of the default, 2. Unlike
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->+tries</I
-></TT
+>+tries</VAR
>, this does not include the initial
query.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+ndots=D</TT
+>+ndots=D</VAR
></DT
><DD
><P
>Set the number of dots that have to appear in
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
-> to <TT
+>name</VAR
+> to <VAR
CLASS="PARAMETER"
-><I
->D</I
-></TT
+>D</VAR
> for it to be
considered absolute. The default value is that defined using the
ndots statement in <TT
>, or 1 if no
ndots statement is present. Names with fewer dots are interpreted as
relative names and will be searched for in the domains listed in the
-<TT
+<VAR
CLASS="OPTION"
->search</TT
-> or <TT
+>search</VAR
+> or <VAR
CLASS="OPTION"
->domain</TT
+>domain</VAR
> directive in
<TT
CLASS="FILENAME"
>.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+bufsize=B</TT
+>+bufsize=B</VAR
></DT
><DD
><P
>Set the UDP message buffer size advertised using EDNS0 to
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->B</I
-></TT
+>B</VAR
> bytes. The maximum and minimum sizes of this
buffer are 65535 and 0 respectively. Values outside this range are
rounded up or down appropriately.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]multiline</TT
+>+[no]multiline</VAR
></DT
><DD
><P
> output.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]fail</TT
+>+[no]fail</VAR
></DT
><DD
><P
behaviour.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]besteffort</TT
+>+[no]besteffort</VAR
></DT
><DD
><P
The default is to not display malformed answers.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]dnssec</TT
+>+[no]dnssec</VAR
></DT
><DD
><P
in the OPT record in the additional section of the query.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]sigchase</TT
+>+[no]sigchase</VAR
></DT
><DD
><P
-DDIG_SIGCHASE.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+trusted-key=####</TT
+>+trusted-key=####</VAR
></DT
><DD
><P
->Specify a trusted key to be used with <TT
+>Specify a trusted key to be used with <VAR
CLASS="OPTION"
->+sigchase</TT
+>+sigchase</VAR
>.
Requires dig be compiled with -DDIG_SIGCHASE.</P
></DD
><DT
-><TT
+><VAR
CLASS="OPTION"
->+[no]topdown</TT
+>+[no]topdown</VAR
></DT
><DD
><P
>dig </B
> supports
specifying multiple queries on the command line (in addition to
-supporting the <TT
+supporting the <VAR
CLASS="OPTION"
->-f</TT
+>-f</VAR
> batch file option). Each of those
queries can be supplied with its own set of flags, options and query
options.</P
><P
->In this case, each <TT
+>In this case, each <VAR
CLASS="PARAMETER"
-><I
->query</I
-></TT
+>query</VAR
> argument represent an
individual query in the command-line syntax described above. Each
consists of any of the standard options and flags, the name to be
can also be supplied. These global query options must precede the
first tuple of name, class, type, options, flags, and query options
supplied on the command line. Any global query options (except
-the <TT
+the <VAR
CLASS="OPTION"
->+[no]cmd</TT
+>+[no]cmd</VAR
> option) can be
overridden by a query-specific set of query options. For example:
<PRE
CLASS="COMMAND"
>dig</B
> could be used from the command line
-to make three lookups: an ANY query for <TT
+to make three lookups: an ANY query for <VAR
CLASS="LITERAL"
->www.isc.org</TT
+>www.isc.org</VAR
>, a
reverse lookup of 127.0.0.1 and a query for the NS records of
-<TT
+<VAR
CLASS="LITERAL"
->isc.org</TT
+>isc.org</VAR
>.
-A global query option of <TT
+A global query option of <VAR
CLASS="PARAMETER"
-><I
->+qr</I
-></TT
+>+qr</VAR
> is applied, so
that <B
CLASS="COMMAND"
>dig</B
> shows the initial query it made for each
lookup. The final query has a local query option of
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->+noqr</I
-></TT
+>+noqr</VAR
> which means that <B
CLASS="COMMAND"
>dig</B
>
will not print the initial query when it looks up the NS records for
-<TT
+<VAR
CLASS="LITERAL"
->isc.org</TT
+>isc.org</VAR
>.</P
></DIV
><DIV
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: host.html,v 1.4.2.1.4.5 2004/04/13 04:11:04 marka Exp $ -->
+<!-- $Id: host.html,v 1.4.2.1.4.6 2004/08/22 23:38:58 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>host</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->host</A
-></H1
+></A
+>host</H1
><DIV
CLASS="REFNAMEDIV"
><A
><B
CLASS="COMMAND"
>host</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-aCdlnrTwv</TT
->] [<TT
+>-aCdlnrTwv</VAR
+>] [<VAR
CLASS="OPTION"
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->class</I
-></TT
-></TT
->] [<TT
+>class</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-N <TT
+>-N <VAR
CLASS="REPLACEABLE"
-><I
->ndots</I
-></TT
-></TT
->] [<TT
+>ndots</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-R <TT
+>-R <VAR
CLASS="REPLACEABLE"
-><I
->number</I
-></TT
-></TT
->] [<TT
+>number</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->type</I
-></TT
-></TT
->] [<TT
+>type</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-W <TT
+>-W <VAR
CLASS="REPLACEABLE"
-><I
->wait</I
-></TT
-></TT
->] [<TT
+>wait</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-4</TT
->] [<TT
+>-4</VAR
+>] [<VAR
CLASS="OPTION"
->-6</TT
+>-6</VAR
>] {name} [server]</P
></DIV
><DIV
>
prints a short summary of its command line arguments and options.</P
><P
-><TT
+><VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
> is the domain name that is to be looked
up. It can also be a dotted-decimal IPv4 address or a colon-delimited
IPv6 address, in which case <B
>host</B
> will by default
perform a reverse lookup for that address.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->server</I
-></TT
+>server</VAR
> is an optional argument which is either
the name or IP address of the name server that <B
CLASS="COMMAND"
>/etc/resolv.conf</TT
>.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-a</TT
+>-a</VAR
> (all) option is equivalent to setting the
-<TT
+<VAR
CLASS="OPTION"
->-v</TT
+>-v</VAR
> option and asking <B
CLASS="COMMAND"
>host</B
> to make
a query of type ANY.</P
><P
->When the <TT
+>When the <VAR
CLASS="OPTION"
->-C</TT
+>-C</VAR
> option is used, <B
CLASS="COMMAND"
>host</B
>
will attempt to display the SOA records for zone
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
> from all the listed authoritative name
servers for that zone. The list of name servers is defined by the NS
records that are found for the zone.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-c</TT
+>-c</VAR
> option instructs to make a DNS query of class
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>. This can be used to lookup Hesiod or
Chaosnet class resource records. The default class is IN (Internet).</P
><P
CLASS="COMMAND"
>host</B
> when the
-<TT
+<VAR
CLASS="OPTION"
->-d</TT
-> or <TT
+>-d</VAR
+> or <VAR
CLASS="OPTION"
->-v</TT
+>-v</VAR
> option is used. The two
options are equivalent. They have been provided for backwards
-compatibility. In previous versions, the <TT
+compatibility. In previous versions, the <VAR
CLASS="OPTION"
->-d</TT
+>-d</VAR
> option
-switched on debugging traces and <TT
+switched on debugging traces and <VAR
CLASS="OPTION"
->-v</TT
+>-v</VAR
> enabled verbose
output.</P
><P
->List mode is selected by the <TT
+>List mode is selected by the <VAR
CLASS="OPTION"
->-l</TT
+>-l</VAR
> option. This makes
<B
CLASS="COMMAND"
>host</B
> perform a zone transfer for zone
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
>. Transfer the zone printing out the NS, PTR
-and address records (A/AAAA). If combined with <TT
+and address records (A/AAAA). If combined with <VAR
CLASS="OPTION"
->-a</TT
+>-a</VAR
>
all records will be printed. </P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-i</TT
+>-i</VAR
>
option specifies that reverse lookups of IPv6 addresses should
use the IP6.INT domain as defined in RFC1886.
The default is to use IP6.ARPA.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-N</TT
+>-N</VAR
> option sets the number of dots that have to be
-in <TT
+in <VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
> for it to be considered absolute. The
default value is that defined using the ndots statement in
<TT
>.</P
><P
>The number of UDP retries for a lookup can be changed with the
-<TT
+<VAR
CLASS="OPTION"
->-R</TT
-> option. <TT
+>-R</VAR
+> option. <VAR
CLASS="PARAMETER"
-><I
->number</I
-></TT
+>number</VAR
> indicates
how many times <B
CLASS="COMMAND"
>host</B
> will repeat a query that does
not get answered. The default number of retries is 1. If
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->number</I
-></TT
+>number</VAR
> is negative or zero, the number of
retries will default to 1.</P
><P
->Non-recursive queries can be made via the <TT
+>Non-recursive queries can be made via the <VAR
CLASS="OPTION"
->-r</TT
+>-r</VAR
> option.
Setting this option clears the <SPAN
CLASS="TYPE"
>host</B
> makes.
This should mean that the name server receiving the query will not
-attempt to resolve <TT
+attempt to resolve <VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
>. The
-<TT
+<VAR
CLASS="OPTION"
->-r</TT
+>-r</VAR
> option enables <B
CLASS="COMMAND"
>host</B
CLASS="COMMAND"
>host</B
> uses UDP when making queries. The
-<TT
+<VAR
CLASS="OPTION"
->-T</TT
+>-T</VAR
> option makes it use a TCP connection when querying
the name server. TCP will be automatically selected for queries that
require it, such as zone transfer (AXFR) requests.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-4</TT
+>-4</VAR
> option forces <B
CLASS="COMMAND"
>host</B
> to only
-use IPv4 query transport. The <TT
+use IPv4 query transport. The <VAR
CLASS="OPTION"
->-6</TT
+>-6</VAR
> option forces
<B
CLASS="COMMAND"
>host</B
> to only use IPv6 query transport.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-t</TT
+>-t</VAR
> option is used to select the query type.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
> can be any recognised query type: CNAME,
NS, SOA, SIG, KEY, AXFR, etc. When no query type is specified,
<B
>host</B
> automatically selects an appropriate query
type. By default it looks for A records, but if the
-<TT
+<VAR
CLASS="OPTION"
->-C</TT
+>-C</VAR
> option was given, queries will be made for SOA
-records, and if <TT
+records, and if <VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
> is a dotted-decimal IPv4
address or colon-delimited IPv6 address, <B
CLASS="COMMAND"
starting serial number (e.g. -t IXFR=12345678).</P
><P
>The time to wait for a reply can be controlled through the
-<TT
+<VAR
CLASS="OPTION"
->-W</TT
-> and <TT
+>-W</VAR
+> and <VAR
CLASS="OPTION"
->-w</TT
+>-w</VAR
> options. The
-<TT
+<VAR
CLASS="OPTION"
->-W</TT
+>-W</VAR
> option makes <B
CLASS="COMMAND"
>host</B
> wait for
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->wait</I
-></TT
-> seconds. If <TT
+>wait</VAR
+> seconds. If <VAR
CLASS="PARAMETER"
-><I
->wait</I
-></TT
+>wait</VAR
>
is less than one, the wait interval is set to one second. When the
-<TT
+<VAR
CLASS="OPTION"
->-w</TT
+>-w</VAR
> option is used, <B
CLASS="COMMAND"
>host</B
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: nslookup.html,v 1.1.6.2 2004/08/20 02:29:40 marka Exp $ -->
+<!-- $Id: nslookup.html,v 1.1.6.3 2004/08/22 23:38:58 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>nslookup</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->nslookup</A
-></H1
+></A
+>nslookup</H1
><DIV
CLASS="REFNAMEDIV"
><A
><B
CLASS="COMMAND"
>nslookup</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-option</TT
+>-option</VAR
>] [name | -] [server]</P
></DIV
><DIV
change the default query type to host information, and the initial timeout to 10 seconds, type:
<DIV
CLASS="INFORMALEXAMPLE"
+><P
+></P
><A
NAME="AEN33"
></A
-><P
-></P
><PRE
CLASS="PROGRAMLISTING"
>nslookup -query=hinfo -timeout=10</PRE
the name.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->server</TT
-> <TT
+>server</CODE
+> <VAR
CLASS="REPLACEABLE"
-><I
->domain</I
-></TT
+>domain</VAR
></DT
><DD
><P
></P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->lserver</TT
-> <TT
+>lserver</CODE
+> <VAR
CLASS="REPLACEABLE"
-><I
->domain</I
-></TT
+>domain</VAR
></DT
><DD
><P
->Change the default server to <TT
+>Change the default server to <VAR
CLASS="REPLACEABLE"
-><I
->domain</I
-></TT
->; <TT
+>domain</VAR
+>; <CODE
CLASS="CONSTANT"
->lserver</TT
+>lserver</CODE
> uses the initial
-server to look up information about <TT
+server to look up information about <VAR
CLASS="REPLACEABLE"
-><I
->domain</I
-></TT
->, while <TT
+>domain</VAR
+>, while <CODE
CLASS="CONSTANT"
->server</TT
+>server</CODE
> uses
the current default server. If an authoritative answer can't be
found, the names of servers that might have the answer are
returned.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->root</TT
+>root</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->finger</TT
+>finger</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ls</TT
+>ls</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->view</TT
+>view</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->help</TT
+>help</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->?</TT
+>?</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->exit</TT
+>exit</CODE
></DT
><DD
><P
>Exits the program.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->set</TT
-> <TT
+>set</CODE
+> <VAR
CLASS="REPLACEABLE"
-><I
>keyword[<SPAN
CLASS="OPTIONAL"
>=value</SPAN
->]</I
-></TT
+>]</VAR
></DT
><DD
><P
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->all</TT
+>all</CODE
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->class=</TT
-><TT
+>class=</CODE
+><VAR
CLASS="REPLACEABLE"
-><I
->value</I
-></TT
+>value</VAR
></DT
><DD
><P
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->IN</TT
+>IN</CODE
></DT
><DD
><P
>the Internet class</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->CH</TT
+>CH</CODE
></DT
><DD
><P
>the Chaos class</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->HS</TT
+>HS</CODE
></DT
><DD
><P
>the Hesiod class</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ANY</TT
+>ANY</CODE
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
-><TT
+><VAR
CLASS="REPLACEABLE"
-><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
->]</I
-></TT
->debug</TT
+>]</VAR
+>debug</CODE
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
-><TT
+><VAR
CLASS="REPLACEABLE"
-><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
->]</I
-></TT
->d2</TT
+>]</VAR
+>d2</CODE
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->domain=</TT
-><TT
+>domain=</CODE
+><VAR
CLASS="REPLACEABLE"
-><I
->name</I
-></TT
+>name</VAR
></DT
><DD
><P
-> Sets the search list to <TT
+> Sets the search list to <VAR
CLASS="REPLACEABLE"
-><I
->name</I
-></TT
+>name</VAR
>.
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
-><TT
+><VAR
CLASS="REPLACEABLE"
-><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
->]</I
-></TT
->search</TT
+>]</VAR
+>search</CODE
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->port=</TT
-><TT
+>port=</CODE
+><VAR
CLASS="REPLACEABLE"
-><I
->value</I
-></TT
+>value</VAR
></DT
><DD
><P
-> Change the default TCP/UDP name server port to <TT
+> Change the default TCP/UDP name server port to <VAR
CLASS="REPLACEABLE"
-><I
->value</I
-></TT
+>value</VAR
>.
</P
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->querytype=</TT
-><TT
+>querytype=</CODE
+><VAR
CLASS="REPLACEABLE"
-><I
->value</I
-></TT
+>value</VAR
></DT
><DD
><P
></P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->type=</TT
-><TT
+>type=</CODE
+><VAR
CLASS="REPLACEABLE"
-><I
->value</I
-></TT
+>value</VAR
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
-><TT
+><VAR
CLASS="REPLACEABLE"
-><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
->]</I
-></TT
->recurse</TT
+>]</VAR
+>recurse</CODE
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->retry=</TT
-><TT
+>retry=</CODE
+><VAR
CLASS="REPLACEABLE"
-><I
->number</I
-></TT
+>number</VAR
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->timeout=</TT
-><TT
+>timeout=</CODE
+><VAR
CLASS="REPLACEABLE"
-><I
->number</I
-></TT
+>number</VAR
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
-><TT
+><VAR
CLASS="REPLACEABLE"
-><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
->]</I
-></TT
->vc</TT
+>]</VAR
+>vc</CODE
></DT
><DD
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-keygen.html,v 1.5.2.1.4.5 2004/06/11 02:32:45 marka Exp $ -->
+<!-- $Id: dnssec-keygen.html,v 1.5.2.1.4.6 2004/08/22 23:38:58 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>dnssec-keygen</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><SPAN
CLASS="APPLICATION"
>dnssec-keygen</SPAN
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
><B
CLASS="COMMAND"
>dnssec-keygen</B
-> {-a <TT
+> {-a <VAR
CLASS="REPLACEABLE"
-><I
->algorithm</I
-></TT
->} {-b <TT
+>algorithm</VAR
+>} {-b <VAR
CLASS="REPLACEABLE"
-><I
->keysize</I
-></TT
->} {-n <TT
+>keysize</VAR
+>} {-n <VAR
CLASS="REPLACEABLE"
-><I
->nametype</I
-></TT
->} [<TT
+>nametype</VAR
+>} [<VAR
CLASS="OPTION"
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->class</I
-></TT
-></TT
->] [<TT
+>class</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-e</TT
->] [<TT
+>-e</VAR
+>] [<VAR
CLASS="OPTION"
->-f <TT
+>-f <VAR
CLASS="REPLACEABLE"
-><I
->flag</I
-></TT
-></TT
->] [<TT
+>flag</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-g <TT
+>-g <VAR
CLASS="REPLACEABLE"
-><I
->generator</I
-></TT
-></TT
->] [<TT
+>generator</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-h</TT
->] [<TT
+>-h</VAR
+>] [<VAR
CLASS="OPTION"
->-k</TT
->] [<TT
+>-k</VAR
+>] [<VAR
CLASS="OPTION"
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->protocol</I
-></TT
-></TT
->] [<TT
+>protocol</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-r <TT
+>-r <VAR
CLASS="REPLACEABLE"
-><I
->randomdev</I
-></TT
-></TT
->] [<TT
+>randomdev</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-s <TT
+>-s <VAR
CLASS="REPLACEABLE"
-><I
->strength</I
-></TT
-></TT
->] [<TT
+>strength</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->type</I
-></TT
-></TT
->] [<TT
+>type</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-v <TT
+>-v <VAR
CLASS="REPLACEABLE"
-><I
->level</I
-></TT
-></TT
+>level</VAR
+></VAR
>] {name}</P
></DIV
><DIV
CLASS="VARIABLELIST"
><DL
><DT
->-a <TT
+>-a <VAR
CLASS="REPLACEABLE"
-><I
->algorithm</I
-></TT
+>algorithm</VAR
></DT
><DD
><P
> Selects the cryptographic algorithm. The value of
- <TT
+ <VAR
CLASS="OPTION"
->algorithm</TT
+>algorithm</VAR
> must be one of RSAMD5 (RSA) or RSASHA1,
DSA, DH (Diffie Hellman), or HMAC-MD5. These values
are case insensitive.
</P
></DD
><DT
->-b <TT
+>-b <VAR
CLASS="REPLACEABLE"
-><I
->keysize</I
-></TT
+>keysize</VAR
></DT
><DD
><P
</P
></DD
><DT
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->nametype</I
-></TT
+>nametype</VAR
></DT
><DD
><P
> Specifies the owner type of the key. The value of
- <TT
+ <VAR
CLASS="OPTION"
->nametype</TT
+>nametype</VAR
> must either be ZONE (for a DNSSEC
zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)),
USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). These values are
</P
></DD
><DT
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->class</I
-></TT
+>class</VAR
></DT
><DD
><P
</P
></DD
><DT
->-f <TT
+>-f <VAR
CLASS="REPLACEABLE"
-><I
->flag</I
-></TT
+>flag</VAR
></DT
><DD
><P
</P
></DD
><DT
->-g <TT
+>-g <VAR
CLASS="REPLACEABLE"
-><I
->generator</I
-></TT
+>generator</VAR
></DT
><DD
><P
</P
></DD
><DT
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->protocol</I
-></TT
+>protocol</VAR
></DT
><DD
><P
</P
></DD
><DT
->-r <TT
+>-r <VAR
CLASS="REPLACEABLE"
-><I
->randomdev</I
-></TT
+>randomdev</VAR
></DT
><DD
><P
</P
></DD
><DT
->-s <TT
+>-s <VAR
CLASS="REPLACEABLE"
-><I
->strength</I
-></TT
+>strength</VAR
></DT
><DD
><P
</P
></DD
><DT
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->type</I
-></TT
+>type</VAR
></DT
><DD
><P
-> Indicates the use of the key. <TT
+> Indicates the use of the key. <VAR
CLASS="OPTION"
->type</TT
+>type</VAR
> must be
one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default
is AUTHCONF. AUTH refers to the ability to authenticate
</P
></DD
><DT
->-v <TT
+>-v <VAR
CLASS="REPLACEABLE"
-><I
->level</I
-></TT
+>level</VAR
></DT
><DD
><P
>EXAMPLE</H2
><P
> To generate a 768-bit DSA key for the domain
- <TT
+ <KBD
CLASS="USERINPUT"
-><B
->example.com</B
-></TT
+>example.com</KBD
>, the following command would be
issued:
</P
><P
-> <TT
+> <KBD
CLASS="USERINPUT"
-><B
->dnssec-keygen -a DSA -b 768 -n ZONE example.com</B
-></TT
+>dnssec-keygen -a DSA -b 768 -n ZONE example.com</KBD
>
</P
><P
> The command would print a string of the form:
</P
><P
-> <TT
+> <KBD
CLASS="USERINPUT"
-><B
->Kexample.com.+003+26160</B
-></TT
+>Kexample.com.+003+26160</KBD
>
</P
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: dnssec-signzone.html,v 1.4.2.1.4.6 2004/06/11 02:32:46 marka Exp $ -->
+<!-- $Id: dnssec-signzone.html,v 1.4.2.1.4.7 2004/08/22 23:38:58 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>dnssec-signzone</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><SPAN
CLASS="APPLICATION"
>dnssec-signzone</SPAN
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
><B
CLASS="COMMAND"
>dnssec-signzone</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-a</TT
->] [<TT
+>-a</VAR
+>] [<VAR
CLASS="OPTION"
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->class</I
-></TT
-></TT
->] [<TT
+>class</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-d <TT
+>-d <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
-></TT
->] [<TT
+>directory</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-e <TT
+>-e <VAR
CLASS="REPLACEABLE"
-><I
->end-time</I
-></TT
-></TT
->] [<TT
+>end-time</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-f <TT
+>-f <VAR
CLASS="REPLACEABLE"
-><I
->output-file</I
-></TT
-></TT
->] [<TT
+>output-file</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-g</TT
->] [<TT
+>-g</VAR
+>] [<VAR
CLASS="OPTION"
->-h</TT
->] [<TT
+>-h</VAR
+>] [<VAR
CLASS="OPTION"
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->key</I
-></TT
-></TT
->] [<TT
+>key</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-l <TT
+>-l <VAR
CLASS="REPLACEABLE"
-><I
->domain</I
-></TT
-></TT
->] [<TT
+>domain</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-i <TT
+>-i <VAR
CLASS="REPLACEABLE"
-><I
->interval</I
-></TT
-></TT
->] [<TT
+>interval</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->nthreads</I
-></TT
-></TT
->] [<TT
+>nthreads</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-o <TT
+>-o <VAR
CLASS="REPLACEABLE"
-><I
->origin</I
-></TT
-></TT
->] [<TT
+>origin</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-p</TT
->] [<TT
+>-p</VAR
+>] [<VAR
CLASS="OPTION"
->-r <TT
+>-r <VAR
CLASS="REPLACEABLE"
-><I
->randomdev</I
-></TT
-></TT
->] [<TT
+>randomdev</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-s <TT
+>-s <VAR
CLASS="REPLACEABLE"
-><I
->start-time</I
-></TT
-></TT
->] [<TT
+>start-time</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-t</TT
->] [<TT
+>-t</VAR
+>] [<VAR
CLASS="OPTION"
->-v <TT
+>-v <VAR
CLASS="REPLACEABLE"
-><I
->level</I
-></TT
-></TT
->] [<TT
+>level</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-z</TT
+>-z</VAR
>] {zonefile} [key...]</P
></DIV
><DIV
</P
></DD
><DT
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->class</I
-></TT
+>class</VAR
></DT
><DD
><P
</P
></DD
><DT
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->key</I
-></TT
+>key</VAR
></DT
><DD
><P
</P
></DD
><DT
->-l <TT
+>-l <VAR
CLASS="REPLACEABLE"
-><I
->domain</I
-></TT
+>domain</VAR
></DT
><DD
><P
</P
></DD
><DT
->-d <TT
+>-d <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
+>directory</VAR
></DT
><DD
><P
CLASS="FILENAME"
>keyset</TT
> files in
- <TT
+ <VAR
CLASS="OPTION"
->directory</TT
+>directory</VAR
> as the directory
</P
></DD
</P
></DD
><DT
->-s <TT
+>-s <VAR
CLASS="REPLACEABLE"
-><I
->start-time</I
-></TT
+>start-time</VAR
></DT
><DD
><P
in YYYYMMDDHHMMSS notation; 20000530144500 denotes
14:45:00 UTC on May 30th, 2000. A relative start time is
indicated by +N, which is N seconds from the current time.
- If no <TT
+ If no <VAR
CLASS="OPTION"
->start-time</TT
+>start-time</VAR
> is specified, the current
time minus 1 hour (to allow for clock skew) is used.
</P
></DD
><DT
->-e <TT
+>-e <VAR
CLASS="REPLACEABLE"
-><I
->end-time</I
-></TT
+>end-time</VAR
></DT
><DD
><P
> Specify the date and time when the generated RRSIG records
- expire. As with <TT
+ expire. As with <VAR
CLASS="OPTION"
->start-time</TT
+>start-time</VAR
>, an absolute
time is indicated in YYYYMMDDHHMMSS notation. A time relative
to the start time is indicated with +N, which is N seconds from
the start time. A time relative to the current time is
- indicated with now+N. If no <TT
+ indicated with now+N. If no <VAR
CLASS="OPTION"
->end-time</TT
+>end-time</VAR
> is
specified, 30 days from the start time is used as a default.
</P
></DD
><DT
->-f <TT
+>-f <VAR
CLASS="REPLACEABLE"
-><I
->output-file</I
-></TT
+>output-file</VAR
></DT
><DD
><P
</P
></DD
><DT
->-i <TT
+>-i <VAR
CLASS="REPLACEABLE"
-><I
->interval</I
-></TT
+>interval</VAR
></DT
><DD
><P
> When a previously signed zone is passed as input, records
- may be resigned. The <TT
+ may be resigned. The <VAR
CLASS="OPTION"
->interval</TT
+>interval</VAR
> option
specifies the cycle interval as an offset from the current
time (in seconds). If a RRSIG record expires after the
><P
> The default cycle interval is one quarter of the difference
between the signature end and start times. So if neither
- <TT
+ <VAR
CLASS="OPTION"
->end-time</TT
-> or <TT
+>end-time</VAR
+> or <VAR
CLASS="OPTION"
->start-time</TT
+>start-time</VAR
>
are specified, <B
CLASS="COMMAND"
</P
></DD
><DT
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->ncpus</I
-></TT
+>ncpus</VAR
></DT
><DD
><P
</P
></DD
><DT
->-o <TT
+>-o <VAR
CLASS="REPLACEABLE"
-><I
->origin</I
-></TT
+>origin</VAR
></DT
><DD
><P
</P
></DD
><DT
->-r <TT
+>-r <VAR
CLASS="REPLACEABLE"
-><I
->randomdev</I
-></TT
+>randomdev</VAR
></DT
><DD
><P
</P
></DD
><DT
->-v <TT
+>-v <VAR
CLASS="REPLACEABLE"
-><I
->level</I
-></TT
+>level</VAR
></DT
><DD
><P
><H2
>EXAMPLE</H2
><P
-> The following command signs the <TT
+> The following command signs the <KBD
CLASS="USERINPUT"
-><B
->example.com</B
-></TT
+>example.com</KBD
>
zone with the DSA key generated in the <B
CLASS="COMMAND"
>keyset</TT
> files associated with child zones,
they must be in the current directory.
- <TT
+ <KBD
CLASS="USERINPUT"
-><B
->example.com</B
-></TT
+>example.com</KBD
>, the following command would be
issued:
</P
><P
-> <TT
+> <KBD
CLASS="USERINPUT"
-><B
->dnssec-signzone -o example.com db.example.com Kexample.com.+003+26160</B
-></TT
+>dnssec-signzone -o example.com db.example.com Kexample.com.+003+26160</KBD
>
</P
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwresd.html,v 1.4.2.1.4.2 2004/06/03 05:35:47 marka Exp $ -->
+<!-- $Id: lwresd.html,v 1.4.2.1.4.3 2004/08/22 23:38:59 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwresd</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><SPAN
CLASS="APPLICATION"
>lwresd</SPAN
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
><B
CLASS="COMMAND"
>lwresd</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-C <TT
+>-C <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
-></TT
->] [<TT
+>config-file</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-d <TT
+>-d <VAR
CLASS="REPLACEABLE"
-><I
->debug-level</I
-></TT
-></TT
->] [<TT
+>debug-level</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-f</TT
->] [<TT
+>-f</VAR
+>] [<VAR
CLASS="OPTION"
->-g</TT
->] [<TT
+>-g</VAR
+>] [<VAR
CLASS="OPTION"
->-i <TT
+>-i <VAR
CLASS="REPLACEABLE"
-><I
->pid-file</I
-></TT
-></TT
->] [<TT
+>pid-file</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->#cpus</I
-></TT
-></TT
->] [<TT
+>#cpus</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-P <TT
+>-P <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-></TT
->] [<TT
+>port</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-></TT
->] [<TT
+>port</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-s</TT
->] [<TT
+>-s</VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
-></TT
->] [<TT
+>directory</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-u <TT
+>-u <VAR
CLASS="REPLACEABLE"
-><I
->user</I
-></TT
-></TT
->] [<TT
+>user</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-v</TT
+>-v</VAR
>]</P
></DIV
><DIV
CLASS="FILENAME"
>/etc/resolv.conf</TT
> contains any
- <TT
+ <VAR
CLASS="OPTION"
->nameserver</TT
+>nameserver</VAR
> entries, <B
CLASS="COMMAND"
>lwresd</B
>
sends recursive DNS queries to those servers. This is similar
to the use of forwarders in a caching name server. If no
- <TT
+ <VAR
CLASS="OPTION"
->nameserver</TT
+>nameserver</VAR
> entries are present, or if
forwarding fails, <B
CLASS="COMMAND"
CLASS="VARIABLELIST"
><DL
><DT
->-C <TT
+>-C <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
+>config-file</VAR
></DT
><DD
><P
-> Use <TT
+> Use <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
+>config-file</VAR
> as the
configuration file instead of the default,
<TT
</P
></DD
><DT
->-d <TT
+>-d <VAR
CLASS="REPLACEABLE"
-><I
->debug-level</I
-></TT
+>debug-level</VAR
></DT
><DD
><P
-> Set the daemon's debug level to <TT
+> Set the daemon's debug level to <VAR
CLASS="REPLACEABLE"
-><I
->debug-level</I
-></TT
+>debug-level</VAR
>.
Debugging traces from <B
CLASS="COMMAND"
</P
></DD
><DT
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->#cpus</I
-></TT
+>#cpus</VAR
></DT
><DD
><P
-> Create <TT
+> Create <VAR
CLASS="REPLACEABLE"
-><I
->#cpus</I
-></TT
+>#cpus</VAR
> worker threads
to take advantage of multiple CPUs. If not specified,
<B
</P
></DD
><DT
->-P <TT
+>-P <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
></DT
><DD
><P
> Listen for lightweight resolver queries on port
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
>. If
not specified, the default is port 921.
</P
></DD
><DT
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
></DT
><DD
><P
-> Send DNS lookups to port <TT
+> Send DNS lookups to port <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
>. If not
specified, the default is port 53. This provides a
way of testing the lightweight resolver daemon with a
></DIV
></DD
><DT
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
+>directory</VAR
></DT
><DD
><P
-> <TT
+> <CODE
CLASS="FUNCTION"
->chroot()</TT
-> to <TT
+>chroot()</CODE
+> to <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
+>directory</VAR
> after
processing the command line arguments, but before
reading the configuration file.
ALIGN="LEFT"
><P
> This option should be used in conjunction with the
- <TT
+ <VAR
CLASS="OPTION"
->-u</TT
+>-u</VAR
> option, as chrooting a process
running as root doesn't enhance security on most
- systems; the way <TT
+ systems; the way <CODE
CLASS="FUNCTION"
->chroot()</TT
+>chroot()</CODE
> is
defined allows a process with root privileges to
escape a chroot jail.
></DIV
></DD
><DT
->-u <TT
+>-u <VAR
CLASS="REPLACEABLE"
-><I
->user</I
-></TT
+>user</VAR
></DT
><DD
><P
-> <TT
+> <CODE
CLASS="FUNCTION"
->setuid()</TT
-> to <TT
+>setuid()</CODE
+> to <VAR
CLASS="REPLACEABLE"
-><I
->user</I
-></TT
+>user</VAR
> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: named.conf.html,v 1.1.4.2 2004/08/21 07:35:01 marka Exp $ -->
+<!-- $Id: named.conf.html,v 1.1.4.3 2004/08/22 23:38:59 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>named.conf</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><TT
CLASS="FILENAME"
>named.conf</TT
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
>ACL</H2
><P
CLASS="LITERALLAYOUT"
->acl <TT
+>acl <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> { <TT
+>string</VAR
+> { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br> </P
></DIV
><DIV
>KEY</H2
><P
CLASS="LITERALLAYOUT"
->key <TT
+>key <VAR
CLASS="REPLACEABLE"
-><I
->domain_name</I
-></TT
+>domain_name</VAR
> {<br>
- algorithm <TT
+ algorithm <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
- secret <TT
+ secret <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
};</P
></DIV
>MASTERS</H2
><P
CLASS="LITERALLAYOUT"
->masters <TT
+>masters <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] {<br>
- ( <TT
+ ( <VAR
CLASS="REPLACEABLE"
-><I
->masters</I
-></TT
-> | <TT
+>masters</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] |<br>
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] ) [<SPAN
CLASS="OPTIONAL"
-> key <TT
+> key <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> </SPAN
>]; ...<br>
};</P
>SERVER</H2
><P
CLASS="LITERALLAYOUT"
->server ( <TT
+>server ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> ) {<br>
- bogus <TT
+ bogus <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- edns <TT
+ edns <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- provide-ixfr <TT
+ provide-ixfr <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- request-ixfr <TT
+ request-ixfr <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- keys <TT
+ keys <VAR
CLASS="REPLACEABLE"
-><I
->server_key</I
-></TT
+>server_key</VAR
>;<br>
- transfers <TT
+ transfers <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
transfer-format ( many-answers | one-answer );<br>
- transfer-source ( <TT
+ transfer-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- transfer-source-v6 ( <TT
+ transfer-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
<br>
- support-ixfr <TT
+ support-ixfr <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
};</P
></DIV
><P
CLASS="LITERALLAYOUT"
>trusted-keys {<br>
- <TT
-CLASS="REPLACEABLE"
-><I
->domain_name</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->flags</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->protocol</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->algorithm</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->key</I
-></TT
+ <VAR
+CLASS="REPLACEABLE"
+>domain_name</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>flags</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>protocol</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>algorithm</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>key</VAR
>; ... <br>
};</P
></DIV
><P
CLASS="LITERALLAYOUT"
>controls {<br>
- inet ( <TT
+ inet ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>]<br>
- allow { <TT
+ allow { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... }<br>
[<SPAN
CLASS="OPTIONAL"
-> keys { <TT
+> keys { <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>; ... } </SPAN
>];<br>
- unix <TT
+ unix <VAR
CLASS="REPLACEABLE"
-><I
->unsupported</I
-></TT
+>unsupported</VAR
>; // not implemented<br>
};</P
></DIV
><P
CLASS="LITERALLAYOUT"
>logging {<br>
- channel <TT
+ channel <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> {<br>
- file <TT
+ file <VAR
CLASS="REPLACEABLE"
-><I
->log_file</I
-></TT
+>log_file</VAR
>;<br>
- syslog <TT
+ syslog <VAR
CLASS="REPLACEABLE"
-><I
->optional_facility</I
-></TT
+>optional_facility</VAR
>;<br>
null;<br>
stderr;<br>
- severity <TT
+ severity <VAR
CLASS="REPLACEABLE"
-><I
->log_severity</I
-></TT
+>log_severity</VAR
>;<br>
- print-time <TT
+ print-time <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- print-severity <TT
+ print-severity <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- print-category <TT
+ print-category <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
};<br>
- category <TT
+ category <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> { <TT
+>string</VAR
+> { <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>; ... };<br>
};</P
></DIV
>lwres {<br>
listen-on [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] {<br>
- ( <TT
+ ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> ) [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>]; ...<br>
};<br>
- view <TT
+ view <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->optional_class</I
-></TT
+>optional_class</VAR
>;<br>
- search { <TT
+ search { <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>; ... };<br>
- ndots <TT
+ ndots <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
};</P
></DIV
><P
CLASS="LITERALLAYOUT"
>options {<br>
- avoid-v4-udp-ports { <TT
+ avoid-v4-udp-ports { <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
>; ... };<br>
- avoid-v6-udp-ports { <TT
+ avoid-v6-udp-ports { <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
>; ... };<br>
- blackhole { <TT
+ blackhole { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- coresize <TT
+ coresize <VAR
CLASS="REPLACEABLE"
-><I
->size</I
-></TT
+>size</VAR
>;<br>
- datasize <TT
+ datasize <VAR
CLASS="REPLACEABLE"
-><I
->size</I
-></TT
+>size</VAR
>;<br>
- directory <TT
+ directory <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- dump-file <TT
+ dump-file <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- files <TT
+ files <VAR
CLASS="REPLACEABLE"
-><I
->size</I
-></TT
+>size</VAR
>;<br>
- heartbeat-interval <TT
+ heartbeat-interval <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- host-statistics <TT
+ host-statistics <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // not implemented<br>
- hostname ( <TT
+ hostname ( <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
> | none );<br>
- interface-interval <TT
+ interface-interval <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
listen-on [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
->] { <TT
+>] { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
listen-on-v6 [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
->] { <TT
+>] { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- match-mapped-addresses <TT
+ match-mapped-addresses <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- memstatistics-file <TT
+ memstatistics-file <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- pid-file ( <TT
+ pid-file ( <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
> | none );<br>
- port <TT
+ port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- querylog <TT
+ querylog <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- recursing-file <TT
+ recursing-file <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- random-device <TT
+ random-device <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- recursive-clients <TT
+ recursive-clients <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- serial-query-rate <TT
+ serial-query-rate <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- server-id ( <TT
+ server-id ( <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
> | none |;<br>
- stacksize <TT
+ stacksize <VAR
CLASS="REPLACEABLE"
-><I
->size</I
-></TT
+>size</VAR
>;<br>
- statistics-file <TT
+ statistics-file <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- statistics-interval <TT
+ statistics-interval <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>; // not yet implemented<br>
- tcp-clients <TT
+ tcp-clients <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- tcp-listen-queue <TT
+ tcp-listen-queue <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- tkey-dhkey <TT
+ tkey-dhkey <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
-> <TT
+>quoted_string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- tkey-gssapi-credential <TT
+ tkey-gssapi-credential <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- tkey-domain <TT
+ tkey-domain <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- transfers-per-ns <TT
+ transfers-per-ns <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- transfers-in <TT
+ transfers-in <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- transfers-out <TT
+ transfers-out <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- use-ixfr <TT
+ use-ixfr <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- version ( <TT
+ version ( <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
> | none );<br>
- allow-recursion { <TT
+ allow-recursion { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- sortlist { <TT
+ sortlist { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- topology { <TT
+ topology { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... }; // not implemented<br>
- auth-nxdomain <TT
+ auth-nxdomain <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // default changed<br>
- minimal-responses <TT
+ minimal-responses <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- recursion <TT
+ recursion <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
rrset-order {<br>
[<SPAN
CLASS="OPTIONAL"
-> class <TT
+> class <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> </SPAN
>] [<SPAN
CLASS="OPTIONAL"
-> type <TT
+> type <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> </SPAN
>]<br>
[<SPAN
CLASS="OPTIONAL"
-> name <TT
+> name <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
> </SPAN
->] <TT
+>] <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>; ...<br>
};<br>
- provide-ixfr <TT
+ provide-ixfr <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- request-ixfr <TT
+ request-ixfr <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- rfc2308-type1 <TT
+ rfc2308-type1 <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // not yet implemented<br>
- additional-from-auth <TT
+ additional-from-auth <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- additional-from-cache <TT
+ additional-from-cache <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- query-source <TT
+ query-source <VAR
CLASS="REPLACEABLE"
-><I
->querysource4</I
-></TT
+>querysource4</VAR
>;<br>
- query-source-v6 <TT
+ query-source-v6 <VAR
CLASS="REPLACEABLE"
-><I
->querysource6</I
-></TT
+>querysource6</VAR
>;<br>
- cleaning-interval <TT
+ cleaning-interval <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- min-roots <TT
+ min-roots <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>; // not implemented<br>
- lame-ttl <TT
+ lame-ttl <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-ncache-ttl <TT
+ max-ncache-ttl <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-cache-ttl <TT
+ max-cache-ttl <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
transfer-format ( many-answers | one-answer );<br>
- max-cache-size <TT
+ max-cache-size <VAR
CLASS="REPLACEABLE"
-><I
->size_no_default</I
-></TT
+>size_no_default</VAR
>;<br>
check-names ( master | slave | response )<br>
( fail | warn | ignore );<br>
- cache-file <TT
+ cache-file <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- suppress-initial-notify <TT
+ suppress-initial-notify <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // not yet implemented<br>
- preferred-glue <TT
+ preferred-glue <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
dual-stack-servers [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] {<br>
- ( <TT
+ ( <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] |<br>
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] |<br>
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] ); ...<br>
}<br>
- edns-udp-size <TT
+ edns-udp-size <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
root-delegation-only [<SPAN
CLASS="OPTIONAL"
-> exclude { <TT
+> exclude { <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>; ... } </SPAN
>];<br>
- disable-algorithms <TT
+ disable-algorithms <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> { <TT
+>string</VAR
+> { <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>; ... };<br>
- dnssec-enable <TT
+ dnssec-enable <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- dnssec-lookaside <TT
+ dnssec-lookaside <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> trust-anchor <TT
+>string</VAR
+> trust-anchor <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
- dnssec-must-be-secure <TT
+ dnssec-must-be-secure <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
<br>
- dialup <TT
+ dialup <VAR
CLASS="REPLACEABLE"
-><I
->dialuptype</I
-></TT
+>dialuptype</VAR
>;<br>
- ixfr-from-differences <TT
+ ixfr-from-differences <VAR
CLASS="REPLACEABLE"
-><I
->ixfrdiff</I
-></TT
+>ixfrdiff</VAR
>;<br>
<br>
- allow-query { <TT
+ allow-query { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- allow-transfer { <TT
+ allow-transfer { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- allow-update-forwarding { <TT
+ allow-update-forwarding { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
<br>
- notify <TT
+ notify <VAR
CLASS="REPLACEABLE"
-><I
->notifytype</I
-></TT
+>notifytype</VAR
>;<br>
- notify-source ( <TT
+ notify-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * ) [<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- notify-source-v6 ( <TT
+ notify-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * ) [<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
also-notify [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
->] { ( <TT
+>] { ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> )<br>
[<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>]; ... };<br>
- allow-notify { <TT
+ allow-notify { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
<br>
forward ( first | only );<br>
forwarders [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] {<br>
- ( <TT
+ ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> ) [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>]; ...<br>
};<br>
<br>
- max-journal-size <TT
+ max-journal-size <VAR
CLASS="REPLACEABLE"
-><I
->size_no_default</I
-></TT
+>size_no_default</VAR
>;<br>
- max-transfer-time-in <TT
+ max-transfer-time-in <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-time-out <TT
+ max-transfer-time-out <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-idle-in <TT
+ max-transfer-idle-in <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-idle-out <TT
+ max-transfer-idle-out <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-retry-time <TT
+ max-retry-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- min-retry-time <TT
+ min-retry-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-refresh-time <TT
+ max-refresh-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- min-refresh-time <TT
+ min-refresh-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- multi-master <TT
+ multi-master <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- sig-validity-interval <TT
+ sig-validity-interval <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
<br>
- transfer-source ( <TT
+ transfer-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- transfer-source-v6 ( <TT
+ transfer-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
<br>
- alt-transfer-source ( <TT
+ alt-transfer-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- alt-transfer-source-v6 ( <TT
+ alt-transfer-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- use-alt-transfer-source <TT
+ use-alt-transfer-source <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
<br>
- zone-statistics <TT
+ zone-statistics <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- key-directory <TT
+ key-directory <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
<br>
- allow-v6-synthesis { <TT
+ allow-v6-synthesis { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... }; // obsolete<br>
- deallocate-on-exit <TT
+ deallocate-on-exit <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- fake-iquery <TT
+ fake-iquery <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- fetch-glue <TT
+ fetch-glue <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- has-old-clients <TT
+ has-old-clients <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- maintain-ixfr-base <TT
+ maintain-ixfr-base <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- max-ixfr-log-size <TT
+ max-ixfr-log-size <VAR
CLASS="REPLACEABLE"
-><I
->size</I
-></TT
+>size</VAR
>; // obsolete<br>
- multiple-cnames <TT
+ multiple-cnames <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- named-xfer <TT
+ named-xfer <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>; // obsolete<br>
- serial-queries <TT
+ serial-queries <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>; // obsolete<br>
- treat-cr-as-space <TT
+ treat-cr-as-space <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- use-id-pool <TT
+ use-id-pool <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
};</P
></DIV
>VIEW</H2
><P
CLASS="LITERALLAYOUT"
->view <TT
+>view <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->optional_class</I
-></TT
+>optional_class</VAR
> {<br>
- match-clients { <TT
+ match-clients { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- match-destinations { <TT
+ match-destinations { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- match-recursive-only <TT
+ match-recursive-only <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
<br>
- key <TT
+ key <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> {<br>
- algorithm <TT
+ algorithm <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
- secret <TT
+ secret <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
};<br>
<br>
- zone <TT
+ zone <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->optional_class</I
-></TT
+>optional_class</VAR
> {<br>
...<br>
};<br>
<br>
- server ( <TT
+ server ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> ) {<br>
...<br>
};<br>
<br>
trusted-keys {<br>
- <TT
-CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+ <VAR
+CLASS="REPLACEABLE"
+>string</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>integer</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>integer</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>integer</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>quoted_string</VAR
>; ...<br>
};<br>
<br>
- allow-recursion { <TT
+ allow-recursion { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- sortlist { <TT
+ sortlist { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- topology { <TT
+ topology { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... }; // not implemented<br>
- auth-nxdomain <TT
+ auth-nxdomain <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // default changed<br>
- minimal-responses <TT
+ minimal-responses <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- recursion <TT
+ recursion <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
rrset-order {<br>
[<SPAN
CLASS="OPTIONAL"
-> class <TT
+> class <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> </SPAN
>] [<SPAN
CLASS="OPTIONAL"
-> type <TT
+> type <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> </SPAN
>]<br>
[<SPAN
CLASS="OPTIONAL"
-> name <TT
+> name <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
> </SPAN
->] <TT
+>] <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>; ...<br>
};<br>
- provide-ixfr <TT
+ provide-ixfr <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- request-ixfr <TT
+ request-ixfr <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- rfc2308-type1 <TT
+ rfc2308-type1 <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // not yet implemented<br>
- additional-from-auth <TT
+ additional-from-auth <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- additional-from-cache <TT
+ additional-from-cache <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- query-source <TT
+ query-source <VAR
CLASS="REPLACEABLE"
-><I
->querysource4</I
-></TT
+>querysource4</VAR
>;<br>
- query-source-v6 <TT
+ query-source-v6 <VAR
CLASS="REPLACEABLE"
-><I
->querysource6</I
-></TT
+>querysource6</VAR
>;<br>
- cleaning-interval <TT
+ cleaning-interval <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- min-roots <TT
+ min-roots <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>; // not implemented<br>
- lame-ttl <TT
+ lame-ttl <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-ncache-ttl <TT
+ max-ncache-ttl <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-cache-ttl <TT
+ max-cache-ttl <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
transfer-format ( many-answers | one-answer );<br>
- max-cache-size <TT
+ max-cache-size <VAR
CLASS="REPLACEABLE"
-><I
->size_no_default</I
-></TT
+>size_no_default</VAR
>;<br>
check-names ( master | slave | response )<br>
( fail | warn | ignore );<br>
- cache-file <TT
+ cache-file <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
- suppress-initial-notify <TT
+ suppress-initial-notify <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // not yet implemented<br>
- preferred-glue <TT
+ preferred-glue <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
dual-stack-servers [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] {<br>
- ( <TT
+ ( <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] |<br>
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] |<br>
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] ); ...<br>
};<br>
- edns-udp-size <TT
+ edns-udp-size <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
root-delegation-only [<SPAN
CLASS="OPTIONAL"
-> exclude { <TT
+> exclude { <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>; ... } </SPAN
>];<br>
- disable-algorithms <TT
+ disable-algorithms <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> { <TT
+>string</VAR
+> { <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>; ... };<br>
- dnssec-enable <TT
+ dnssec-enable <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- dnssec-lookaside <TT
+ dnssec-lookaside <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> trust-anchor <TT
+>string</VAR
+> trust-anchor <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
<br>
- dnssec-must-be-secure <TT
+ dnssec-must-be-secure <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- dialup <TT
+ dialup <VAR
CLASS="REPLACEABLE"
-><I
->dialuptype</I
-></TT
+>dialuptype</VAR
>;<br>
- ixfr-from-differences <TT
+ ixfr-from-differences <VAR
CLASS="REPLACEABLE"
-><I
->ixfrdiff</I
-></TT
+>ixfrdiff</VAR
>;<br>
<br>
- allow-query { <TT
+ allow-query { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- allow-transfer { <TT
+ allow-transfer { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- allow-update-forwarding { <TT
+ allow-update-forwarding { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
<br>
- notify <TT
+ notify <VAR
CLASS="REPLACEABLE"
-><I
->notifytype</I
-></TT
+>notifytype</VAR
>;<br>
- notify-source ( <TT
+ notify-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * ) [<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- notify-source-v6 ( <TT
+ notify-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * ) [<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
also-notify [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
->] { ( <TT
+>] { ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> )<br>
[<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>]; ... };<br>
- allow-notify { <TT
+ allow-notify { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
<br>
forward ( first | only );<br>
forwarders [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] {<br>
- ( <TT
+ ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> ) [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>]; ...<br>
};<br>
<br>
- max-journal-size <TT
+ max-journal-size <VAR
CLASS="REPLACEABLE"
-><I
->size_no_default</I
-></TT
+>size_no_default</VAR
>;<br>
- max-transfer-time-in <TT
+ max-transfer-time-in <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-time-out <TT
+ max-transfer-time-out <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-idle-in <TT
+ max-transfer-idle-in <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-idle-out <TT
+ max-transfer-idle-out <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-retry-time <TT
+ max-retry-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- min-retry-time <TT
+ min-retry-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-refresh-time <TT
+ max-refresh-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- min-refresh-time <TT
+ min-refresh-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- multi-master <TT
+ multi-master <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- sig-validity-interval <TT
+ sig-validity-interval <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
<br>
- transfer-source ( <TT
+ transfer-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- transfer-source-v6 ( <TT
+ transfer-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
<br>
- alt-transfer-source ( <TT
+ alt-transfer-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- alt-transfer-source-v6 ( <TT
+ alt-transfer-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- use-alt-transfer-source <TT
+ use-alt-transfer-source <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
<br>
- zone-statistics <TT
+ zone-statistics <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- key-directory <TT
+ key-directory <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
<br>
- allow-v6-synthesis { <TT
+ allow-v6-synthesis { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... }; // obsolete<br>
- fetch-glue <TT
+ fetch-glue <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- maintain-ixfr-base <TT
+ maintain-ixfr-base <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- max-ixfr-log-size <TT
+ max-ixfr-log-size <VAR
CLASS="REPLACEABLE"
-><I
->size</I
-></TT
+>size</VAR
>; // obsolete<br>
};</P
></DIV
>ZONE</H2
><P
CLASS="LITERALLAYOUT"
->zone <TT
+>zone <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="REPLACEABLE"
-><I
->optional_class</I
-></TT
+>optional_class</VAR
> {<br>
type ( master | slave | stub | hint |<br>
forward | delegation-only );<br>
- file <TT
+ file <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
<br>
masters [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] {<br>
- ( <TT
+ ( <VAR
CLASS="REPLACEABLE"
-><I
->masters</I
-></TT
+>masters</VAR
> |<br>
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> [<SPAN
CLASS="OPTIONAL"
->port <TT
+>port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
></SPAN
>] |<br>
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] ) [<SPAN
CLASS="OPTIONAL"
-> key <TT
+> key <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
> </SPAN
>]; ...<br>
};<br>
<br>
- database <TT
+ database <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
>;<br>
- delegation-only <TT
+ delegation-only <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
check-names ( fail | warn | ignore );<br>
- dialup <TT
+ dialup <VAR
CLASS="REPLACEABLE"
-><I
->dialuptype</I
-></TT
+>dialuptype</VAR
>;<br>
- ixfr-from-differences <TT
+ ixfr-from-differences <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
<br>
- allow-query { <TT
+ allow-query { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- allow-transfer { <TT
+ allow-transfer { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- allow-update { <TT
+ allow-update { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
- allow-update-forwarding { <TT
+ allow-update-forwarding { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
update-policy {<br>
- ( grant | deny ) <TT
+ ( grant | deny ) <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
><br>
- ( name | subdomain | wildcard | self ) <TT
+ ( name | subdomain | wildcard | self ) <VAR
CLASS="REPLACEABLE"
-><I
->string</I
-></TT
+>string</VAR
><br>
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->rrtypelist</I
-></TT
+>rrtypelist</VAR
>; ...<br>
};<br>
<br>
- notify <TT
+ notify <VAR
CLASS="REPLACEABLE"
-><I
->notifytype</I
-></TT
+>notifytype</VAR
>;<br>
- notify-source ( <TT
+ notify-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * ) [<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- notify-source-v6 ( <TT
+ notify-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * ) [<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
also-notify [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
->] { ( <TT
+>] { ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> )<br>
[<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>]; ... };<br>
- allow-notify { <TT
+ allow-notify { <VAR
CLASS="REPLACEABLE"
-><I
->address_match_element</I
-></TT
+>address_match_element</VAR
>; ... };<br>
<br>
forward ( first | only );<br>
forwarders [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>] {<br>
- ( <TT
+ ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
-> | <TT
+>ipv4_address</VAR
+> | <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> ) [<SPAN
CLASS="OPTIONAL"
-> port <TT
+> port <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> </SPAN
>]; ...<br>
};<br>
<br>
- max-journal-size <TT
+ max-journal-size <VAR
CLASS="REPLACEABLE"
-><I
->size_no_default</I
-></TT
+>size_no_default</VAR
>;<br>
- max-transfer-time-in <TT
+ max-transfer-time-in <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-time-out <TT
+ max-transfer-time-out <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-idle-in <TT
+ max-transfer-idle-in <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-transfer-idle-out <TT
+ max-transfer-idle-out <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-retry-time <TT
+ max-retry-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- min-retry-time <TT
+ min-retry-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- max-refresh-time <TT
+ max-refresh-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- min-refresh-time <TT
+ min-refresh-time <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
- multi-master <TT
+ multi-master <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- sig-validity-interval <TT
+ sig-validity-interval <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
>;<br>
<br>
- transfer-source ( <TT
+ transfer-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- transfer-source-v6 ( <TT
+ transfer-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
<br>
- alt-transfer-source ( <TT
+ alt-transfer-source ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv4_address</I
-></TT
+>ipv4_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- alt-transfer-source-v6 ( <TT
+ alt-transfer-source-v6 ( <VAR
CLASS="REPLACEABLE"
-><I
->ipv6_address</I
-></TT
+>ipv6_address</VAR
> | * )<br>
[<SPAN
CLASS="OPTIONAL"
-> port ( <TT
+> port ( <VAR
CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
+>integer</VAR
> | * ) </SPAN
>];<br>
- use-alt-transfer-source <TT
+ use-alt-transfer-source <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
<br>
- zone-statistics <TT
+ zone-statistics <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>;<br>
- key-directory <TT
+ key-directory <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>;<br>
<br>
- ixfr-base <TT
+ ixfr-base <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>; // obsolete<br>
- ixfr-tmp-file <TT
+ ixfr-tmp-file <VAR
CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+>quoted_string</VAR
>; // obsolete<br>
- maintain-ixfr-base <TT
+ maintain-ixfr-base <VAR
CLASS="REPLACEABLE"
-><I
->boolean</I
-></TT
+>boolean</VAR
>; // obsolete<br>
- max-ixfr-log-size <TT
+ max-ixfr-log-size <VAR
CLASS="REPLACEABLE"
-><I
->size</I
-></TT
+>size</VAR
>; // obsolete<br>
- pubkey <TT
-CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->integer</I
-></TT
-> <TT
-CLASS="REPLACEABLE"
-><I
->quoted_string</I
-></TT
+ pubkey <VAR
+CLASS="REPLACEABLE"
+>integer</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>integer</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>integer</VAR
+> <VAR
+CLASS="REPLACEABLE"
+>quoted_string</VAR
>; // obsolete<br>
};</P
></DIV
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: named.html,v 1.4.2.1.4.3 2004/06/03 05:35:48 marka Exp $ -->
+<!-- $Id: named.html,v 1.4.2.1.4.4 2004/08/22 23:38:59 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>named</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><SPAN
CLASS="APPLICATION"
>named</SPAN
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
><B
CLASS="COMMAND"
>named</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-4</TT
->] [<TT
+>-4</VAR
+>] [<VAR
CLASS="OPTION"
->-6</TT
->] [<TT
+>-6</VAR
+>] [<VAR
CLASS="OPTION"
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
-></TT
->] [<TT
+>config-file</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-d <TT
+>-d <VAR
CLASS="REPLACEABLE"
-><I
->debug-level</I
-></TT
-></TT
->] [<TT
+>debug-level</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-f</TT
->] [<TT
+>-f</VAR
+>] [<VAR
CLASS="OPTION"
->-g</TT
->] [<TT
+>-g</VAR
+>] [<VAR
CLASS="OPTION"
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->#cpus</I
-></TT
-></TT
->] [<TT
+>#cpus</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-></TT
->] [<TT
+>port</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-s</TT
->] [<TT
+>-s</VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
-></TT
->] [<TT
+>directory</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-u <TT
+>-u <VAR
CLASS="REPLACEABLE"
-><I
->user</I
-></TT
-></TT
->] [<TT
+>user</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-v</TT
->] [<TT
+>-v</VAR
+>] [<VAR
CLASS="OPTION"
->-x <TT
+>-x <VAR
CLASS="REPLACEABLE"
-><I
->cache-file</I
-></TT
-></TT
+>cache-file</VAR
+></VAR
>]</P
></DIV
><DIV
><DD
><P
> Use IPv4 only even if the host machine is capable of IPv6.
- <TT
+ <VAR
CLASS="OPTION"
->-4</TT
-> and <TT
+>-4</VAR
+> and <VAR
CLASS="OPTION"
->-6</TT
+>-6</VAR
> are mutually
exclusive.
</P
><DD
><P
> Use IPv6 only even if the host machine is capable of IPv4.
- <TT
+ <VAR
CLASS="OPTION"
->-4</TT
-> and <TT
+>-4</VAR
+> and <VAR
CLASS="OPTION"
->-6</TT
+>-6</VAR
> are mutually
exclusive.
</P
></DD
><DT
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
+>config-file</VAR
></DT
><DD
><P
-> Use <TT
+> Use <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
+>config-file</VAR
> as the
configuration file instead of the default,
<TT
ensure that reloading the configuration file continues
to work after the server has changed its working
directory due to to a possible
- <TT
+ <VAR
CLASS="OPTION"
->directory</TT
+>directory</VAR
> option in the configuration
- file, <TT
+ file, <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
+>config-file</VAR
> should be
an absolute pathname.
</P
></DD
><DT
->-d <TT
+>-d <VAR
CLASS="REPLACEABLE"
-><I
->debug-level</I
-></TT
+>debug-level</VAR
></DT
><DD
><P
-> Set the daemon's debug level to <TT
+> Set the daemon's debug level to <VAR
CLASS="REPLACEABLE"
-><I
->debug-level</I
-></TT
+>debug-level</VAR
>.
Debugging traces from <B
CLASS="COMMAND"
</P
></DD
><DT
->-n <TT
+>-n <VAR
CLASS="REPLACEABLE"
-><I
->#cpus</I
-></TT
+>#cpus</VAR
></DT
><DD
><P
-> Create <TT
+> Create <VAR
CLASS="REPLACEABLE"
-><I
->#cpus</I
-></TT
+>#cpus</VAR
> worker threads
to take advantage of multiple CPUs. If not specified,
<B
</P
></DD
><DT
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
></DT
><DD
><P
-> Listen for queries on port <TT
+> Listen for queries on port <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
>. If not
specified, the default is port 53.
</P
></DIV
></DD
><DT
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
+>directory</VAR
></DT
><DD
><P
-> <TT
+> <CODE
CLASS="FUNCTION"
->chroot()</TT
-> to <TT
+>chroot()</CODE
+> to <VAR
CLASS="REPLACEABLE"
-><I
->directory</I
-></TT
+>directory</VAR
> after
processing the command line arguments, but before
reading the configuration file.
ALIGN="LEFT"
><P
> This option should be used in conjunction with the
- <TT
+ <VAR
CLASS="OPTION"
->-u</TT
+>-u</VAR
> option, as chrooting a process
running as root doesn't enhance security on most
- systems; the way <TT
+ systems; the way <CODE
CLASS="FUNCTION"
->chroot()</TT
+>chroot()</CODE
> is
defined allows a process with root privileges to
escape a chroot jail.
></DIV
></DD
><DT
->-u <TT
+>-u <VAR
CLASS="REPLACEABLE"
-><I
->user</I
-></TT
+>user</VAR
></DT
><DD
><P
-> <TT
+> <CODE
CLASS="FUNCTION"
->setuid()</TT
-> to <TT
+>setuid()</CODE
+> to <VAR
CLASS="REPLACEABLE"
-><I
->user</I
-></TT
+>user</VAR
> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
>named</B
> uses the kernel's
capability mechanism to drop all root privileges
- except the ability to <TT
+ except the ability to <CODE
CLASS="FUNCTION"
->bind()</TT
+>bind()</CODE
> to a
privileged port and set process resource limits.
- Unfortunately, this means that the <TT
+ Unfortunately, this means that the <VAR
CLASS="OPTION"
->-u</TT
+>-u</VAR
>
option only works when <B
CLASS="COMMAND"
> is run
on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges
- to be retained after <TT
+ to be retained after <CODE
CLASS="FUNCTION"
->setuid()</TT
+>setuid()</CODE
>.
</P
></BLOCKQUOTE
</P
></DD
><DT
->-x <TT
+>-x <VAR
CLASS="REPLACEABLE"
-><I
->cache-file</I
-></TT
+>cache-file</VAR
></DT
><DD
><P
-> Load data from <TT
+> Load data from <VAR
CLASS="REPLACEABLE"
-><I
->cache-file</I
-></TT
+>cache-file</VAR
> into the
cache of the default view.
</P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: nsupdate.html,v 1.9.2.3.2.4 2004/03/08 04:04:23 marka Exp $ -->
+<!-- $Id: nsupdate.html,v 1.9.2.3.2.5 2004/08/22 23:38:59 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>nsupdate</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->nsupdate</A
-></H1
+></A
+>nsupdate</H1
><DIV
CLASS="REFNAMEDIV"
><A
><B
CLASS="COMMAND"
>nsupdate</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-d</TT
->] [<TT
+>-d</VAR
+>] [<VAR
CLASS="OPTION"
->-y <TT
+>-y <VAR
CLASS="REPLACEABLE"
-><I
->keyname:secret</I
-></TT
-></TT
-> | <TT
+>keyname:secret</VAR
+></VAR
+> | <VAR
CLASS="OPTION"
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->keyfile</I
-></TT
-></TT
->] [<TT
+>keyfile</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->timeout</I
-></TT
-></TT
->] [<TT
+>timeout</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-u <TT
+>-u <VAR
CLASS="REPLACEABLE"
-><I
->udptimeout</I
-></TT
-></TT
->] [<TT
+>udptimeout</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-r <TT
+>-r <VAR
CLASS="REPLACEABLE"
-><I
->udpretries</I
-></TT
-></TT
->] [<TT
+>udpretries</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-v</TT
+>-v</VAR
>] [filename]</P
></DIV
><DIV
This is identified by the MNAME field of the zone's SOA record.</P
><P
>The
-<TT
+<VAR
CLASS="OPTION"
->-d</TT
+>-d</VAR
>
option makes
<B
>nsupdate</B
>
uses the
-<TT
+<VAR
CLASS="OPTION"
->-y</TT
+>-y</VAR
>
or
-<TT
+<VAR
CLASS="OPTION"
->-k</TT
+>-k</VAR
>
option (with an HMAC-MD5 key) to provide the shared secret needed to generate
a TSIG record for authenticating Dynamic DNS update requests.
These options are mutually exclusive.
With the
-<TT
+<VAR
CLASS="OPTION"
->-k</TT
+>-k</VAR
>
option,
<B
>nsupdate</B
>
reads the shared secret from the file
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->keyfile</I
-></TT
+>keyfile</VAR
>,
whose name is of the form
<TT
>K{name}.+157.+{random}.key</TT
>
must also be present. When the
-<TT
+<VAR
CLASS="OPTION"
->-y</TT
+>-y</VAR
>
option is used, a signature is generated from
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->keyname:secret.</I
-></TT
+>keyname:secret.</VAR
>
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->keyname</I
-></TT
+>keyname</VAR
>
is the name of the key,
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->secret</I
-></TT
+>secret</VAR
>
is the base64 encoded shared secret.
Use of the
-<TT
+<VAR
CLASS="OPTION"
->-y</TT
+>-y</VAR
>
option is discouraged because the shared secret is supplied as a command
line argument in clear text.
>
or in a history file maintained by the user's shell.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-k</TT
+>-k</VAR
> may also be used to specify a SIG(0) key used
to authenticate Dynamic DNS update requests. In this case, the key
specified is not an HMAC-MD5 key.</P
uses UDP to send update requests to the name server unless they are too
large to fit in a UDP request in which case TCP will be used.
The
-<TT
+<VAR
CLASS="OPTION"
->-v</TT
+>-v</VAR
>
option makes
<B
use a TCP connection.
This may be preferable when a batch of update requests is made.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-t</TT
+>-t</VAR
> option sets the maximum time a update request can
take before it is aborted. The default is 300 seconds. Zero can be used
to disable the timeout.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-u</TT
+>-u</VAR
> option sets the UDP retry interval. The default is
3 seconds. If zero the interval will be computed from the timeout interval
and number of UDP retries.</P
><P
->The <TT
+>The <VAR
CLASS="OPTION"
->-r</TT
+>-r</VAR
> option sets the number of UDP retries. The default is
3. If zero only one update request will be made.</P
></DIV
>nsupdate</B
>
reads input from
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->filename</I
-></TT
+>filename</VAR
>
or standard input.
Each command is supplied on exactly one line of input.
><DD
><P
>Sends all dynamic update requests to the name server
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->servername</I
-></TT
+>servername</VAR
>.
When no server statement is provided,
<B
will send updates to the master server of the correct zone.
The MNAME field of that zone's SOA record will identify the master
server for that zone.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->port</I
-></TT
+>port</VAR
>
is the port number on
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->servername</I
-></TT
+>servername</VAR
>
where the dynamic update requests get sent.
If no port number is specified, the default DNS port number of 53 is
><DD
><P
>Sends all dynamic update requests using the local
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->address</I
-></TT
+>address</VAR
>.
When no local statement is provided,
>nsupdate</B
>
will send updates using an address and port chosen by the system.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->port</I
-></TT
+>port</VAR
>
can additionally be used to make requests come from a specific port.
If no port number is specified, the system will assign one. </P
><DD
><P
>Specifies that all updates are to be made to the zone
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->zonename</I
-></TT
+>zonename</VAR
>.
If no
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->zone</I
-></TT
+>zone</VAR
>
statement is provided,
<B
><DD
><P
>Specify the default class.
-If no <TT
+If no <VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
> is specified the default class is
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->IN</I
-></TT
+>IN</VAR
>.</P
></DD
><DT
><DD
><P
>Specifies that all updates are to be TSIG signed using the
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->keyname</I
-></TT
-> <TT
+>keyname</VAR
+> <VAR
CLASS="PARAMETER"
-><I
->keysecret</I
-></TT
+>keysecret</VAR
> pair.
The <B
CLASS="COMMAND"
>key</B
> command
overrides any key specified on the command line via
-<TT
+<VAR
CLASS="OPTION"
->-y</TT
-> or <TT
+>-y</VAR
+> or <VAR
CLASS="OPTION"
->-k</TT
+>-k</VAR
>.</P
></DD
><DT
><DD
><P
>Requires that no resource record of any type exists with name
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->domain-name</I
-></TT
+>domain-name</VAR
>.</P
></DD
><DT
><DD
><P
>Requires that
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->domain-name</I
-></TT
+>domain-name</VAR
>
exists (has as at least one resource record, of any type).</P
></DD
><DD
><P
>Requires that no resource record exists of the specified
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
>,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->domain-name</I
-></TT
+>domain-name</VAR
>.
If
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>
is omitted, IN (internet) is assumed.</P
></DD
><DD
><P
>This requires that a resource record of the specified
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
>,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->domain-name</I
-></TT
+>domain-name</VAR
>
must exist.
If
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>
is omitted, IN (internet) is assumed.</P
></DD
><DD
><P
>The
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->data</I
-></TT
+>data</VAR
>
from each set of prerequisites of this form
sharing a common
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
>,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>,
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->domain-name</I
-></TT
+>domain-name</VAR
>
are combined to form a set of RRs. This set of RRs must
exactly match the set of RRs existing in the zone at the
given
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
>,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>,
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->domain-name</I
-></TT
+>domain-name</VAR
>.
The
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->data</I
-></TT
+>data</VAR
>
are written in the standard text representation of the resource record's
RDATA.</P
><DD
><P
>Deletes any resource records named
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->domain-name</I
-></TT
+>domain-name</VAR
>.
If
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
>
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->data</I
-></TT
+>data</VAR
>
is provided, only matching resource records will be removed.
The internet class is assumed if
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>
is not supplied. The
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ttl</I
-></TT
+>ttl</VAR
>
is ignored, and is only allowed for compatibility.</P
></DD
><DD
><P
>Adds a new resource record with the specified
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ttl</I
-></TT
+>ttl</VAR
>,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->data</I
-></TT
+>data</VAR
>.</P
></DD
><DT
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->/etc/resolv.conf</TT
+>/etc/resolv.conf</CODE
></DT
><DD
><P
>used to identify default name server</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->K{name}.+157.+{random}.key</TT
+>K{name}.+157.+{random}.key</CODE
></DT
><DD
><P
>.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->K{name}.+157.+{random}.private</TT
+>K{name}.+157.+{random}.private</CODE
></DT
><DD
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: rndc-confgen.html,v 1.3.2.5.2.3 2004/06/03 05:35:49 marka Exp $ -->
+<!-- $Id: rndc-confgen.html,v 1.3.2.5.2.4 2004/08/22 23:39:00 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>rndc-confgen</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><SPAN
CLASS="APPLICATION"
>rndc-confgen</SPAN
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
><B
CLASS="COMMAND"
>rndc-confgen</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-a</TT
->] [<TT
+>-a</VAR
+>] [<VAR
CLASS="OPTION"
->-b <TT
+>-b <VAR
CLASS="REPLACEABLE"
-><I
->keysize</I
-></TT
-></TT
->] [<TT
+>keysize</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->keyfile</I
-></TT
-></TT
->] [<TT
+>keyfile</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-h</TT
->] [<TT
+>-h</VAR
+>] [<VAR
CLASS="OPTION"
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->keyname</I
-></TT
-></TT
->] [<TT
+>keyname</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-></TT
->] [<TT
+>port</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-r <TT
+>-r <VAR
CLASS="REPLACEABLE"
-><I
->randomfile</I
-></TT
-></TT
->] [<TT
+>randomfile</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-s <TT
+>-s <VAR
CLASS="REPLACEABLE"
-><I
->address</I
-></TT
-></TT
->] [<TT
+>address</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->chrootdir</I
-></TT
-></TT
->] [<TT
+>chrootdir</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-u <TT
+>-u <VAR
CLASS="REPLACEABLE"
-><I
->user</I
-></TT
-></TT
+>user</VAR
+></VAR
>]</P
></DIV
><DIV
CLASS="FILENAME"
>/etc</TT
> (or whatever
- <TT
+ <VAR
CLASS="VARNAME"
->sysconfdir</TT
+>sysconfdir</VAR
>
- was specified as when <SPAN
+ was specified as when <ACRONYM
CLASS="ACRONYM"
->BIND</SPAN
+>BIND</ACRONYM
> was built)
that is read by both <B
CLASS="COMMAND"
</P
></DD
><DT
->-b <TT
+>-b <VAR
CLASS="REPLACEABLE"
-><I
->keysize</I
-></TT
+>keysize</VAR
></DT
><DD
><P
</P
></DD
><DT
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->keyfile</I
-></TT
+>keyfile</VAR
></DT
><DD
><P
</P
></DD
><DT
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->keyname</I
-></TT
+>keyname</VAR
></DT
><DD
><P
> Specifies the key name of the rndc authentication key.
This must be a valid domain name.
- The default is <TT
+ The default is <CODE
CLASS="CONSTANT"
->rndc-key</TT
+>rndc-key</CODE
>.
</P
></DD
><DT
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
></DT
><DD
><P
</P
></DD
><DT
->-r <TT
+>-r <VAR
CLASS="REPLACEABLE"
-><I
->randomfile</I
-></TT
+>randomfile</VAR
></DT
><DD
><P
</P
></DD
><DT
->-s <TT
+>-s <VAR
CLASS="REPLACEABLE"
-><I
->address</I
-></TT
+>address</VAR
></DT
><DD
><P
</P
></DD
><DT
->-t <TT
+>-t <VAR
CLASS="REPLACEABLE"
-><I
->chrootdir</I
-></TT
+>chrootdir</VAR
></DT
><DD
><P
</P
></DD
><DT
->-u <TT
+>-u <VAR
CLASS="REPLACEABLE"
-><I
->user</I
-></TT
+>user</VAR
></DT
><DD
><P
no manual configuration, run
</P
><P
-> <TT
+> <KBD
CLASS="USERINPUT"
-><B
->rndc-confgen -a</B
-></TT
+>rndc-confgen -a</KBD
>
</P
><P
run
</P
><P
-> <TT
+> <KBD
CLASS="USERINPUT"
-><B
->rndc-confgen</B
-></TT
+>rndc-confgen</KBD
>
</P
></DIV
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: rndc.conf.html,v 1.5.2.1.4.2 2004/06/03 05:35:50 marka Exp $ -->
+<!-- $Id: rndc.conf.html,v 1.5.2.1.4.3 2004/08/22 23:39:00 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>rndc.conf</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><TT
CLASS="FILENAME"
>rndc.conf</TT
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
and a key statement.
</P
><P
-> The <TT
+> The <VAR
CLASS="OPTION"
->options</TT
+>options</VAR
> statement contains three clauses.
- The <TT
+ The <VAR
CLASS="OPTION"
->default-server</TT
+>default-server</VAR
> clause is followed by the
name or address of a name server. This host will be used when
no name server is given as an argument to
<B
CLASS="COMMAND"
>rndc</B
->. The <TT
+>. The <VAR
CLASS="OPTION"
->default-key</TT
+>default-key</VAR
>
clause is followed by the name of a key which is identified by
- a <TT
+ a <VAR
CLASS="OPTION"
->key</TT
+>key</VAR
> statement. If no
- <TT
+ <VAR
CLASS="OPTION"
->keyid</TT
+>keyid</VAR
> is provided on the rndc command line,
- and no <TT
+ and no <VAR
CLASS="OPTION"
->key</TT
+>key</VAR
> clause is found in a matching
- <TT
+ <VAR
CLASS="OPTION"
->server</TT
+>server</VAR
> statement, this default key will be
used to authenticate the server's commands and responses. The
- <TT
+ <VAR
CLASS="OPTION"
->default-port</TT
+>default-port</VAR
> clause is followed by the port
to connect to on the remote name server. If no
- <TT
+ <VAR
CLASS="OPTION"
->port</TT
+>port</VAR
> option is provided on the rndc command
- line, and no <TT
+ line, and no <VAR
CLASS="OPTION"
->port</TT
+>port</VAR
> clause is found in a
- matching <TT
+ matching <VAR
CLASS="OPTION"
->server</TT
+>server</VAR
> statement, this default port
will be used to connect.
</P
><P
-> After the <TT
+> After the <VAR
CLASS="OPTION"
->server</TT
+>server</VAR
> keyword, the server statement
includes a string which is the hostname or address for a name
server. The statement has two possible clauses:
- <TT
+ <VAR
CLASS="OPTION"
->key</TT
-> and <TT
+>key</VAR
+> and <VAR
CLASS="OPTION"
->port</TT
+>port</VAR
>. The key name must
match the name of a key statement in the file. The port number
specifies the port to connect to.
</P
><P
-> The <TT
+> The <VAR
CLASS="OPTION"
->key</TT
+>key</VAR
> statement begins with an identifying
string, the name of the key. The statement has two clauses.
- <TT
+ <VAR
CLASS="OPTION"
->algorithm</TT
+>algorithm</VAR
> identifies the encryption algorithm
for <B
CLASS="COMMAND"
>:
</P
><P
-> <TT
+> <KBD
CLASS="USERINPUT"
-><B
->rndc-confgen</B
-></TT
+>rndc-confgen</KBD
>
</P
><P
>rndc.conf</TT
> file, including the
randomly generated key, will be written to the standard
- output. Commented out <TT
+ output. Commented out <VAR
CLASS="OPTION"
->key</TT
+>key</VAR
> and
- <TT
+ <VAR
CLASS="OPTION"
->controls</TT
+>controls</VAR
> statements for
<TT
CLASS="FILENAME"
>:
</P
><P
-> <TT
+> <KBD
CLASS="USERINPUT"
-><B
->echo "known plaintext for a secret" | mmencode</B
-></TT
+>echo "known plaintext for a secret" | mmencode</KBD
>
</P
></DIV
CLASS="FILENAME"
>named.conf</TT
>.
- See the sections on the <TT
+ See the sections on the <VAR
CLASS="OPTION"
->controls</TT
+>controls</VAR
> statement in the
BIND 9 Administrator Reference Manual for details.
</P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: rndc.html,v 1.7.2.1.4.2 2004/06/03 05:35:50 marka Exp $ -->
+<!-- $Id: rndc.html,v 1.7.2.1.4.3 2004/08/22 23:39:00 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>rndc</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
+></A
><SPAN
CLASS="APPLICATION"
>rndc</SPAN
-></A
></H1
><DIV
CLASS="REFNAMEDIV"
><B
CLASS="COMMAND"
>rndc</B
-> [<TT
+> [<VAR
CLASS="OPTION"
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
-></TT
->] [<TT
+>config-file</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->key-file</I
-></TT
-></TT
->] [<TT
+>key-file</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-s <TT
+>-s <VAR
CLASS="REPLACEABLE"
-><I
->server</I
-></TT
-></TT
->] [<TT
+>server</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-></TT
->] [<TT
+>port</VAR
+></VAR
+>] [<VAR
CLASS="OPTION"
->-V</TT
->] [<TT
+>-V</VAR
+>] [<VAR
CLASS="OPTION"
->-y <TT
+>-y <VAR
CLASS="REPLACEABLE"
-><I
->key_id</I
-></TT
-></TT
+>key_id</VAR
+></VAR
>] {command}</P
></DIV
><DIV
CLASS="VARIABLELIST"
><DL
><DT
->-c <TT
+>-c <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
+>config-file</VAR
></DT
><DD
><P
-> Use <TT
+> Use <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
+>config-file</VAR
>
as the configuration file instead of the default,
<TT
</P
></DD
><DT
->-k <TT
+>-k <VAR
CLASS="REPLACEABLE"
-><I
->key-file</I
-></TT
+>key-file</VAR
></DT
><DD
><P
-> Use <TT
+> Use <VAR
CLASS="REPLACEABLE"
-><I
->key-file</I
-></TT
+>key-file</VAR
>
as the key file instead of the default,
<TT
CLASS="FILENAME"
>/etc/rndc.key</TT
> will be used to authenticate
- commands sent to the server if the <TT
+ commands sent to the server if the <VAR
CLASS="REPLACEABLE"
-><I
->config-file</I
-></TT
+>config-file</VAR
>
does not exist.
</P
></DD
><DT
->-s <TT
+>-s <VAR
CLASS="REPLACEABLE"
-><I
->server</I
-></TT
+>server</VAR
></DT
><DD
><P
-> <TT
+> <VAR
CLASS="REPLACEABLE"
-><I
->server</I
-></TT
+>server</VAR
> is
the name or address of the server which matches a
server statement in the configuration file for
</P
></DD
><DT
->-p <TT
+>-p <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
></DT
><DD
><P
> Send commands to TCP port
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->port</I
-></TT
+>port</VAR
> instead
of BIND 9's default control channel port, 953.
</P
</P
></DD
><DT
->-y <TT
+>-y <VAR
CLASS="REPLACEABLE"
-><I
->keyid</I
-></TT
+>keyid</VAR
></DT
><DD
><P
-> Use the key <TT
+> Use the key <VAR
CLASS="REPLACEABLE"
-><I
->keyid</I
-></TT
+>keyid</VAR
>
from the configuration file.
- <TT
+ <VAR
CLASS="REPLACEABLE"
-><I
->keyid</I
-></TT
+>keyid</VAR
> must be
known by named with the same algorithm and secret string
in order for control message validation to succeed.
- If no <TT
+ If no <VAR
CLASS="REPLACEABLE"
-><I
->keyid</I
-></TT
+>keyid</VAR
>
is specified, <B
CLASS="COMMAND"
</P
><P
> There is currently no way to provide the shared secret for a
- <TT
+ <VAR
CLASS="OPTION"
->key_id</TT
+>key_id</VAR
> without using the configuration file.
</P
><P
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Introduction </TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch01"
->Chapter 1. Introduction </A
-></H1
+></A
+>Chapter 1. Introduction </H1
><DIV
CLASS="TOC"
><DL
><DT
>1.4. <A
HREF="Bv9ARM.ch01.html#AEN107"
->The Domain Name System (<SPAN
+>The Domain Name System (<ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
>)</A
></DT
></DL
></DIV
><P
->The Internet Domain Name System (<SPAN
+>The Internet Domain Name System (<ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
>) consists of the syntax
to specify the names of entities in the Internet in a hierarchical
manner, the rules used for delegating authority over names, and the
system implementation that actually maps names to Internet
- addresses. <SPAN
+ addresses. <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> data is maintained in a group of distributed
hierarchical databases.</P
><DIV
>1.1. Scope of Document</A
></H1
><P
->The Berkeley Internet Name Domain (<SPAN
+>The Berkeley Internet Name Domain (<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>) implements an
domain name server for a number of operating systems. This
document provides basic information about the installation and
- care of the Internet Software Consortium (<SPAN
+ care of the Internet Software Consortium (<ACRONYM
CLASS="acronym"
->ISC</SPAN
+>ISC</ACRONYM
>)
- <SPAN
+ <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> version 9 software package for system
administrators.</P
><P
>Section 1</I
></SPAN
> introduces
- the basic <SPAN
+ the basic <ACRONYM
CLASS="acronym"
->DNS</SPAN
-> and <SPAN
+>DNS</ACRONYM
+> and <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> concepts. <SPAN
CLASS="emphasis"
><I
>Section 2</I
></SPAN
>
- describes resource requirements for running <SPAN
+ describes resource requirements for running <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> in various
environments. Information in <SPAN
CLASS="emphasis"
></SPAN
> in its presentation and is
organized functionally, to aid in the process of installing the
- <SPAN
+ <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 software. The task-oriented section is followed by
<SPAN
CLASS="emphasis"
>Section 5</I
></SPAN
>
- describes the <SPAN
+ describes the <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 lightweight
resolver. The contents of <SPAN
CLASS="emphasis"
>Bibliography</I
></SPAN
> and
- historic information related to <SPAN
+ historic information related to <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> and the Domain Name
System.</P
></DIV
conventions:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN45"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="288"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
> <P
><SPAN
CLASS="emphasis"
></P
></TD
><TD
-WIDTH="252"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
> <P
><SPAN
CLASS="emphasis"
></TR
><TR
><TD
-WIDTH="288"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
> <P
>a pathname, filename, URL, hostname,
mailing list name, or new term or concept</P
></TD
><TD
-WIDTH="252"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><TT
CLASS="filename"
></TR
><TR
><TD
-WIDTH="288"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>literal user
input</P
></TD
><TD
-WIDTH="252"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><KBD
CLASS="userinput"
-><B
->Fixed Width Bold</B
-></TT
+>Fixed Width Bold</KBD
></P
></TD
></TR
><TR
><TD
-WIDTH="288"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>program output</P
></TD
><TD
-WIDTH="252"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><SAMP
CLASS="computeroutput"
->Fixed Width</TT
+>Fixed Width</SAMP
></P
></TD
></TR
></DIV
><P
>The following conventions are used in descriptions of the
-<SPAN
+<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> configuration file:<DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN77"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="288"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><SPAN
CLASS="emphasis"
></P
></TD
><TD
-WIDTH="252"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><SPAN
CLASS="emphasis"
></TR
><TR
><TD
-WIDTH="288"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>keywords</P
></TD
><TD
-WIDTH="252"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->Fixed Width</TT
+>Fixed Width</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="288"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>variables</P
></TD
><TD
-WIDTH="252"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->Fixed Width</TT
+>Fixed Width</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="288"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Optional input</P
></TD
><TD
-WIDTH="252"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>[<SPAN
CLASS="optional"
CLASS="sect1"
><A
NAME="AEN107"
->1.4. The Domain Name System (<SPAN
+>1.4. The Domain Name System (<ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
>)</A
></H1
><P
>The purpose of this document is to explain the installation
-and upkeep of the <SPAN
+and upkeep of the <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> software package, and we
begin by reviewing the fundamentals of the Domain Name System
-(<SPAN
+(<ACRONYM
CLASS="acronym"
->DNS</SPAN
->) as they relate to <SPAN
+>DNS</ACRONYM
+>) as they relate to <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>.
</P
><DIV
>name servers</I
></SPAN
> and interprets the responses.
-The <SPAN
+The <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 software distribution contains a
name server, <B
CLASS="command"
>Example, Inc.</I
></SPAN
> could be
-<TT
+<VAR
CLASS="literal"
->mail.example.com</TT
+>mail.example.com</VAR
>,
-where <TT
+where <VAR
CLASS="literal"
->com</TT
+>com</VAR
> is the
top level domain to which
-<TT
+<VAR
CLASS="literal"
->ourhost.example.com</TT
+>ourhost.example.com</VAR
> belongs,
-<TT
+<VAR
CLASS="literal"
->example</TT
+>example</VAR
> is
-a subdomain of <TT
+a subdomain of <VAR
CLASS="literal"
->com</TT
+>com</VAR
>, and
-<TT
+<VAR
CLASS="literal"
->ourhost</TT
+>ourhost</VAR
> is the
name of the host.</P
><P
CLASS="emphasis"
>resource records</I
></SPAN
-> (<SPAN
+> (<ACRONYM
CLASS="acronym"
->RR</SPAN
+>RR</ACRONYM
>s).
Some of the supported resource record types are described in
<A
>.</P
><P
>As we stated previously, a zone is a point of delegation in
-the <SPAN
+the <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> tree. A zone consists of
those contiguous parts of the domain
tree for which a name server has complete information and over which
parent zone, which should be matched by equivalent NS records at
the root of the delegated zone.</P
><P
->For instance, consider the <TT
+>For instance, consider the <VAR
CLASS="literal"
->example.com</TT
+>example.com</VAR
>
domain which includes names
-such as <TT
+such as <VAR
CLASS="literal"
->host.aaa.example.com</TT
+>host.aaa.example.com</VAR
> and
-<TT
+<VAR
CLASS="literal"
->host.bbb.example.com</TT
+>host.bbb.example.com</VAR
> even though
-the <TT
+the <VAR
CLASS="literal"
->example.com</TT
+>example.com</VAR
> zone includes
-only delegations for the <TT
+only delegations for the <VAR
CLASS="literal"
->aaa.example.com</TT
+>aaa.example.com</VAR
> and
-<TT
+<VAR
CLASS="literal"
->bbb.example.com</TT
+>bbb.example.com</VAR
> zones. A zone can map
exactly to a single domain, but could also include only part of a
domain, the rest of which could be delegated to other
-name servers. Every name in the <SPAN
+name servers. Every name in the <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> tree is a
<SPAN
CLASS="emphasis"
gain a complete understanding of this difficult and subtle
topic.</P
><P
->Though <SPAN
+>Though <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> is called a "domain name server",
it deals primarily in terms of zones. The master and slave
declarations in the <TT
is found. Forwarders are typically used when you do not
wish all the servers at a given site to interact directly with the rest of
the Internet servers. A typical scenario would involve a number
-of internal <SPAN
+of internal <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> servers and an Internet firewall. Servers unable
to pass packets through the firewall would forward to the server
-that can do it, and that server would query the Internet <SPAN
+that can do it, and that server would query the Internet <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> servers
on the internal server's behalf. An added benefit of using the forwarding
feature is that the central machine develops a much more complete
>1.4.6. Name Servers in Multiple Roles</A
></H2
><P
->The <SPAN
+>The <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> name server can simultaneously act as
a master for some zones, a slave for other zones, and as a caching
(recursive) server for a set of local clients.</P
WIDTH="33%"
ALIGN="right"
VALIGN="top"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> Resource Requirements</TD
></TR
></TABLE
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>BIND Resource Requirements</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch02"
->Chapter 2. <SPAN
+></A
+>Chapter 2. <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> Resource Requirements</A
-></H1
+>BIND</ACRONYM
+> Resource Requirements</H1
><DIV
CLASS="TOC"
><DL
>2.1. Hardware requirements</A
></H1
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> hardware requirements have traditionally been quite modest.
For many installations, servers that have been pensioned off from
-active duty have performed admirably as <SPAN
+active duty have performed admirably as <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> servers.</P
><P
->The DNSSEC and IPv6 features of <SPAN
+>The DNSSEC and IPv6 features of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 may prove to be quite
CPU intensive however, so organizations that make heavy use of these
features may wish to consider larger systems for these applications.
-<SPAN
+<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 is fully multithreaded, allowing full utilization of
multiprocessor systems for installations that need it.</P
></DIV
>2.2. CPU Requirements</A
></H1
><P
->CPU requirements for <SPAN
+>CPU requirements for <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 range from i486-class machines
for serving of static zones without caching, to enterprise-class
machines if you intend to process many dynamic updates and DNSSEC
>max-cache-size</B
>
option can be used to limit the amount of memory used by the cache,
-at the expense of reducing cache hit rates and causing more <SPAN
+at the expense of reducing cache hit rates and causing more <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
>
traffic. It is still good practice to have enough memory to load
all zone and cache data into memory — unfortunately, the best way
>2.5. Supported Operating Systems</A
></H1
><P
->ISC <SPAN
+>ISC <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 compiles and runs on a large number
of Unix-like operating system and on Windows NT / 2000. For an up-to-date
list of supported systems, see the README file in the top level directory
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Name Server Configuration</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch03"
->Chapter 3. Name Server Configuration</A
-></H1
+></A
+>Chapter 3. Name Server Configuration</H1
><DIV
CLASS="TOC"
><DL
></H1
><P
>A primitive form of load balancing can be achieved in
-the <SPAN
+the <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> by using multiple A records for one name.</P
><P
>For example, if you have three WWW servers with network addresses
of the time:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN273"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Name</P
></TD
><TD
-WIDTH="48"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>TTL</P
></TD
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>CLASS</P
></TD
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>TYPE</P
></TD
><TD
-WIDTH="195"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Resource Record (RR) Data</P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->www</TT
+>www</VAR
></P
></TD
><TD
-WIDTH="48"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->600</TT
+>600</VAR
></P
></TD
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN</TT
+>IN</VAR
></P
></TD
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="195"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10.0.0.1</TT
+>10.0.0.1</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="48"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->600</TT
+>600</VAR
></P
></TD
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN</TT
+>IN</VAR
></P
></TD
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="195"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10.0.0.2</TT
+>10.0.0.2</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="48"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->600</TT
+>600</VAR
></P
></TD
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN</TT
+>IN</VAR
></P
></TD
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="195"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10.0.0.3</TT
+>10.0.0.3</VAR
></P
></TD
></TR
></P
></DIV
><P
->When a resolver queries for these records, <SPAN
+>When a resolver queries for these records, <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> will rotate
them and respond to the query with the records in a different
order. In the example above, clients will randomly receive
></A
>.
This substatement is not supported in
- <SPAN
+ <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9, and only the ordering scheme described above is
available.</P
></DIV
><B
CLASS="command"
>dig</B
-> [@<TT
+> [@<VAR
CLASS="replaceable"
-><I
->server</I
-></TT
->] <TT
+>server</VAR
+>] <VAR
CLASS="replaceable"
-><I
->domain</I
-></TT
-> [<TT
+>domain</VAR
+> [<VAR
CLASS="replaceable"
-><I
->query-type</I
-></TT
->] [<TT
+>query-type</VAR
+>] [<VAR
CLASS="replaceable"
-><I
->query-class</I
-></TT
->] [+<TT
+>query-class</VAR
+>] [+<VAR
CLASS="replaceable"
-><I
->query-option</I
-></TT
->] [-<TT
+>query-option</VAR
+>] [-<VAR
CLASS="replaceable"
-><I
->dig-option</I
-></TT
->] [%<TT
+>dig-option</VAR
+>] [%<VAR
CLASS="replaceable"
-><I
->comment</I
-></TT
+>comment</VAR
>]</P
><P
>The usual simple use of dig will take the form</P
><B
CLASS="command"
>host</B
-> [-aCdlrTwv] [-c <TT
+> [-aCdlrTwv] [-c <VAR
CLASS="replaceable"
-><I
->class</I
-></TT
->] [-N <TT
+>class</VAR
+>] [-N <VAR
CLASS="replaceable"
-><I
->ndots</I
-></TT
->] [-t <TT
+>ndots</VAR
+>] [-t <VAR
CLASS="replaceable"
-><I
->type</I
-></TT
->] [-W <TT
+>type</VAR
+>] [-W <VAR
CLASS="replaceable"
-><I
->timeout</I
-></TT
->] [-R <TT
+>timeout</VAR
+>] [-R <VAR
CLASS="replaceable"
-><I
->retries</I
-></TT
->] <TT
+>retries</VAR
+>] <VAR
CLASS="replaceable"
-><I
->hostname</I
-></TT
-> [<TT
+>hostname</VAR
+> [<VAR
CLASS="replaceable"
-><I
->server</I
-></TT
+>server</VAR
>]</P
><P
>For more information and a list of available commands and
><B
CLASS="command"
>nslookup</B
-> [-option...] [<TT
+> [-option...] [<VAR
CLASS="replaceable"
-><I
->host-to-find</I
-></TT
+>host-to-find</VAR
> | - [server]]</P
><P
>Interactive mode is entered when no arguments are given (the
><DT
><A
NAME="named-checkconf"
+></A
><B
CLASS="command"
>named-checkconf</B
-></A
></DT
><DD
><P
><B
CLASS="command"
>named-checkconf</B
-> [-t <TT
+> [-t <VAR
CLASS="replaceable"
-><I
->directory</I
-></TT
->] [<TT
+>directory</VAR
+>] [<VAR
CLASS="replaceable"
-><I
->filename</I
-></TT
+>filename</VAR
>]</P
></DD
><DT
><A
NAME="named-checkzone"
+></A
><B
CLASS="command"
>named-checkzone</B
-></A
></DT
><DD
><P
><B
CLASS="command"
>named-checkzone</B
-> [-dq] [-c <TT
+> [-dq] [-c <VAR
CLASS="replaceable"
-><I
->class</I
-></TT
->] <TT
+>class</VAR
+>] <VAR
CLASS="replaceable"
-><I
->zone</I
-></TT
-> [<TT
+>zone</VAR
+> [<VAR
CLASS="replaceable"
-><I
->filename</I
-></TT
+>filename</VAR
>]</P
></DD
><DT
><A
NAME="rndc"
+></A
><B
CLASS="command"
>rndc</B
-></A
></DT
><DD
><P
><B
CLASS="command"
>rndc</B
-> [-c <TT
+> [-c <VAR
CLASS="replaceable"
-><I
->config</I
-></TT
->] [-s <TT
+>config</VAR
+>] [-s <VAR
CLASS="replaceable"
-><I
->server</I
-></TT
->] [-p <TT
+>server</VAR
+>] [-p <VAR
CLASS="replaceable"
-><I
->port</I
-></TT
->] [-y <TT
+>port</VAR
+>] [-y <VAR
CLASS="replaceable"
-><I
->key</I
-></TT
->] <TT
+>key</VAR
+>] <VAR
CLASS="replaceable"
-><I
->command</I
-></TT
-> [<TT
+>command</VAR
+> [<VAR
CLASS="replaceable"
-><I
->command</I
-></TT
+>command</VAR
>...]</P
><P
><B
CLASS="variablelist"
><DL
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->reload</B
-></TT
+>reload</KBD
></DT
><DD
><P
>Reload configuration file and zones.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->reload <TT
+>reload <VAR
CLASS="replaceable"
-><I
->zone</I
-></TT
+>zone</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->class</I
-></TT
+>class</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->view</I
-></TT
+>view</VAR
></SPAN
>]</SPAN
->]</B
-></TT
+>]</KBD
></DT
><DD
><P
>Reload the given zone.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->refresh <TT
+>refresh <VAR
CLASS="replaceable"
-><I
->zone</I
-></TT
+>zone</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->class</I
-></TT
+>class</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->view</I
-></TT
+>view</VAR
></SPAN
>]</SPAN
->]</B
-></TT
+>]</KBD
></DT
><DD
><P
>Schedule zone maintenance for the given zone.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->retransfer <TT
+>retransfer <VAR
CLASS="replaceable"
-><I
->zone</I
-></TT
+>zone</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->class</I
-></TT
+>class</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->view</I
-></TT
+>view</VAR
></SPAN
>]</SPAN
->]</B
-></TT
+>]</KBD
></DT
><DD
><P
>Retransfer the given zone from the master.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->freeze <TT
+>freeze <VAR
CLASS="replaceable"
-><I
->zone</I
-></TT
+>zone</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->class</I
-></TT
+>class</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->view</I
-></TT
+>view</VAR
></SPAN
>]</SPAN
->]</B
-></TT
+>]</KBD
></DT
><DD
><P
be refused while the zone is frozen.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->unfreeze <TT
+>unfreeze <VAR
CLASS="replaceable"
-><I
->zone</I
-></TT
+>zone</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->class</I
-></TT
+>class</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->view</I
-></TT
+>view</VAR
></SPAN
>]</SPAN
->]</B
-></TT
+>]</KBD
></DT
><DD
><P
will no longer be refused.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->reconfig</B
-></TT
+>reconfig</KBD
></DT
><DD
><P
</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->stats</B
-></TT
+>stats</KBD
></DT
><DD
><P
>Write server statistics to the statistics file.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->querylog</B
-></TT
+>querylog</KBD
></DT
><DD
><P
>.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->dumpdb</B
-></TT
+>dumpdb</KBD
></DT
><DD
><P
>Dump the server's caches to the dump file. </P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->stop</B
-></TT
+>stop</KBD
></DT
><DD
><P
of the updated zones.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->halt</B
-></TT
+>halt</KBD
></DT
><DD
><P
is restarted.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->trace</B
-></TT
+>trace</KBD
></DT
><DD
><P
>Increment the servers debugging level by one. </P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->trace <TT
+>trace <VAR
CLASS="replaceable"
-><I
->level</I
-></TT
-></B
-></TT
+>level</VAR
+></KBD
></DT
><DD
><P
value.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->notrace</B
-></TT
+>notrace</KBD
></DT
><DD
><P
>Sets the server's debugging level to 0.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->flush</B
-></TT
+>flush</KBD
></DT
><DD
><P
>Flushes the server's cache.</P
></DD
><DT
-><TT
+><KBD
CLASS="userinput"
-><B
->status</B
-></TT
+>status</KBD
></DT
><DD
><P
></DL
></DIV
><P
->In <SPAN
+>In <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9.2, <B
CLASS="command"
>rndc</B
CLASS="filename"
>/etc/rndc.conf</TT
>, but an alternate
-location can be specified with the <TT
+location can be specified with the <VAR
CLASS="option"
->-c</TT
+>-c</VAR
>
option. If the configuration file is not found,
<B
CLASS="filename"
>/etc/rndc.key</TT
> (or whatever
-<TT
+<VAR
CLASS="varname"
->sysconfdir</TT
+>sysconfdir</VAR
> was defined when
-the <SPAN
+the <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> build was configured).
The <TT
CLASS="filename"
>default-server</B
> takes a
host name or address argument and represents the server that will
-be contacted if no <TT
+be contacted if no <VAR
CLASS="option"
->-s</TT
+>-s</VAR
>
option is provided on the command line.
<B
CLASS="command"
>key</B
> statement in named.conf.
-The keyword <TT
+The keyword <KBD
CLASS="userinput"
-><B
->key</B
-></TT
+>key</KBD
> is
followed by a key name, which must be a valid
domain name, though it need not actually be hierarchical; thus,
-a string like "<TT
+a string like "<KBD
CLASS="userinput"
-><B
->rndc_key</B
-></TT
+>rndc_key</KBD
>" is a valid name.
The <B
CLASS="command"
>secret</B
>.
While the configuration parser will accept any string as the argument
-to algorithm, currently only the string "<TT
+to algorithm, currently only the string "<KBD
CLASS="userinput"
-><B
->hmac-md5</B
-></TT
+>hmac-md5</KBD
>"
has any meaning. The secret is a base-64 encoded string.</P
><P
CLASS="command"
>key</B
> statement with a server.
-The keyword <TT
+The keyword <KBD
CLASS="userinput"
-><B
->server</B
-></TT
+>server</KBD
> is followed by a
host name or address. The <B
CLASS="command"
>,
would allow the command:</P
><P
-><TT
+><SAMP
CLASS="prompt"
->$ </TT
-><TT
+>$ </SAMP
+><KBD
CLASS="userinput"
-><B
->rndc reload</B
-></TT
+>rndc reload</KBD
></P
><P
>to connect to 127.0.0.1 port 953 and cause the name server
</PRE
><P
>and it had an identical key statement for
-<TT
+<VAR
CLASS="literal"
->rndc_key</TT
+>rndc_key</VAR
>.</P
><P
>Running the <B
> command.</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN683"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Causes the server to read <TT
CLASS="filename"
></TR
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Causes the server to clean up and exit.</P
></TD
></TR
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
> <P
><B
CLASS="command"
>
</TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Causes the server to clean up and exit.</P
></TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> Resource Requirements</TD
><TD
WIDTH="34%"
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Advanced DNS Features</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch04"
->Chapter 4. Advanced DNS Features</A
-></H1
+></A
+>Chapter 4. Advanced DNS Features</H1
><DIV
CLASS="TOC"
><DL
><DT
>4.9. <A
HREF="Bv9ARM.ch04.html#AEN1001"
->IPv6 Support in <SPAN
+>IPv6 Support in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9</A
></DT
></DL
>4.1. Notify</A
></H1
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> NOTIFY is a mechanism that allows master
servers to notify their slave servers of changes to a zone's data. In
response to a <B
slave will check to see that its version of the zone is the
current version and, if not, initiate a zone transfer.</P
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
>
For more information about
<B
to the zone using
<B
CLASS="command"
->rndc freeze <TT
+>rndc freeze <VAR
CLASS="replaceable"
-><I
->zone</I
-></TT
+>zone</VAR
></B
>.
This will also remove the zone's <TT
and update the master file. Edit the zone file. Run
<B
CLASS="command"
->rndc unfreeze <TT
+>rndc unfreeze <VAR
CLASS="replaceable"
-><I
->zone</I
-></TT
+>zone</VAR
></B
>
to reload the changed zone and re-enable dynamic updates.</P
>Proposed Standards</A
>.</P
><P
->When acting as a master, <SPAN
+>When acting as a master, <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9
supports IXFR for those zones
where the necessary change history information is available. These
CLASS="command"
>ixfr-from-differences</B
> is set
-to <TT
+to <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>.
</P
><P
->When acting as a slave, <SPAN
+>When acting as a slave, <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 will
attempt to use IXFR unless
it is explicitly disabled. For more information about disabling
>Example, Inc.</I
></SPAN
>
-(<TT
+(<VAR
CLASS="literal"
->example.com</TT
+>example.com</VAR
>)
has several corporate sites that have an internal network with reserved
Internet Protocol (IP) space and an external demilitarized zone (DMZ),
>Here's an example of a wildcard MX record:</P
><PRE
CLASS="programlisting"
-><TT
+><VAR
CLASS="literal"
->* IN MX 10 external1.example.com.</TT
+>* IN MX 10 external1.example.com.</VAR
></PRE
><P
>Now that they accept mail on behalf of anything in the internal
><UL
><LI
><P
->Look up any hostnames in the <TT
+>Look up any hostnames in the <VAR
CLASS="literal"
->site1</TT
+>site1</VAR
> and
-<TT
+<VAR
CLASS="literal"
->site2.example.com</TT
+>site2.example.com</VAR
> zones.</P
></LI
><LI
><P
->Look up any hostnames in the <TT
+>Look up any hostnames in the <VAR
CLASS="literal"
->site1.internal</TT
+>site1.internal</VAR
> and
-<TT
+<VAR
CLASS="literal"
->site2.internal</TT
+>site2.internal</VAR
> domains.</P
></LI
><LI
><UL
><LI
><P
->Look up any hostnames in the <TT
+>Look up any hostnames in the <VAR
CLASS="literal"
->site1</TT
+>site1</VAR
> and
-<TT
+<VAR
CLASS="literal"
->site2.example.com</TT
+>site2.example.com</VAR
> zones.</P
></LI
><LI
><P
->Exchange mail with anyone in the <TT
+>Exchange mail with anyone in the <VAR
CLASS="literal"
->site1</TT
+>site1</VAR
> and
-<TT
+<VAR
CLASS="literal"
->site2.example.com</TT
+>site2.example.com</VAR
> zones.</P
></LI
></UL
>
acl internals { 172.16.72.0/24; 192.168.1.0/24; };
-acl externals { <TT
+acl externals { <VAR
CLASS="varname"
->bastion-ips-go-here</TT
+>bastion-ips-go-here</VAR
>; };
options {
...
forward only;
forwarders { // forward to external servers
- <TT
+ <VAR
CLASS="varname"
->bastion-ips-go-here</TT
+>bastion-ips-go-here</VAR
>;
};
allow-transfer { none; }; // sample allow-transfer (no one)
></H1
><P
>This is a short guide to setting up Transaction SIGnatures
-(TSIG) based transaction security in <SPAN
+(TSIG) based transaction security in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>. It describes changes
to the configuration file as well as what changes are required for
different features, including the process of creating transaction
-keys and using transaction signatures with <SPAN
+keys and using transaction signatures with <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>.</P
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> primarily supports TSIG for server to server communication.
This includes zone transfer, notify, and recursive query messages.
-Resolvers based on newer versions of <SPAN
+Resolvers based on newer versions of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 have limited support
for TSIG.</P
><P
CLASS="command"
>nsupdate</B
>
- program supports TSIG via the <TT
+ program supports TSIG via the <VAR
CLASS="option"
->-k</TT
+>-k</VAR
> and
- <TT
+ <VAR
CLASS="option"
->-y</TT
+>-y</VAR
> command line options.</P
><DIV
CLASS="sect2"
keys longer than that will be digested with MD5 to produce a 128
bit key.</P
><P
-><TT
+><KBD
CLASS="userinput"
-><B
->dnssec-keygen -a hmac-md5 -b 128 -n HOST host1-host2.</B
-></TT
+>dnssec-keygen -a hmac-md5 -b 128 -n HOST host1-host2.</KBD
></P
><P
>The key is in the file <TT
>Khost1-host2.+157+00000.private</TT
>.
Nothing directly uses this file, but the base-64 encoded string
-following "<TT
+following "<VAR
CLASS="literal"
->Key:</TT
+>Key:</VAR
>"
can be extracted from the file and used as a shared secret:</P
><PRE
CLASS="programlisting"
>Key: La/E5CjG9O+os1jq0a2jdA==</PRE
><P
->The string "<TT
+>The string "<VAR
CLASS="literal"
->La/E5CjG9O+os1jq0a2jdA==</TT
+>La/E5CjG9O+os1jq0a2jdA==</VAR
>" can
be used as the shared secret.</P
></DIV
};
</PRE
><P
->The algorithm, hmac-md5, is the only one supported by <SPAN
+>The algorithm, hmac-md5, is the only one supported by <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>.
The secret is the one generated above. Since this is a secret, it
is recommended that either <TT
>4.5.5. TSIG Key Based Access Control</A
></H2
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> allows IP addresses and ranges to be specified in ACL
definitions and
<B
CLASS="command"
>TKEY</B
> that specify how the key is
- generated or assigned. <SPAN
+ generated or assigned. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9
implements only one of these modes,
the Diffie-Hellman key exchange. Both hosts are required to have
>4.7. SIG(0)</A
></H1
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 partially supports DNSSEC SIG(0)
transaction signatures as specified in RFC 2535 and RFC2931. SIG(0)
uses public/private keys to authenticate messages. Access control
>SIG(0) signing of multiple-message TCP streams is not
supported.</P
><P
->The only tool shipped with <SPAN
+>The only tool shipped with <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 that
generates SIG(0) signed messages is <B
CLASS="command"
of DNSSEC signed zones.</P
><P
>In order to set up a DNSSEC secure zone, there are a series
- of steps which must be followed. <SPAN
+ of steps which must be followed. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 ships
with several tools
that are used in this process, which are explained in more detail
- below. In all cases, the <TT
+ below. In all cases, the <VAR
CLASS="option"
->-h</TT
+>-h</VAR
> option prints a
full list of parameters. Note that the DNSSEC tools require the
keyset files to be in the working directory or the
- directory specified by the <TT
+ directory specified by the <VAR
CLASS="option"
->-h</TT
+>-h</VAR
> option, and
that the tools shipped with BIND 9.2.x and earlier are not compatible
with the current ones.</P
the parent and/or child zone to transmit keys. A zone's security
status must be indicated by the parent zone for a DNSSEC capable
resolver to trust its data. This is done through the presense
- or absence of a <TT
+ or absence of a <VAR
CLASS="literal"
->DS</TT
+>DS</VAR
> record at the delegation
point.</P
><P
>child.example</TT
> zone:</P
><P
-><TT
+><KBD
CLASS="userinput"
-><B
->dnssec-keygen -a RSASHA1 -b 768 -n ZONE child.example.</B
-></TT
+>dnssec-keygen -a RSASHA1 -b 768 -n ZONE child.example.</KBD
></P
><P
>Two output files will be produced:
>keyset</TT
> files corresponding
to secure subzones should be present. The zone signer will
- generate <TT
+ generate <VAR
CLASS="literal"
->NSEC</TT
-> and <TT
+>NSEC</VAR
+> and <VAR
CLASS="literal"
->RRSIG</TT
+>RRSIG</VAR
>
- records for the zone, as well as <TT
+ records for the zone, as well as <VAR
CLASS="literal"
->DS</TT
+>DS</VAR
> for
- the child zones if <TT
+ the child zones if <VAR
CLASS="literal"
->'-d'</TT
+>'-d'</VAR
> is specified.
- If <TT
+ If <VAR
CLASS="literal"
->'-d'</TT
+>'-d'</VAR
> is not specified then DS RRsets for
the secure child zones need to be added manually.</P
><P
default, all zone keys which have an available private key are
used to generate signatures.</P
><P
-><TT
+><KBD
CLASS="userinput"
-><B
->dnssec-signzone -o child.example zone.child.example</B
-></TT
+>dnssec-signzone -o child.example zone.child.example</KBD
></P
><P
>One output file is produced:
> will also produce a
keyset and dsset files and optionally a dlvset file. These
are used to provide the parent zone administators with the
- <TT
+ <VAR
CLASS="literal"
->DNSKEYs</TT
-> (or their corresponding <TT
+>DNSKEYs</VAR
+> (or their corresponding <VAR
CLASS="literal"
->DS</TT
+>DS</VAR
>
records) that are the secure entry point to the zone.</P
></DIV
>4.8.3. Configuring Servers</A
></H2
><P
->Unlike <SPAN
+>Unlike <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8,
-<SPAN
+<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 does not verify signatures on load,
so zone keys for authoritative zones do not need to be specified
in the configuration file.</P
CLASS="sect1"
><A
NAME="AEN1001"
->4.9. IPv6 Support in <SPAN
+>4.9. IPv6 Support in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9</A
></H1
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 fully supports all currently defined forms of IPv6
name to address and address to name lookups. It will also use
IPv6 addresses to make queries when running on an IPv6 capable
system.</P
><P
->For forward lookups, <SPAN
+>For forward lookups, <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 supports only AAAA
records. The use of A6 records is deprecated by RFC 3363, and the
- support for forward lookups in <SPAN
+ support for forward lookups in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 is
removed accordingly.
- However, authoritative <SPAN
+ However, authoritative <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 name servers still
load zone files containing A6 records correctly, answer queries
for A6 records, and accept zone transfer for a zone containing A6
records.</P
><P
->For IPv6 reverse lookups, <SPAN
+>For IPv6 reverse lookups, <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 supports
the traditional "nibble" format used in the
<SPAN
>ip6.int</I
></SPAN
> domain.
- <SPAN
+ <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 formerly
supported the "binary label" (also known as "bitstring") format.
The support of binary labels, however, is now completely removed
according to the changes in RFC 3363.
- Any applications in <SPAN
+ Any applications in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 do not understand
the format any more, and will return an error if given.
- In particular, an authoritative <SPAN
+ In particular, an authoritative <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 name
server rejects to load a zone file containing binary labels.</P
><P
><P
>It is recommended that IPv4-in-IPv6 mapped addresses not
be used. If a host has an IPv4 address, use an A record, not
- a AAAA, with <TT
+ a AAAA, with <VAR
CLASS="literal"
->::ffff:192.168.42.1</TT
+>::ffff:192.168.42.1</VAR
> as the
address.</P
></DIV
><P
>When looking up an address in nibble format, the address
components are simply reversed, just as in IPv4, and
- <TT
+ <VAR
CLASS="literal"
->ip6.arpa.</TT
+>ip6.arpa.</VAR
> is appended to the resulting name.
For example, the following would provide reverse name lookup for
a host with address
- <TT
+ <VAR
CLASS="literal"
->2001:db8::1</TT
+>2001:db8::1</VAR
>.</P
><PRE
CLASS="programlisting"
WIDTH="33%"
ALIGN="right"
VALIGN="top"
->The <SPAN
+>The <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Lightweight Resolver</TD
></TR
></TABLE
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>The BIND 9 Lightweight Resolver</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch05"
->Chapter 5. The <SPAN
+></A
+>Chapter 5. The <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> 9 Lightweight Resolver</A
-></H1
+>BIND</ACRONYM
+> 9 Lightweight Resolver</H1
><DIV
CLASS="TOC"
><DL
then removed, these are hard or impossible
to implement in a traditional stub resolver.</P
><P
->Instead, <SPAN
+>Instead, <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 provides resolution services to local clients
using a combination of a lightweight resolver library and a resolver
daemon process running on the local host. These communicate using
WIDTH="33%"
ALIGN="right"
VALIGN="top"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Configuration Reference</TD
></TR
></TABLE
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>BIND 9 Configuration Reference</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch06"
->Chapter 6. <SPAN
+></A
+>Chapter 6. <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> 9 Configuration Reference</A
-></H1
+>BIND</ACRONYM
+> 9 Configuration Reference</H1
><DIV
CLASS="TOC"
><DL
></DL
></DIV
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 configuration is broadly similar
-to <SPAN
+to <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8; however, there are a few new areas
-of configuration, such as views. <SPAN
+of configuration, such as views. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>
-8 configuration files should work with few alterations in <SPAN
+8 configuration files should work with few alterations in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>
9, although more complex configurations should be reviewed to check
if they can be more efficiently implemented using the new features
-found in <SPAN
+found in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9.</P
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 4 configuration files can be converted to the new format
using the shell script
<TT
>6.1. Configuration File Elements</A
></H1
><P
->Following is a list of elements used throughout the <SPAN
+>Following is a list of elements used throughout the <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> configuration
file documentation:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN1076"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->acl_name</TT
+>acl_name</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->The name of an <TT
+>The name of an <VAR
CLASS="varname"
->address_match_list</TT
+>address_match_list</VAR
> as
defined by the <B
CLASS="command"
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->address_match_list</TT
+>address_match_list</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->A list of one or more <TT
+>A list of one or more <VAR
CLASS="varname"
->ip_addr</TT
+>ip_addr</VAR
>,
-<TT
+<VAR
CLASS="varname"
->ip_prefix</TT
->, <TT
+>ip_prefix</VAR
+>, <VAR
CLASS="varname"
->key_id</TT
+>key_id</VAR
>,
-or <TT
+or <VAR
CLASS="varname"
->acl_name</TT
+>acl_name</VAR
> elements, see
<A
HREF="Bv9ARM.ch06.html#address_match_lists"
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->domain_name</TT
+>domain_name</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>A quoted string which will be used as
-a DNS name, for example "<TT
+a DNS name, for example "<VAR
CLASS="literal"
->my.test.domain</TT
+>my.test.domain</VAR
>".</P
></TD
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->dotted_decimal</TT
+>dotted_decimal</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>One to four integers valued 0 through
255 separated by dots (`.'), such as <B
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->ip4_addr</TT
+>ip4_addr</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>An IPv4 address with exactly four elements
-in <TT
+in <VAR
CLASS="varname"
->dotted_decimal</TT
+>dotted_decimal</VAR
> notation.</P
></TD
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->ip6_addr</TT
+>ip6_addr</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>An IPv6 address, such as <B
CLASS="command"
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->ip_addr</TT
+>ip_addr</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->An <TT
+>An <VAR
CLASS="varname"
->ip4_addr</TT
-> or <TT
+>ip4_addr</VAR
+> or <VAR
CLASS="varname"
->ip6_addr</TT
+>ip6_addr</VAR
>.</P
></TD
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->ip_port</TT
+>ip_port</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->An IP port <TT
+>An IP port <VAR
CLASS="varname"
->number</TT
+>number</VAR
>.
-<TT
+<VAR
CLASS="varname"
->number</TT
+>number</VAR
> is limited to 0 through 65535, with values
below 1024 typically restricted to use by processes running as root.
In some cases an asterisk (`*') character can be used as a placeholder to
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->ip_prefix</TT
+>ip_prefix</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->An IP network specified as an <TT
+>An IP network specified as an <VAR
CLASS="varname"
->ip_addr</TT
+>ip_addr</VAR
>,
followed by a slash (`/') and then the number of bits in the netmask.
-Trailing zeros in a <TT
+Trailing zeros in a <VAR
CLASS="varname"
->ip_addr</TT
+>ip_addr</VAR
> may omitted.
For example, <B
CLASS="command"
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->key_id</TT
+>key_id</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->A <TT
+>A <VAR
CLASS="varname"
->domain_name</TT
+>domain_name</VAR
> representing
the name of a shared key, to be used for transaction security.</P
></TD
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->key_list</TT
+>key_list</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->A list of one or more <TT
+>A list of one or more <VAR
CLASS="varname"
->key_id</TT
+>key_id</VAR
>s,
separated by semicolons and ending with a semicolon.</P
></TD
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->number</TT
+>number</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>A non-negative 32 bit integer
(i.e., a number between 0 and 4294967295, inclusive).
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->path_name</TT
+>path_name</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>A quoted string which will be used as
a pathname, such as <TT
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->size_spec</TT
+>size_spec</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->A number, the word <TT
+>A number, the word <KBD
CLASS="userinput"
-><B
->unlimited</B
-></TT
+>unlimited</KBD
>,
-or the word <TT
+or the word <KBD
CLASS="userinput"
-><B
->default</B
-></TT
+>default</KBD
>.</P
><P
-> An <TT
+> An <VAR
CLASS="varname"
->unlimited</TT
-> <TT
+>unlimited</VAR
+> <VAR
CLASS="varname"
->size_spec</TT
+>size_spec</VAR
> requests unlimited
-use, or the maximum available amount. A <TT
+use, or the maximum available amount. A <VAR
CLASS="varname"
->default size_spec</TT
+>default size_spec</VAR
> uses
the limit that was in force when the server was started.</P
><P
->A <TT
+>A <VAR
CLASS="varname"
->number</TT
+>number</VAR
> can
-optionally be followed by a scaling factor: <TT
+optionally be followed by a scaling factor: <KBD
CLASS="userinput"
-><B
->K</B
-></TT
-> or <TT
+>K</KBD
+> or <KBD
CLASS="userinput"
-><B
->k</B
-></TT
+>k</KBD
> for
-kilobytes, <TT
+kilobytes, <KBD
CLASS="userinput"
-><B
->M</B
-></TT
-> or <TT
+>M</KBD
+> or <KBD
CLASS="userinput"
-><B
->m</B
-></TT
+>m</KBD
> for
-megabytes, and <TT
+megabytes, and <KBD
CLASS="userinput"
-><B
->G</B
-></TT
-> or <TT
+>G</KBD
+> or <KBD
CLASS="userinput"
-><B
->g</B
-></TT
+>g</KBD
> for gigabytes,
which scale by 1024, 1024*1024, and 1024*1024*1024 respectively.</P
>
<P
>The value must be representable as a 64-bit unsigned integer
(0 to 18446744073709551615, inclusive).
-Using <TT
+Using <VAR
CLASS="varname"
->unlimited</TT
+>unlimited</VAR
> is the best way
to safely set a really large number.</P
></TD
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->yes_or_no</TT
+>yes_or_no</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->Either <TT
+>Either <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
-> or <TT
+>yes</KBD
+> or <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>.
-The words <TT
+The words <KBD
CLASS="userinput"
-><B
->true</B
-></TT
-> and <TT
+>true</KBD
+> and <KBD
CLASS="userinput"
-><B
->false</B
-></TT
+>false</KBD
> are
-also accepted, as are the numbers <TT
+also accepted, as are the numbers <KBD
CLASS="userinput"
-><B
->1</B
-></TT
-> and <TT
+>1</KBD
+> and <KBD
CLASS="userinput"
-><B
->0</B
-></TT
+>0</KBD
>.</P
></TD
></TR
><TR
><TD
-WIDTH="178"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->dialup_option</TT
+>dialup_option</VAR
></P
></TD
><TD
-WIDTH="362"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->One of <TT
+>One of <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>,
-<TT
+<KBD
CLASS="userinput"
-><B
->no</B
-></TT
->, <TT
+>no</KBD
+>, <KBD
CLASS="userinput"
-><B
->notify</B
-></TT
+>notify</KBD
>,
-<TT
+<KBD
CLASS="userinput"
-><B
->notify-passive</B
-></TT
->, <TT
+>notify-passive</KBD
+>, <KBD
CLASS="userinput"
-><B
->refresh</B
-></TT
+>refresh</KBD
> or
-<TT
+<KBD
CLASS="userinput"
-><B
->passive</B
-></TT
+>passive</KBD
>.
-When used in a zone, <TT
+When used in a zone, <KBD
CLASS="userinput"
-><B
->notify-passive</B
-></TT
+>notify-passive</KBD
>,
-<TT
+<KBD
CLASS="userinput"
-><B
->refresh</B
-></TT
->, and <TT
+>refresh</KBD
+>, and <KBD
CLASS="userinput"
-><B
->passive</B
-></TT
+>passive</KBD
>
are restricted to slave and stub zones.</P
></TD
></H3
><PRE
CLASS="programlisting"
-><TT
+><VAR
CLASS="varname"
->address_match_list</TT
+>address_match_list</VAR
> = address_match_list_element ;
[<SPAN
CLASS="optional"
> address_match_list_element; ... </SPAN
>]
-<TT
+<VAR
CLASS="varname"
->address_match_list_element</TT
+>address_match_list_element</VAR
> = [<SPAN
CLASS="optional"
> ! </SPAN
>6.1.2. Comment Syntax</A
></H2
><P
->The <SPAN
+>The <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 comment syntax allows for comments to appear
-anywhere that white space may appear in a <SPAN
+anywhere that white space may appear in a <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> configuration
file. To appeal to programmers of all kinds, they can be written
in the C, C++, or shell/perl style.</P
><P
><PRE
CLASS="programlisting"
->/* This is a <SPAN
+>/* This is a <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> comment as in C */</PRE
>
<PRE
CLASS="programlisting"
->// This is a <SPAN
+>// This is a <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> comment as in C++</PRE
>
<PRE
CLASS="programlisting"
-># This is a <SPAN
+># This is a <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> comment as in common UNIX shells and perl</PRE
>
</P
></H3
><P
>Comments may appear anywhere that whitespace may appear in
-a <SPAN
+a <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> configuration file.</P
><P
>C-style comments start with the two characters /* (slash,
></P
><P
>Shell-style (or perl-style, if you prefer) comments start
-with the character <TT
+with the character <VAR
CLASS="literal"
->#</TT
+>#</VAR
> (number sign) and continue to the end of the
physical line, as in C++ comments.</P
><P
>6.2. Configuration File Grammar</A
></H1
><P
->A <SPAN
+>A <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 configuration consists of statements and comments.
Statements end with a semicolon. Statements and comments are the
only elements that can appear without enclosing braces. Many
>The following statements are supported:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN1318"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>defines a named IP address
matching list, for access control and other uses.</P
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>declares control channels to be used
by the <B
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>includes a file.</P
></TD
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>specifies key information for use in
authentication and authorization using TSIG.</P
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>specifies what the server logs, and where
the log messages are sent.</P
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>configures <B
CLASS="command"
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>defines a named masters list for
inclusion in stub and slave zone masters clauses.</P
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>controls global server configuration
options and sets defaults for other statements.</P
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>sets certain configuration options on
a per-server basis.</P
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>defines trusted DNSSEC keys.</P
></TD
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>defines a view.</P
></TD
></TR
><TR
><TD
-WIDTH="128"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="363"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>defines a zone.</P
></TD
>The following ACLs are built-in:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN1414"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Matches all hosts.</P
></TD
></TR
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Matches no hosts.</P
></TD
></TR
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Matches the IPv4 and IPv6 addresses of all network
interfaces on the system.</P
></TR
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Matches any host on an IPv4 or IPv6 network
for which the system has an interface.
inet ( ip_addr | * ) [<SPAN
CLASS="optional"
> port ip_port </SPAN
->] allow { <TT
+>] allow { <VAR
CLASS="replaceable"
-><I
-> address_match_list </I
-></TT
+> address_match_list </VAR
> }
- keys { <TT
+ keys { <VAR
CLASS="replaceable"
-><I
-> key_list </I
-></TT
+> key_list </VAR
> };
[<SPAN
CLASS="optional"
CLASS="command"
>ip_addr</B
>
- of <TT
+ of <VAR
CLASS="literal"
->*</TT
+>*</VAR
> is interpreted as the IPv4 wildcard
address; connections will be accepted on any of the system's
IPv4 addresses. To listen on the IPv6 wildcard address,
use an <B
CLASS="command"
>ip_addr</B
-> of <TT
+> of <VAR
CLASS="literal"
->::</TT
+>::</VAR
>.
If you will only use <B
CLASS="command"
>rndc</B
> on the local host,
- using the loopback address (<TT
+ using the loopback address (<VAR
CLASS="literal"
->127.0.0.1</TT
+>127.0.0.1</VAR
>
- or <TT
+ or <VAR
CLASS="literal"
->::1</TT
+>::1</VAR
>) is recommended for maximum
security.
</P
><P
> If no port is specified, port 953
- is used. "<TT
+ is used. "<VAR
CLASS="literal"
->*</TT
+>*</VAR
>" cannot be used for
<B
CLASS="command"
<TT
CLASS="filename"
>/etc</TT
-> (or whatever <TT
+> (or whatever <VAR
CLASS="varname"
->sysconfdir</TT
+>sysconfdir</VAR
>
-was specified as when <SPAN
+was specified as when <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> was built).
To create a <TT
CLASS="filename"
>rndc.key</TT
> file, run
-<TT
+<KBD
CLASS="userinput"
-><B
->rndc-confgen -a</B
-></TT
+>rndc-confgen -a</KBD
>.
</P
><P
CLASS="filename"
>rndc.key</TT
> feature was created to
- ease the transition of systems from <SPAN
+ ease the transition of systems from <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8,
which did not have digital signatures on its command channel messages
and thus did not have a <B
>keys</B
> clause.
-It makes it possible to use an existing <SPAN
+It makes it possible to use an existing <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8
-configuration file in <SPAN
+configuration file in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 unchanged,
and still have <B
CLASS="command"
CLASS="command"
>ndc</B
> worked in BIND 8, simply by executing the
-command <TT
+command <KBD
CLASS="userinput"
-><B
->rndc-confgen -a</B
-></TT
+>rndc-confgen -a</KBD
> after BIND 9 is
installed.
</P
>rndc.key</TT
> feature
is only intended to allow the backward-compatible usage of
- <SPAN
+ <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 configuration files, this feature does not
have a high degree of configurability. You cannot easily change
the key name or the size of the secret, so you should make a
> and make it group readable by a group
that contains the users who should have access.</P
><P
->The UNIX control channel type of <SPAN
+>The UNIX control channel type of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 is not supported
- in <SPAN
+ in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9, and is not expected to be added in future
releases. If it is present in the controls statement from a
- <SPAN
+ <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 configuration file, it is ignored
and a warning is logged.</P
><P
></H2
><PRE
CLASS="programlisting"
->include <TT
+>include <VAR
CLASS="replaceable"
-><I
->filename</I
-></TT
+>filename</VAR
>;</PRE
></DIV
><DIV
></H2
><PRE
CLASS="programlisting"
->key <TT
+>key <VAR
CLASS="replaceable"
-><I
->key_id</I
-></TT
+>key_id</VAR
> {
- algorithm <TT
+ algorithm <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
>;
- secret <TT
+ secret <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
>;
};
</PRE
must be defined at the top level.
</P
><P
->The <TT
+>The <VAR
CLASS="replaceable"
-><I
->key_id</I
-></TT
+>key_id</VAR
>, also known as the
key name, is a domain name uniquely identifying the key. It can
be used in a <B
verify that incoming requests have been signed with a key
matching this name, algorithm, and secret.</P
><P
->The <TT
+>The <VAR
CLASS="replaceable"
-><I
->algorithm_id</I
-></TT
+>algorithm_id</VAR
> is a string
that specifies a security/authentication algorithm. The only
algorithm currently supported with TSIG authentication is
-<TT
+<VAR
CLASS="literal"
->hmac-md5</TT
+>hmac-md5</VAR
>. The
-<TT
+<VAR
CLASS="replaceable"
-><I
->secret_string</I
-></TT
+>secret_string</VAR
> is the secret to be
used by the algorithm, and is treated as a base-64 encoded
string.</P
[ <B
CLASS="command"
>channel</B
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->channel_name</I
-></TT
+>channel_name</VAR
> {
( <B
CLASS="command"
>file</B
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->path name</I
-></TT
+>path name</VAR
>
[ <B
CLASS="command"
>versions</B
-> ( <TT
+> ( <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> | <TT
+>number</VAR
+> | <VAR
CLASS="literal"
->unlimited</TT
+>unlimited</VAR
> ) ]
[ <B
CLASS="command"
>size</B
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->size spec</I
-></TT
+>size spec</VAR
> ]
| <B
CLASS="command"
>syslog</B
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->syslog_facility</I
-></TT
+>syslog_facility</VAR
>
| <B
CLASS="command"
[ <B
CLASS="command"
>severity</B
-> (<TT
+> (<VAR
CLASS="option"
->critical</TT
-> | <TT
+>critical</VAR
+> | <VAR
CLASS="option"
->error</TT
-> | <TT
+>error</VAR
+> | <VAR
CLASS="option"
->warning</TT
-> | <TT
+>warning</VAR
+> | <VAR
CLASS="option"
->notice</TT
+>notice</VAR
> |
- <TT
+ <VAR
CLASS="option"
->info</TT
-> | <TT
+>info</VAR
+> | <VAR
CLASS="option"
->debug</TT
-> [ <TT
+>debug</VAR
+> [ <VAR
CLASS="replaceable"
-><I
->level</I
-></TT
-> ] | <TT
+>level</VAR
+> ] | <VAR
CLASS="option"
->dynamic</TT
+>dynamic</VAR
> ); ]
[ <B
CLASS="command"
>print-category</B
-> <TT
+> <VAR
CLASS="option"
->yes</TT
-> or <TT
+>yes</VAR
+> or <VAR
CLASS="option"
->no</TT
+>no</VAR
>; ]
[ <B
CLASS="command"
>print-severity</B
-> <TT
+> <VAR
CLASS="option"
->yes</TT
-> or <TT
+>yes</VAR
+> or <VAR
CLASS="option"
->no</TT
+>no</VAR
>; ]
[ <B
CLASS="command"
>print-time</B
-> <TT
+> <VAR
CLASS="option"
->yes</TT
-> or <TT
+>yes</VAR
+> or <VAR
CLASS="option"
->no</TT
+>no</VAR
>; ]
}; ]
[ <B
CLASS="command"
>category</B
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->category_name</I
-></TT
+>category_name</VAR
> {
- <TT
+ <VAR
CLASS="replaceable"
-><I
->channel_name</I
-></TT
-> ; [ <TT
+>channel_name</VAR
+> ; [ <VAR
CLASS="replaceable"
-><I
->channel_nam</I
-></TT
+>channel_nam</VAR
>e ; ... ]
}; ]
...
};
</PRE
><P
->In <SPAN
+>In <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9, the logging configuration is only established when
-the entire configuration file has been parsed. In <SPAN
+the entire configuration file has been parsed. In <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8, it was
established as soon as the <B
CLASS="command"
> statement
was parsed. When the server is starting up, all logging messages
regarding syntax errors in the configuration file go to the default
-channels, or to standard error if the "<TT
+channels, or to standard error if the "<VAR
CLASS="option"
->-g</TT
+>-g</VAR
>" option
was specified.</P
><DIV
CLASS="command"
>named</B
> server
-with the <TT
+with the <VAR
CLASS="option"
->-d</TT
+>-d</VAR
> flag followed by a positive integer,
or by running <B
CLASS="command"
> options
are on:</P
><P
-><TT
+><SAMP
CLASS="computeroutput"
->28-Feb-2000 15:05:32.863 general: notice: running</TT
+>28-Feb-2000 15:05:32.863 general: notice: running</SAMP
></P
><P
>There are four predefined channels that are used for
>
in the server's working directory.</P
><P
->For security reasons, when the "<TT
+>For security reasons, when the "<VAR
CLASS="option"
->-u</TT
+>-u</VAR
>"
command line option is used, the <TT
CLASS="filename"
>named</B
> is
starting up and still running as root is discarded. If you need
-to capture this output, you must run the server with the "<TT
+to capture this output, you must run the server with the "<VAR
CLASS="option"
->-g</TT
+>-g</VAR
>"
option and redirect standard error to a file.</P
><P
><P
>Following are the available categories and brief descriptions
of the types of log information they contain. More
-categories may be added in future <SPAN
+categories may be added in future <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> releases.</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN1743"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The default category defines the logging
options for those categories where no specific configuration has been
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The catch-all. Many things still aren't
classified into categories, and they all end up here.</P
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Messages relating to the databases used
internally by the name server to store zone and cache data.</P
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Approval and denial of requests.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Configuration file parsing and processing.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>DNS resolution, such as the recursive
lookups performed on behalf of clients by a caching name server.</P
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Zone transfers the server is receiving.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Zone transfers the server is sending.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The NOTIFY protocol.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Processing of client requests.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Messages that named was unable to determine the
class of or for which there was no matching <B
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Network operations.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Dynamic updates.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Approval and denial of update requests.</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Specify where queries should be logged to.</P
>
>
<PRE
CLASS="programlisting"
-><TT
+><SAMP
CLASS="computeroutput"
->client 127.0.0.1#62536: query: www.example.com IN AAAA +SE</TT
+>client 127.0.0.1#62536: query: www.example.com IN AAAA +SE</SAMP
>
-<TT
+<SAMP
CLASS="computeroutput"
->client ::1#62537: query: www.example.net IN AAAA -SE</TT
+>client ::1#62537: query: www.example.net IN AAAA -SE</SAMP
>
</PRE
>
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Dispatching of incoming packets to the
server modules where they are to be processed.
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>DNSSEC and TSIG protocol processing.
</P
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Lame servers. These are misconfigurations
in remote servers, discovered by BIND 9 when trying to query
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Delegation only. Logs queries that have have
been forced to NXDOMAIN as the result of a delegation-only zone or
> {
[<SPAN
CLASS="optional"
-> listen-on { <TT
+> listen-on { <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; ... </SPAN
>] }; </SPAN
>]
[<SPAN
CLASS="optional"
-> view <TT
+> view <VAR
CLASS="replaceable"
-><I
->view_name</I
-></TT
+>view_name</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> search { <TT
+> search { <VAR
CLASS="replaceable"
-><I
->domain_name</I
-></TT
+>domain_name</VAR
> ; [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->domain_name</I
-></TT
+>domain_name</VAR
> ; ... </SPAN
>] }; </SPAN
>]
[<SPAN
CLASS="optional"
-> ndots <TT
+> ndots <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
};
> <B
CLASS="command"
>masters</B
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->name</I
-></TT
+>name</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
->] { ( <TT
+>] { ( <VAR
CLASS="replaceable"
-><I
->masters_list</I
-></TT
-> | <TT
+>masters_list</VAR
+> | <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] [<SPAN
CLASS="optional"
->key <TT
+>key <VAR
CLASS="replaceable"
-><I
->key</I
-></TT
+>key</VAR
></SPAN
>] ) ; [<SPAN
CLASS="optional"
>options {
[<SPAN
CLASS="optional"
-> version <TT
+> version <VAR
CLASS="replaceable"
-><I
->version_string</I
-></TT
+>version_string</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> hostname <TT
+> hostname <VAR
CLASS="replaceable"
-><I
->hostname_string</I
-></TT
+>hostname_string</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> server-id <TT
+> server-id <VAR
CLASS="replaceable"
-><I
->server_id_string</I
-></TT
+>server_id_string</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> directory <TT
+> directory <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> key-directory <TT
+> key-directory <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> named-xfer <TT
+> named-xfer <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> tkey-domain <TT
+> tkey-domain <VAR
CLASS="replaceable"
-><I
->domainname</I
-></TT
+>domainname</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> tkey-dhkey <TT
+> tkey-dhkey <VAR
CLASS="replaceable"
-><I
->key_name</I
-></TT
-> <TT
+>key_name</VAR
+> <VAR
CLASS="replaceable"
-><I
->key_tag</I
-></TT
+>key_tag</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> dump-file <TT
+> dump-file <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> memstatistics-file <TT
+> memstatistics-file <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> pid-file <TT
+> pid-file <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> statistics-file <TT
+> statistics-file <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> zone-statistics <TT
+> zone-statistics <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> auth-nxdomain <TT
+> auth-nxdomain <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> deallocate-on-exit <TT
+> deallocate-on-exit <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> dialup <TT
+> dialup <VAR
CLASS="replaceable"
-><I
->dialup_option</I
-></TT
+>dialup_option</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> fake-iquery <TT
+> fake-iquery <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> fetch-glue <TT
+> fetch-glue <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> flush-zones-on-shutdown <TT
+> flush-zones-on-shutdown <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> has-old-clients <TT
+> has-old-clients <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> host-statistics <TT
+> host-statistics <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> minimal-responses <TT
+> minimal-responses <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> multiple-cnames <TT
+> multiple-cnames <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> notify <TT
+> notify <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
-> | <TT
+>yes_or_no</VAR
+> | <VAR
CLASS="replaceable"
-><I
->explicit</I
-></TT
+>explicit</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> recursion <TT
+> recursion <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> rfc2308-type1 <TT
+> rfc2308-type1 <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> use-id-pool <TT
+> use-id-pool <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> maintain-ixfr-base <TT
+> maintain-ixfr-base <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> dnssec-enable <TT
+> dnssec-enable <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> dnssec-lookaside <TT
+> dnssec-lookaside <VAR
CLASS="replaceable"
-><I
->domain</I
-></TT
-> trust-anchor <TT
+>domain</VAR
+> trust-anchor <VAR
CLASS="replaceable"
-><I
->domain</I
-></TT
+>domain</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> dnssec-must-be-secure <TT
+> dnssec-must-be-secure <VAR
CLASS="replaceable"
-><I
->domain yes_or_no</I
-></TT
+>domain yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> forward ( <TT
+> forward ( <VAR
CLASS="replaceable"
-><I
->only</I
-></TT
-> | <TT
+>only</VAR
+> | <VAR
CLASS="replaceable"
-><I
->first</I
-></TT
+>first</VAR
> ); </SPAN
>]
[<SPAN
CLASS="optional"
-> forwarders { <TT
+> forwarders { <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; ... </SPAN
>] }; </SPAN
CLASS="optional"
> dual-stack-servers [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
->] { ( <TT
+>] { ( <VAR
CLASS="replaceable"
-><I
->domain_name</I
-></TT
+>domain_name</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
->] | <TT
+>] | <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ) ; ... }; </SPAN
>]
[<SPAN
CLASS="optional"
-> check-names ( <TT
+> check-names ( <VAR
CLASS="replaceable"
-><I
->master</I
-></TT
-> | <TT
+>master</VAR
+> | <VAR
CLASS="replaceable"
-><I
->slave</I
-></TT
-> | <TT
+>slave</VAR
+> | <VAR
CLASS="replaceable"
-><I
-> response</I
-></TT
-> )( <TT
+> response</VAR
+> )( <VAR
CLASS="replaceable"
-><I
->warn</I
-></TT
-> | <TT
+>warn</VAR
+> | <VAR
CLASS="replaceable"
-><I
->fail</I
-></TT
-> | <TT
+>fail</VAR
+> | <VAR
CLASS="replaceable"
-><I
->ignore</I
-></TT
+>ignore</VAR
> ); </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-notify { <TT
+> allow-notify { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-query { <TT
+> allow-query { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-transfer { <TT
+> allow-transfer { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-recursion { <TT
+> allow-recursion { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-update-forwarding { <TT
+> allow-update-forwarding { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-v6-synthesis { <TT
+> allow-v6-synthesis { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
-> blackhole { <TT
+> blackhole { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
-> avoid-v4-udp-ports { <TT
+> avoid-v4-udp-ports { <VAR
CLASS="replaceable"
-><I
->port_list</I
-></TT
+>port_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
-> avoid-v6-udp-ports { <TT
+> avoid-v6-udp-ports { <VAR
CLASS="replaceable"
-><I
->port_list</I
-></TT
+>port_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
> listen-on [<SPAN
CLASS="optional"
-> port <TT
+> port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
> </SPAN
->] { <TT
+>] { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
> listen-on-v6 [<SPAN
CLASS="optional"
-> port <TT
+> port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
> </SPAN
->] { <TT
+>] { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }; </SPAN
>]
[<SPAN
CLASS="optional"
> query-source [<SPAN
CLASS="optional"
-> address ( <TT
+> address ( <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
-> | <TT
+>ip_addr</VAR
+> | <VAR
CLASS="replaceable"
-><I
->*</I
-></TT
+>*</VAR
> ) </SPAN
>] [<SPAN
CLASS="optional"
-> port ( <TT
+> port ( <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
-> | <TT
+>ip_port</VAR
+> | <VAR
CLASS="replaceable"
-><I
->*</I
-></TT
+>*</VAR
> ) </SPAN
>]; </SPAN
>]
CLASS="optional"
> query-source-v6 [<SPAN
CLASS="optional"
-> address ( <TT
+> address ( <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
-> | <TT
+>ip_addr</VAR
+> | <VAR
CLASS="replaceable"
-><I
->*</I
-></TT
+>*</VAR
> ) </SPAN
>] [<SPAN
CLASS="optional"
-> port ( <TT
+> port ( <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
-> | <TT
+>ip_port</VAR
+> | <VAR
CLASS="replaceable"
-><I
->*</I
-></TT
+>*</VAR
> ) </SPAN
>]; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-transfer-time-in <TT
+> max-transfer-time-in <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-transfer-time-out <TT
+> max-transfer-time-out <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-transfer-idle-in <TT
+> max-transfer-idle-in <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-transfer-idle-out <TT
+> max-transfer-idle-out <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> tcp-clients <TT
+> tcp-clients <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> recursive-clients <TT
+> recursive-clients <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> serial-query-rate <TT
+> serial-query-rate <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> serial-queries <TT
+> serial-queries <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> tcp-listen-queue <TT
+> tcp-listen-queue <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfer-format <TT
+> transfer-format <VAR
CLASS="replaceable"
-><I
->( one-answer | many-answers )</I
-></TT
+>( one-answer | many-answers )</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfers-in <TT
+> transfers-in <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfers-out <TT
+> transfers-out <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfers-per-ns <TT
+> transfers-per-ns <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfer-source (<TT
+> transfer-source (<VAR
CLASS="replaceable"
-><I
->ip4_addr</I
-></TT
-> | <TT
+>ip4_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfer-source-v6 (<TT
+> transfer-source-v6 (<VAR
CLASS="replaceable"
-><I
->ip6_addr</I
-></TT
-> | <TT
+>ip6_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> alt-transfer-source (<TT
+> alt-transfer-source (<VAR
CLASS="replaceable"
-><I
->ip4_addr</I
-></TT
-> | <TT
+>ip4_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> alt-transfer-source-v6 (<TT
+> alt-transfer-source-v6 (<VAR
CLASS="replaceable"
-><I
->ip6_addr</I
-></TT
-> | <TT
+>ip6_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> use-alt-transfer-source <TT
+> use-alt-transfer-source <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> notify-source (<TT
+> notify-source (<VAR
CLASS="replaceable"
-><I
->ip4_addr</I
-></TT
-> | <TT
+>ip4_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> notify-source-v6 (<TT
+> notify-source-v6 (<VAR
CLASS="replaceable"
-><I
->ip6_addr</I
-></TT
-> | <TT
+>ip6_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> also-notify { <TT
+> also-notify { <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; ... </SPAN
>] }; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-ixfr-log-size <TT
+> max-ixfr-log-size <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-journal-size <TT
+> max-journal-size <VAR
CLASS="replaceable"
-><I
->size_spec</I
-></TT
+>size_spec</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> coresize <TT
+> coresize <VAR
CLASS="replaceable"
-><I
->size_spec</I
-></TT
+>size_spec</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> datasize <TT
+> datasize <VAR
CLASS="replaceable"
-><I
->size_spec</I
-></TT
+>size_spec</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> files <TT
+> files <VAR
CLASS="replaceable"
-><I
->size_spec</I
-></TT
+>size_spec</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> stacksize <TT
+> stacksize <VAR
CLASS="replaceable"
-><I
->size_spec</I
-></TT
+>size_spec</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> cleaning-interval <TT
+> cleaning-interval <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> heartbeat-interval <TT
+> heartbeat-interval <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> interface-interval <TT
+> interface-interval <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> statistics-interval <TT
+> statistics-interval <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> topology { <TT
+> topology { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }</SPAN
>];
[<SPAN
CLASS="optional"
-> sortlist { <TT
+> sortlist { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> }</SPAN
>];
[<SPAN
CLASS="optional"
-> rrset-order { <TT
+> rrset-order { <VAR
CLASS="replaceable"
-><I
->order_spec</I
-></TT
+>order_spec</VAR
> ; [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->order_spec</I
-></TT
+>order_spec</VAR
> ; ... </SPAN
>] </SPAN
>] };
[<SPAN
CLASS="optional"
-> lame-ttl <TT
+> lame-ttl <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-ncache-ttl <TT
+> max-ncache-ttl <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-cache-ttl <TT
+> max-cache-ttl <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> sig-validity-interval <TT
+> sig-validity-interval <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> min-roots <TT
+> min-roots <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> use-ixfr <TT
+> use-ixfr <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> provide-ixfr <TT
+> provide-ixfr <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> request-ixfr <TT
+> request-ixfr <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> treat-cr-as-space <TT
+> treat-cr-as-space <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> min-refresh-time <TT
+> min-refresh-time <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-refresh-time <TT
+> max-refresh-time <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> min-retry-time <TT
+> min-retry-time <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-retry-time <TT
+> max-retry-time <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> port <TT
+> port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> additional-from-auth <TT
+> additional-from-auth <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> additional-from-cache <TT
+> additional-from-cache <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> random-device <TT
+> random-device <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-cache-size <TT
+> max-cache-size <VAR
CLASS="replaceable"
-><I
->size_spec</I
-></TT
+>size_spec</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> match-mapped-addresses <TT
+> match-mapped-addresses <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> preferred-glue ( <TT
+> preferred-glue ( <VAR
CLASS="replaceable"
-><I
->A</I
-></TT
-> | <TT
+>A</VAR
+> | <VAR
CLASS="replaceable"
-><I
->AAAA</I
-></TT
-> | <TT
+>AAAA</VAR
+> | <VAR
CLASS="replaceable"
-><I
->NONE</I
-></TT
+>NONE</VAR
> ); </SPAN
>]
[<SPAN
CLASS="optional"
-> edns-udp-size <TT
+> edns-udp-size <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
> root-delegation-only [<SPAN
CLASS="optional"
-> exclude { <TT
+> exclude { <VAR
CLASS="replaceable"
-><I
->namelist</I
-></TT
+>namelist</VAR
> } </SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> querylog <TT
+> querylog <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
};
[<SPAN
CLASS="optional"
-> disable-algorithms <TT
+> disable-algorithms <VAR
CLASS="replaceable"
-><I
->domain</I
-></TT
-> { <TT
+>domain</VAR
+> { <VAR
CLASS="replaceable"
-><I
->algorithm</I
-></TT
+>algorithm</VAR
>; [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->algorithm</I
-></TT
+>algorithm</VAR
>; </SPAN
>] }; </SPAN
>]
CLASS="command"
>options</B
> statement sets up global options
-to be used by <SPAN
+to be used by <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>. This statement may appear only
once in a configuration file. If there is no <B
CLASS="command"
>This option is obsolete.</I
></SPAN
>
-It was used in <SPAN
+It was used in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 to
specify the pathname to the <B
CLASS="command"
>named-xfer</B
> program.
-In <SPAN
+In <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9, no separate <B
CLASS="command"
>named-xfer</B
>TKEY</B
> exchange, it may or may not specify
the desired name for the key. If present, the name of the shared
-key will be "<TT
+key will be "<VAR
CLASS="varname"
->client specified part</TT
+>client specified part</VAR
>" +
-"<TT
+"<VAR
CLASS="varname"
->tkey-domain</TT
+>tkey-domain</VAR
>".
-Otherwise, the name of the shared key will be "<TT
+Otherwise, the name of the shared key will be "<VAR
CLASS="varname"
>random hex
-digits</TT
->" + "<TT
+digits</VAR
+>" + "<VAR
CLASS="varname"
->tkey-domain</TT
+>tkey-domain</VAR
>". In most cases,
the <B
CLASS="command"
><DD
><P
> Specify heirachies which must / may not be secure (signed and validated).
-If <TT
+If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
> then named will only accept answers if they
are secure.
-If <TT
+If <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
> then normal dnssec validation applies
allowing for insecure answers to be accepted.
The specified domain must be under a <B
></DT
><DD
><P
->If <TT
+>If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>, then the <B
CLASS="command"
>AA</B
> bit
is always set on NXDOMAIN responses, even if the server is not actually
-authoritative. The default is <TT
+authoritative. The default is <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>; this is
-a change from <SPAN
+a change from <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8. If you are using very old DNS software, you
-may need to set it to <TT
+may need to set it to <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>.</P
></DD
><DT
></DT
><DD
><P
->This option was used in <SPAN
+>This option was used in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 to enable checking
-for memory leaks on exit. <SPAN
+for memory leaks on exit. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 ignores the option and always performs
the checks.</P
></DD
></DT
><DD
><P
->If <TT
+>If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>, then the
server treats all zones as if they are doing zone transfers across
a dial on demand dialup link, which can be brought up by traffic
>heartbeat-interval</B
> and
hopefully during the one call. It also suppresses some of the normal
-zone maintenance traffic. The default is <TT
+zone maintenance traffic. The default is <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>.</P
><P
>The <B
NOTIFY requests.</P
><P
>Finer control can be achieved by using
-<TT
+<KBD
CLASS="userinput"
-><B
->notify</B
-></TT
+>notify</KBD
> which only sends NOTIFY messages,
-<TT
+<KBD
CLASS="userinput"
-><B
->notify-passive</B
-></TT
+>notify-passive</KBD
> which sends NOTIFY messages and
-suppresses the normal refresh queries, <TT
+suppresses the normal refresh queries, <KBD
CLASS="userinput"
-><B
->refresh</B
-></TT
+>refresh</KBD
>
which suppresses normal refresh processing and sends refresh queries
when the <B
CLASS="command"
>heartbeat-interval</B
> expires, and
-<TT
+<KBD
CLASS="userinput"
-><B
->passive</B
-></TT
+>passive</KBD
> which just disables normal refresh
processing.</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN2390"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>dialup mode</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>normal refresh</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>heart-beat refresh</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>heart-beat notify</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
> (default)</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>yes</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>yes</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>yes</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>yes</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>yes</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>yes</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>no</P
></TD
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>yes</P
></TD
></DT
><DD
><P
->In <SPAN
+>In <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8, this option
enabled simulating the obsolete DNS query type
-IQUERY. <SPAN
+IQUERY. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 never does IQUERY simulation.
</P
></DD
><DD
><P
>This option is obsolete.
-In BIND 8, <TT
+In BIND 8, <KBD
CLASS="userinput"
-><B
->fetch-glue yes</B
-></TT
+>fetch-glue yes</KBD
>
caused the server to attempt to fetch glue resource records it
didn't have when constructing the additional
<B
CLASS="command"
>flush-zones-on-shutdown</B
-> <TT
+> <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>.
</P
></DD
><DD
><P
>This option was incorrectly implemented
-in <SPAN
+in <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> 8, and is ignored by <SPAN
+>BIND</ACRONYM
+> 8, and is ignored by <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9.
To achieve the intended effect
of
<B
CLASS="command"
>has-old-clients</B
-> <TT
+> <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>, specify
the two separate options <B
CLASS="command"
>auth-nxdomain</B
-> <TT
+> <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>
and <B
CLASS="command"
>rfc2308-type1</B
-> <TT
+> <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
> instead.
</P
></DD
>This option is obsolete</I
></SPAN
>.
- It was used in <SPAN
+ It was used in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 to determine whether a transaction log was
-kept for Incremental Zone Transfer. <SPAN
+kept for Incremental Zone Transfer. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 maintains a transaction
log whenever possible. If you need to disable outgoing incremental zone
transfers, use <B
CLASS="command"
>provide-ixfr</B
-> <TT
+> <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>.
</P
></DD
></DT
><DD
><P
->If <TT
+>If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>, then when generating
responses the server will only add records to the authority and
additional data sections when they are required (e.g. delegations,
negative responses). This may improve the performance of the server.
-The default is <TT
+The default is <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>.
</P
></DD
></DT
><DD
><P
->This option was used in <SPAN
+>This option was used in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 to allow
a domain name to have multiple CNAME records in violation of the
-DNS standards. <SPAN
+DNS standards. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9.2 always strictly
enforces the CNAME rules both in master files and dynamic updates.
</P
></DT
><DD
><P
->If <TT
+>If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
> (the default),
DNS NOTIFY messages are sent when a zone the server is authoritative for
changes, see <A
> option.
</P
><P
-> If <TT
+> If <KBD
CLASS="userinput"
-><B
->explicit</B
-></TT
+>explicit</KBD
>, notifies are sent only to
servers explicitly listed using <B
CLASS="command"
>also-notify</B
>.
-If <TT
+If <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>, no notifies are sent.
</P
><P
></DT
><DD
><P
->If <TT
+>If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>, and a
DNS query requests recursion, then the server will attempt to do
all the work required to answer the query. If recursion is off
and the server does not already know the answer, it will return a
-referral response. The default is <TT
+referral response. The default is <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>.
Note that setting <B
CLASS="command"
></DT
><DD
><P
->Setting this to <TT
+>Setting this to <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
> will
cause the server to send NS records along with the SOA record for negative
-answers. The default is <TT
+answers. The default is <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>.</P
><DIV
CLASS="note"
><P
><B
>Note: </B
->Not yet implemented in <SPAN
+>Not yet implemented in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9.</P
></BLOCKQUOTE
></DIV
>This option is obsolete</I
></SPAN
>.
-<SPAN
+<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 always allocates query IDs from a pool.
</P
></DD
></DT
><DD
><P
->If <TT
+>If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>, the server will collect
statistical data on all zones (unless specifically turned off
on a per-zone basis by specifying <B
></DT
><DD
><P
->This option was used in <SPAN
+>This option was used in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 to make
the server treat carriage return ("<B
CLASS="command"
>") characters the same way
as a space or tab character,
to facilitate loading of zone files on a UNIX system that were generated
-on an NT or DOS machine. In <SPAN
+on an NT or DOS machine. In <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9, both UNIX "<B
CLASS="command"
>\n</B
and DNAME chains.
</P
><P
-> When both of these options are set to <TT
+> When both of these options are set to <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>
(the default) and a
query is being answered from authoritative data (a zone
otherwise be provided in the additional section.
</P
><P
-> For example, if a query asks for an MX record for host <TT
+> For example, if a query asks for an MX record for host <VAR
CLASS="literal"
->foo.example.com</TT
+>foo.example.com</VAR
>,
-and the record found is "<TT
+and the record found is "<VAR
CLASS="literal"
->MX 10 mail.example.net</TT
+>MX 10 mail.example.net</VAR
>", normally the address
-records (A and AAAA) for <TT
+records (A and AAAA) for <VAR
CLASS="literal"
->mail.example.net</TT
+>mail.example.net</VAR
> will be provided as well,
if known, even though they are not in the example.com zone.
Setting these options to <B
></DT
><DD
><P
->If <TT
+>If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>, then an
IPv4-mapped IPv6 address will match any address match
list entries that match the corresponding IPv4 address.
> This should be set when you have multiple masters for a zone and the
addresses refer to different machines. If 'yes' named will not log
when the serial number on the master is less than what named currently
-has. The default is <TT
+has. The default is <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>.
</P
></DD
></DT
><DD
><P
-> Enable DNSSEC support in named. Unless set to <TT
+> Enable DNSSEC support in named. Unless set to <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>
named behaves as if it does not support DNSSEC.
-The default is <TT
+The default is <KBD
CLASS="userinput"
-><B
->no</B
-></TT
+>no</KBD
>.
</P
></DD
><DD
><P
>This option is only meaningful if the
-forwarders list is not empty. A value of <TT
+forwarders list is not empty. A value of <VAR
CLASS="varname"
->first</TT
+>first</VAR
>,
the default, causes the server to query the forwarders first, and
if that doesn't answer the question the server will then look for
-the answer itself. If <TT
+the answer itself. If <VAR
CLASS="varname"
->only</TT
+>only</VAR
> is specified, the
server will only query the forwarders.
</P
><P
>Specifies which hosts are allowed to
submit Dynamic DNS updates to slave zones to be forwarded to the
-master. The default is <TT
+master. The default is <KBD
CLASS="userinput"
-><B
->{ none; }</B
-></TT
+>{ none; }</KBD
>, which
means that no update forwarding will be performed. To enable
update forwarding, specify
-<TT
+<KBD
CLASS="userinput"
-><B
->allow-update-forwarding { any; };</B
-></TT
+>allow-update-forwarding { any; };</KBD
>.
-Specifying values other than <TT
+Specifying values other than <KBD
CLASS="userinput"
-><B
->{ none; }</B
-></TT
+>{ none; }</KBD
> or
-<TT
+<KBD
CLASS="userinput"
-><B
->{ any; }</B
-></TT
+>{ any; }</KBD
> is usually counterproductive, since
the responsibility for update access control should rest with the
master server, not the slaves.</P
><P
>Specifies a list of addresses that the
server will not accept queries from or use to resolve a query. Queries
-from these addresses will not be responded to. The default is <TT
+from these addresses will not be responded to. The default is <KBD
CLASS="userinput"
-><B
->none</B
-></TT
+>none</KBD
>.</P
></DD
></DL
CLASS="command"
>listen-on</B
> takes
-an optional port, and an <TT
+an optional port, and an <VAR
CLASS="varname"
->address_match_list</TT
+>address_match_list</VAR
>.
The server will listen on all interfaces allowed by the address
match list. If a port is not specified, port 53 will be used.</P
CLASS="programlisting"
>{ any; }</PRE
> is specified
-as the <TT
+as the <VAR
CLASS="varname"
->address_match_list</TT
+>address_match_list</VAR
> for the
<B
CLASS="command"
>6.2.16.7. Zone Transfers</A
></H3
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> has mechanisms in place to facilitate zone transfers
and set limits on the amount of load that transfers place on the
system. The following options apply to zone transfers.</P
>many-answers</B
> is more
efficient, but is only supported by relatively new slave servers,
-such as <SPAN
+such as <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> 9, <SPAN
+>BIND</ACRONYM
+> 9, <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8.x and patched
-versions of <SPAN
+versions of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 4.9.5. The default is
<B
CLASS="command"
><DD
><P
>The maximum number of inbound zone transfers
-that can be running concurrently. The default value is <TT
+that can be running concurrently. The default value is <VAR
CLASS="literal"
->10</TT
+>10</VAR
>.
Increasing <B
CLASS="command"
><P
>The maximum number of outbound zone transfers
that can be running concurrently. Zone transfer requests in excess
-of the limit will be refused. The default value is <TT
+of the limit will be refused. The default value is <VAR
CLASS="literal"
->10</TT
+>10</VAR
>.</P
></DD
><DT
><P
>The maximum number of inbound zone transfers
that can be concurrently transferring from a given remote name server.
-The default value is <TT
+The default value is <VAR
CLASS="literal"
->2</TT
+>2</VAR
>. Increasing <B
CLASS="command"
>transfers-per-ns</B
><DD
><P
>The maximum size of a core dump. The default
-is <TT
+is <VAR
CLASS="literal"
->default</TT
+>default</VAR
>.</P
></DD
><DT
><DD
><P
>The maximum amount of data memory the server
-may use. The default is <TT
+may use. The default is <VAR
CLASS="literal"
->default</TT
+>default</VAR
>.
This is a hard limit on server memory usage.
If the server attempts to allocate memory in excess of this
><DD
><P
>The maximum number of files the server
-may have open concurrently. The default is <TT
+may have open concurrently. The default is <VAR
CLASS="literal"
->unlimited</TT
+>unlimited</VAR
>.
</P
></DD
><DD
><P
>The maximum amount of stack memory the server
-may use. The default is <TT
+may use. The default is <VAR
CLASS="literal"
->default</TT
+>default</VAR
>.</P
></DD
></DL
>). When the journal file approaches
the specified size, some of the oldest transactions in the journal
will be automatically removed. The default is
-<TT
+<VAR
CLASS="literal"
->unlimited</TT
+>unlimited</VAR
>.</P
></DD
><DT
><P
>The maximum number of simultaneous recursive lookups
the server will perform on behalf of clients. The default is
-<TT
+<VAR
CLASS="literal"
->1000</TT
+>1000</VAR
>. Because each recursing client uses a fair
bit of memory, on the order of 20 kilobytes, the value of the
<B
><P
>The maximum number of simultaneous client TCP
connections that the server will accept.
-The default is <TT
+The default is <VAR
CLASS="literal"
->100</TT
+>100</VAR
>.</P
></DD
><DT
reaches this limit, the server will cause records to expire
prematurely so that the limit is not exceeded. In a server with
multiple views, the limit applies separately to the cache of each
-view. The default is <TT
+view. The default is <VAR
CLASS="literal"
->unlimited</TT
+>unlimited</VAR
>, meaning that
records are purged from the cache only when their TTLs expire.
</P
><P
><B
>Note: </B
->Not yet implemented in <SPAN
+>Not yet implemented in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>9.</P
></BLOCKQUOTE
></DIV
CLASS="command"
>topology</B
> option
-is not implemented in <SPAN
+is not implemented in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9.
</P
></BLOCKQUOTE
><P
>The following example will give reasonable behavior for the
local host and hosts on directly connected networks. It is similar
-to the behavior of the address sort in <SPAN
+to the behavior of the address sort in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 4.9.x. Responses sent
to queries from the local host will favor any of the directly connected
networks. Responses sent to queries from any other hosts on a directly
CLASS="programlisting"
>[<SPAN
CLASS="optional"
-> class <TT
+> class <VAR
CLASS="replaceable"
-><I
->class_name</I
-></TT
+>class_name</VAR
> </SPAN
>][<SPAN
CLASS="optional"
-> type <TT
+> type <VAR
CLASS="replaceable"
-><I
->type_name</I
-></TT
+>type_name</VAR
> </SPAN
>][<SPAN
CLASS="optional"
-> name <TT
+> name <VAR
CLASS="replaceable"
-><I
->"domain_name"</I
-></TT
+>"domain_name"</VAR
></SPAN
>]
- order <TT
+ order <VAR
CLASS="replaceable"
-><I
->ordering</I
-></TT
+>ordering</VAR
>
</PRE
><P
> are:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN3119"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="360"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Records are returned in the order they
are defined in the zone file.</P
></TR
><TR
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="360"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Records are returned in some random order.</P
></TD
></TR
><TR
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="360"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Records are returned in a round-robin
order.</P
</PRE
><P
>will cause any responses for type A records in class IN that
-have "<TT
+have "<VAR
CLASS="literal"
->host.example.com</TT
+>host.example.com</VAR
>" as a suffix, to always be returned
in random order. All other records are returned in cyclic order.</P
><P
CLASS="command"
>rrset-order</B
> statement
-is not yet fully implemented in <SPAN
+is not yet fully implemented in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9.
BIND 9 currently does not support "fixed" ordering.
</P
>NOT</B
></SPAN
> recommended.)
-Default is <TT
+Default is <VAR
CLASS="literal"
->600</TT
+>600</VAR
> (10 minutes). Maximum value is
-<TT
+<VAR
CLASS="literal"
->1800</TT
+>1800</VAR
> (30 minutes).</P
></DD
><DT
<B
CLASS="command"
>max-ncache-ttl</B
-> is <TT
+> is <VAR
CLASS="literal"
->10800</TT
+>10800</VAR
> seconds (3 hours).
<B
CLASS="command"
><P
>The minimum number of root servers that
is required for a request for the root servers to be accepted. Default
-is <TT
+is <KBD
CLASS="userinput"
-><B
->2</B
-></TT
+>2</KBD
>.</P
><DIV
CLASS="note"
><P
><B
>Note: </B
->Not implemented in <SPAN
+>Not implemented in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>9.</P
></BLOCKQUOTE
></DIV
HREF="Bv9ARM.ch04.html#dynamic_update"
>Section 4.2</A
>)
-will expire. The default is <TT
+will expire. The default is <VAR
CLASS="literal"
->30</TT
+>30</VAR
> days.
The maximum value is 10 years (3660 days). The signature
inception time is unconditionally set to one hour before the current time
><P
>The server provides some helpful diagnostic information
through a number of built-in zones under the
-pseudo-top-level-domain <TT
+pseudo-top-level-domain <VAR
CLASS="literal"
->bind</TT
+>bind</VAR
> in the
<B
CLASS="command"
><DD
><P
>The version the server should report
-via a query of the name <TT
+via a query of the name <VAR
CLASS="literal"
->version.bind</TT
+>version.bind</VAR
>
with type <B
CLASS="command"
>6.2.16.17. The Statistics File</A
></H3
><P
->The statistics file generated by <SPAN
+>The statistics file generated by <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9
is similar, but not identical, to that
-generated by <SPAN
+generated by <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8.
</P
><P
>The following statistics counters are maintained:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN3263"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The number of
successful queries made to the server or zone. A successful query
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The number of queries which resulted
in referral responses.</P
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The number of queries which resulted in
NOERROR responses with no data.</P
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The number
of queries which resulted in NXDOMAIN responses.</P
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The number of queries which resulted in a
failure response other than those above.</P
></TR
><TR
><TD
-WIDTH="110"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="322"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The number of queries which caused the server
to perform recursion in order to find the final answer.</P
></H2
><PRE
CLASS="programlisting"
->server <TT
+>server <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> {
[<SPAN
CLASS="optional"
-> bogus <TT
+> bogus <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> provide-ixfr <TT
+> provide-ixfr <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> request-ixfr <TT
+> request-ixfr <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> edns <TT
+> edns <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfers <TT
+> transfers <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfer-format <TT
+> transfer-format <VAR
CLASS="replaceable"
-><I
->( one-answer | many-answers )</I
-></TT
+>( one-answer | many-answers )</VAR
> ; ]</SPAN
>]
[<SPAN
CLASS="optional"
-> keys <TT
+> keys <VAR
CLASS="replaceable"
-><I
>{ string ; [<SPAN
CLASS="optional"
> string ; [<SPAN
CLASS="optional"
>...</SPAN
>]</SPAN
->] }</I
-></TT
+>] }</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfer-source (<TT
+> transfer-source (<VAR
CLASS="replaceable"
-><I
->ip4_addr</I
-></TT
-> | <TT
+>ip4_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfer-source-v6 (<TT
+> transfer-source-v6 (<VAR
CLASS="replaceable"
-><I
->ip6_addr</I
-></TT
-> | <TT
+>ip6_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
CLASS="command"
>many-answers</B
> is
-more efficient, but is only known to be understood by <SPAN
+more efficient, but is only known to be understood by <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> 9, <SPAN
+>BIND</ACRONYM
+> 9, <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>
-8.x, and patched versions of <SPAN
+8.x, and patched versions of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 4.9.5. You can specify which method
to use for a server with the <B
CLASS="command"
><PRE
CLASS="programlisting"
>trusted-keys {
- <TT
+ <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
> ;
[<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
-> <TT
+>string</VAR
+> <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
> ; [<SPAN
CLASS="optional"
>...</SPAN
></H2
><PRE
CLASS="programlisting"
->view <TT
+>view <VAR
CLASS="replaceable"
-><I
->view_name</I
-></TT
+>view_name</VAR
>
[<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->class</I
-></TT
+>class</VAR
></SPAN
>] {
- match-clients { <TT
+ match-clients { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> } ;
- match-destinations { <TT
+ match-destinations { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> } ;
- match-recursive-only <TT
+ match-recursive-only <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ;
[<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->view_option</I
-></TT
+>view_option</VAR
>; ...</SPAN
>]
[<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->zone_statement</I
-></TT
+>zone_statement</VAR
>; ...</SPAN
>]
};
CLASS="command"
>view</B
> statement is a powerful new feature
-of <SPAN
+of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 that lets a name server answer a DNS query differently
depending on who is asking. It is particularly useful for implementing
split DNS setups without having to run multiple servers.</P
> statement defines a view of the
DNS namespace that will be seen by a subset of clients. A client matches
a view if its source IP address matches the
-<TT
+<VAR
CLASS="varname"
->address_match_list</TT
+>address_match_list</VAR
> of the view's
<B
CLASS="command"
>match-clients</B
> clause and its destination IP address matches
-the <TT
+the <VAR
CLASS="varname"
->address_match_list</TT
+>address_match_list</VAR
> of the view's
<B
CLASS="command"
></H2
><PRE
CLASS="programlisting"
->zone <TT
+>zone <VAR
CLASS="replaceable"
-><I
->zone_name</I
-></TT
+>zone_name</VAR
> [<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->class</I
-></TT
+>class</VAR
></SPAN
>] [<SPAN
CLASS="optional"
type ( master | slave | hint | stub | forward | delegation-only ) ;
[<SPAN
CLASS="optional"
-> allow-notify { <TT
+> allow-notify { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> } ; </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-query { <TT
+> allow-query { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> } ; </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-transfer { <TT
+> allow-transfer { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> } ; </SPAN
>]
[<SPAN
CLASS="optional"
-> allow-update { <TT
+> allow-update { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> } ; </SPAN
>]
[<SPAN
CLASS="optional"
-> update-policy { <TT
+> update-policy { <VAR
CLASS="replaceable"
-><I
->update_policy_rule</I
-></TT
+>update_policy_rule</VAR
> [<SPAN
CLASS="optional"
>...</SPAN
>]
[<SPAN
CLASS="optional"
-> allow-update-forwarding { <TT
+> allow-update-forwarding { <VAR
CLASS="replaceable"
-><I
->address_match_list</I
-></TT
+>address_match_list</VAR
> } ; </SPAN
>]
[<SPAN
CLASS="optional"
-> also-notify { <TT
+> also-notify { <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; ... </SPAN
>] }; </SPAN
>]
[<SPAN
CLASS="optional"
-> check-names (<TT
+> check-names (<CODE
CLASS="constant"
->warn</TT
->|<TT
+>warn</CODE
+>|<CODE
CLASS="constant"
->fail</TT
->|<TT
+>fail</CODE
+>|<CODE
CLASS="constant"
->ignore</TT
+>ignore</CODE
>) ; </SPAN
>]
[<SPAN
CLASS="optional"
-> dialup <TT
+> dialup <VAR
CLASS="replaceable"
-><I
->dialup_option</I
-></TT
+>dialup_option</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> delegation-only <TT
+> delegation-only <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> file <TT
+> file <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> forward (<TT
+> forward (<CODE
CLASS="constant"
->only</TT
->|<TT
+>only</CODE
+>|<CODE
CLASS="constant"
->first</TT
+>first</CODE
>) ; </SPAN
>]
[<SPAN
CLASS="optional"
-> forwarders { <TT
+> forwarders { <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; ... </SPAN
>] }; </SPAN
>]
[<SPAN
CLASS="optional"
-> ixfr-base <TT
+> ixfr-base <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> ixfr-tmp-file <TT
+> ixfr-tmp-file <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> maintain-ixfr-base <TT
+> maintain-ixfr-base <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
> masters [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
->] { ( <TT
+>] { ( <VAR
CLASS="replaceable"
-><I
->masters_list</I
-></TT
-> | <TT
+>masters_list</VAR
+> | <VAR
CLASS="replaceable"
-><I
->ip_addr</I
-></TT
+>ip_addr</VAR
> [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] [<SPAN
CLASS="optional"
->key <TT
+>key <VAR
CLASS="replaceable"
-><I
->key</I
-></TT
+>key</VAR
></SPAN
>] ) ; [<SPAN
CLASS="optional"
>]
[<SPAN
CLASS="optional"
-> max-ixfr-log-size <TT
+> max-ixfr-log-size <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-transfer-idle-in <TT
+> max-transfer-idle-in <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-transfer-idle-out <TT
+> max-transfer-idle-out <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-transfer-time-in <TT
+> max-transfer-time-in <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-transfer-time-out <TT
+> max-transfer-time-out <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> notify <TT
+> notify <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
-> | <TT
+>yes_or_no</VAR
+> | <VAR
CLASS="replaceable"
-><I
->explicit</I
-></TT
+>explicit</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> pubkey <TT
+> pubkey <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
-> <TT
+>number</VAR
+> <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfer-source (<TT
+> transfer-source (<VAR
CLASS="replaceable"
-><I
->ip4_addr</I
-></TT
-> | <TT
+>ip4_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> transfer-source-v6 (<TT
+> transfer-source-v6 (<VAR
CLASS="replaceable"
-><I
->ip6_addr</I
-></TT
-> | <TT
+>ip6_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> alt-transfer-source (<TT
+> alt-transfer-source (<VAR
CLASS="replaceable"
-><I
->ip4_addr</I
-></TT
-> | <TT
+>ip4_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> alt-transfer-source-v6 (<TT
+> alt-transfer-source-v6 (<VAR
CLASS="replaceable"
-><I
->ip6_addr</I
-></TT
-> | <TT
+>ip6_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> use-alt-transfer-source <TT
+> use-alt-transfer-source <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
-> notify-source (<TT
+> notify-source (<VAR
CLASS="replaceable"
-><I
->ip4_addr</I
-></TT
-> | <TT
+>ip4_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> notify-source-v6 (<TT
+> notify-source-v6 (<VAR
CLASS="replaceable"
-><I
->ip6_addr</I
-></TT
-> | <TT
+>ip6_addr</VAR
+> | <CODE
CLASS="constant"
->*</TT
+>*</CODE
>) [<SPAN
CLASS="optional"
->port <TT
+>port <VAR
CLASS="replaceable"
-><I
->ip_port</I
-></TT
+>ip_port</VAR
></SPAN
>] ; </SPAN
>]
[<SPAN
CLASS="optional"
-> zone-statistics <TT
+> zone-statistics <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> sig-validity-interval <TT
+> sig-validity-interval <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> database <TT
+> database <VAR
CLASS="replaceable"
-><I
->string</I
-></TT
+>string</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> min-refresh-time <TT
+> min-refresh-time <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-refresh-time <TT
+> max-refresh-time <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> min-retry-time <TT
+> min-retry-time <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> max-retry-time <TT
+> max-retry-time <VAR
CLASS="replaceable"
-><I
->number</I
-></TT
+>number</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> multi-master <TT
+> multi-master <VAR
CLASS="replaceable"
-><I
->yes_or_no</I
-></TT
+>yes_or_no</VAR
> ; </SPAN
>]
[<SPAN
CLASS="optional"
-> key-directory <TT
+> key-directory <VAR
CLASS="replaceable"
-><I
->path_name</I
-></TT
+>path_name</VAR
>; </SPAN
>]
></H3
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN3619"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="87"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->master</TT
+>master</VAR
></P
></TD
><TD
-WIDTH="405"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The server has a master copy of the data
for the zone and will be able to provide authoritative answers for
></TR
><TR
><TD
-WIDTH="87"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->slave</TT
+>slave</VAR
></P
></TD
><TD
-WIDTH="405"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>A slave zone is a replica of a master
zone. The <B
a needless waste of bandwidth. Note that for large numbers (in the
tens or hundreds of thousands) of zones per server, it is best to
use a two level naming scheme for zone file names. For example,
-a slave server for the zone <TT
+a slave server for the zone <VAR
CLASS="literal"
->example.com</TT
+>example.com</VAR
> might place
the zone contents into a file called
<TT
></TR
><TR
><TD
-WIDTH="87"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->stub</TT
+>stub</VAR
></P
></TD
><TD
-WIDTH="405"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>A stub zone is similar to a slave zone,
except that it replicates only the NS records of a master zone instead
of the entire zone. Stub zones are not a standard part of the DNS;
-they are a feature specific to the <SPAN
+they are a feature specific to the <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> implementation.
</P
>
>.
This usage is not recommended for new configurations, and BIND 9
supports it only in a limited way.
-In <SPAN
+In <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 4/8, zone transfers of a parent zone
included the NS records from stub children of that zone. This meant
that, in some cases, users could get away with configuring child stubs
-only in the master server for the parent zone. <SPAN
+only in the master server for the parent zone. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>
9 never mixes together zone data from different zones in this
-way. Therefore, if a <SPAN
+way. Therefore, if a <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 master serving a parent
zone has child stub zones configured, all the slave servers for the
parent zone also need to have the same child stub zones
of a given domain to use a particular set of authoritative servers.
For example, the caching name servers on a private network using
RFC1981 addressing may be configured with stub zones for
-<TT
+<VAR
CLASS="literal"
->10.in-addr.arpa</TT
+>10.in-addr.arpa</VAR
>
to use a set of internal name servers as the authoritative
servers for that domain.</P
></TR
><TR
><TD
-WIDTH="87"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->forward</TT
+>forward</VAR
></P
></TD
><TD
-WIDTH="405"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>A "forward zone" is a way to configure
forwarding on a per-domain basis. A <B
></TR
><TR
><TD
-WIDTH="87"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->hint</TT
+>hint</VAR
></P
></TD
><TD
-WIDTH="405"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The initial set of root name servers is
specified using a "hint zone". When the server starts up, it uses
></TR
><TR
><TD
-WIDTH="87"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->delegation-only</TT
+>delegation-only</VAR
></P
></TD
><TD
-WIDTH="405"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>This is used to enforce the delegation only
status of infrastructure zones (e.g. COM, NET, ORG). Any answer that
apex. This SHOULD NOT be applied to leaf zones.</P
>
<P
-><TT
+><VAR
CLASS="varname"
->delegation-only</TT
+>delegation-only</VAR
> has no effect on answers received
from forwarders.</P
></TD
></H3
><P
>The zone's name may optionally be followed by a class. If
-a class is not specified, class <TT
+a class is not specified, class <VAR
CLASS="literal"
->IN</TT
-> (for <TT
+>IN</VAR
+> (for <VAR
CLASS="varname"
->Internet</TT
+>Internet</VAR
>),
is assumed. This is correct for the vast majority of cases.</P
><P
->The <TT
+>The <VAR
CLASS="literal"
->hesiod</TT
+>hesiod</VAR
> class is
named for an information service from MIT's Project Athena. It is
used to share information about various systems databases, such
as users, groups, printers and so on. The keyword
-<TT
+<VAR
CLASS="literal"
->HS</TT
+>HS</VAR
> is
a synonym for hesiod.</P
><P
>Another MIT development is CHAOSnet, a LAN protocol created
-in the mid-1970s. Zone data for it can be specified with the <TT
+in the mid-1970s. Zone data for it can be specified with the <VAR
CLASS="literal"
->CHAOS</TT
+>CHAOS</VAR
> class.</P
></DIV
><DIV
>notify</B
> is
active for this zone. The set of machines that will receive a
-<TT
+<VAR
CLASS="literal"
->DNS NOTIFY</TT
+>DNS NOTIFY</VAR
> message
for this zone is made up of all the listed name servers (other than
the primary master) for the zone plus any IP addresses specified
as arguments to the database to be interpreted in a way specific
to the database type.</P
><P
->The default is <TT
+>The default is <KBD
CLASS="userinput"
-><B
->"rbt"</B
-></TT
+>"rbt"</KBD
>, BIND 9's native in-memory
red-black-tree database. This database does not take arguments.</P
><P
><DD
><P
>The flag only applies to hint and stub zones. If set
-to <TT
+to <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
> then the zone will also be treated as if it
is also a delegation-only type zone.
</P
></DT
><DD
><P
->Was used in <SPAN
+>Was used in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8 to specify the name
of the transaction log (journal) file for dynamic update and IXFR.
-<SPAN
+<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 ignores the option and constructs the name of the journal
file by appending "<TT
CLASS="filename"
></DT
><DD
><P
->Was an undocumented option in <SPAN
+>Was an undocumented option in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8.
-Ignored in <SPAN
+Ignored in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9.</P
></DD
><DT
></DT
><DD
><P
->In <SPAN
+>In <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 8, this option was intended for specifying
a public zone key for verification of signatures in DNSSEC signed
-zones when they are loaded from disk. <SPAN
+zones when they are loaded from disk. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 does not verify signatures
on load and ignores the option.</P
></DD
></DT
><DD
><P
->If <TT
+>If <KBD
CLASS="userinput"
-><B
->yes</B
-></TT
+>yes</KBD
>, the server will keep statistical
information for this zone, which can be dumped to the
<B
>6.2.24.4. Dynamic Update Policies</A
></H3
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 supports two alternative methods of granting clients
the right to perform dynamic updates to a zone,
configured by the <B
CLASS="command"
>allow-update</B
> clause works the same
-way as in previous versions of <SPAN
+way as in previous versions of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>. It grants given clients the
permission to update any record of any name in the zone.</P
><P
>The <B
CLASS="command"
>update-policy</B
-> clause is new in <SPAN
+> clause is new in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>
9 and allows more fine-grained control over what updates are allowed.
A set of rules is specified, where each rule either grants or denies
> | <B
CLASS="command"
>deny</B
-> ) <TT
+> ) <VAR
CLASS="replaceable"
-><I
->identity</I
-></TT
-> <TT
+>identity</VAR
+> <VAR
CLASS="replaceable"
-><I
->nametype</I
-></TT
-> <TT
+>nametype</VAR
+> <VAR
CLASS="replaceable"
-><I
->name</I
-></TT
+>name</VAR
> [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->types</I
-></TT
+>types</VAR
> </SPAN
>]
</PRE
is the name of the TSIG or SIG(0) key used to sign the update request. When a
TKEY exchange has been used to create a shared secret, the identity of the
shared secret is the same as the identity of the key used to authenticate the
-TKEY exchange. When the <TT
+TKEY exchange. When the <VAR
CLASS="replaceable"
-><I
->identity</I
-></TT
+>identity</VAR
> field specifies a
wildcard name, it is subject to DNS wildcard expansion, so the rule will apply
-to multiple identities. The <TT
+to multiple identities. The <VAR
CLASS="replaceable"
-><I
->identity</I
-></TT
+>identity</VAR
> field must
contain a fully qualified domain name.</P
><P
->The <TT
+>The <VAR
CLASS="replaceable"
-><I
->nametype</I
-></TT
+>nametype</VAR
> field has 4 values:
-<TT
+<VAR
CLASS="varname"
->name</TT
->, <TT
+>name</VAR
+>, <VAR
CLASS="varname"
->subdomain</TT
+>subdomain</VAR
>,
-<TT
+<VAR
CLASS="varname"
->wildcard</TT
->, and <TT
+>wildcard</VAR
+>, and <VAR
CLASS="varname"
->self</TT
+>self</VAR
>.
</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN3974"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="79"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->name</TT
+>name</VAR
></P
></TD
><TD
-WIDTH="353"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Exact-match semantics. This rule matches when the
name being updated is identical to the contents of the
-<TT
+<VAR
CLASS="replaceable"
-><I
->name</I
-></TT
+>name</VAR
> field.</P
></TD
></TR
><TR
><TD
-WIDTH="79"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->subdomain</TT
+>subdomain</VAR
></P
></TD
><TD
-WIDTH="353"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>This rule matches when the name being updated
is a subdomain of, or identical to, the contents of the
-<TT
+<VAR
CLASS="replaceable"
-><I
->name</I
-></TT
+>name</VAR
> field.</P
></TD
></TR
><TR
><TD
-WIDTH="79"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->wildcard</TT
+>wildcard</VAR
></P
></TD
><TD
-WIDTH="353"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
->The <TT
+>The <VAR
CLASS="replaceable"
-><I
->name</I
-></TT
+>name</VAR
> field is
subject to DNS wildcard expansion, and this rule matches when the name
being updated name is a valid expansion of the wildcard.</P
></TR
><TR
><TD
-WIDTH="79"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="varname"
->self</TT
+>self</VAR
></P
></TD
><TD
-WIDTH="353"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>This rule matches when the name being updated
-matches the contents of the <TT
+matches the contents of the <VAR
CLASS="replaceable"
-><I
->identity</I
-></TT
+>identity</VAR
> field.
-The <TT
+The <VAR
CLASS="replaceable"
-><I
->name</I
-></TT
+>name</VAR
> field is ignored, but should be
-the same as the <TT
+the same as the <VAR
CLASS="replaceable"
-><I
->identity</I
-></TT
+>identity</VAR
> field. The
-<TT
+<VAR
CLASS="varname"
->self</TT
+>self</VAR
> nametype is most useful when allowing using
one key per name to update, where the key has the same name as the name
-to be updated. The <TT
+to be updated. The <VAR
CLASS="replaceable"
-><I
->identity</I
-></TT
+>identity</VAR
> would be
-specified as <TT
+specified as <CODE
CLASS="constant"
->*</TT
+>*</CODE
> in this case.</P
></TD
></TR
></P
></DIV
><P
->In all cases, the <TT
+>In all cases, the <VAR
CLASS="replaceable"
-><I
->name</I
-></TT
+>name</VAR
> field must
specify a fully qualified domain name.</P
><P
>The components of a Resource Record are:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4026"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="96"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>owner name</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>the domain name where the RR is found.</P
></TD
></TR
><TR
><TD
-WIDTH="96"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>type</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>an encoded 16 bit value that specifies
the type of the resource record.</P
></TR
><TR
><TD
-WIDTH="96"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>TTL</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>the time to live of the RR. This field
is a 32 bit integer in units of seconds, and is primarily used by
></TR
><TR
><TD
-WIDTH="96"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>class</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>an encoded 16 bit value that identifies
a protocol family or instance of a protocol.</P
></TR
><TR
><TD
-WIDTH="96"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>RDATA</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>the resource data. The format of the
data is type (and sometimes class) specific.</P
> of valid RRs:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4058"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>A</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>a host address. In the IN class, this is a
32-bit IP address. Described in RFC 1035.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>AAAA</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>IPv6 address. Described in RFC 1886.</P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>A6</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>IPv6 address. This can be a partial
address (a suffix) and an indirection to the name where the rest of the
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>AFSDB</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>location of AFS database servers.
Experimental. Described in RFC 1183.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>APL</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>address prefix list. Experimental.
Described in RFC 3123.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>CERT</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>holds a digital certificate.
Described in RFC 2538.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>CNAME</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>identifies the canonical name of an alias.
Described in RFC 1035.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>DNAME</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Replaces the domain name specified with
another name to be looked up, effectively aliasing an entire
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>GPOS</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Specifies the global position. Superseded by LOC.</P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>HINFO</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>identifies the CPU and OS used by a host.
Described in RFC 1035.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>ISDN</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>representation of ISDN addresses.
Experimental. Described in RFC 1183.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>KEY</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>stores a public key associated with a
DNS name. Described in RFC 2535.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>KX</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>identifies a key exchanger for this
DNS name. Described in RFC 2230.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>LOC</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>for storing GPS info. Described in RFC 1876.
Experimental.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>MX</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>identifies a mail exchange for the domain.
a 16 bit preference value (lower is better)
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>NAPTR</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>name authority pointer. Described in RFC 2915.</P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>NSAP</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>a network service access point.
Described in RFC 1706.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>NS</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>the authoritative name server for the
domain. Described in RFC 1035.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>NXT</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>used in DNSSEC to securely indicate that
RRs with an owner name in a certain name interval do not exist in
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>PTR</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>a pointer to another part of the domain
name space. Described in RFC 1035.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>PX</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>provides mappings between RFC 822 and X.400
addresses. Described in RFC 2163.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>RP</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>information on persons responsible
for the domain. Experimental. Described in RFC 1183.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>RT</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>route-through binding for hosts that
do not have their own direct wide area network addresses.
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>SIG</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>("signature") contains data authenticated
in the secure DNS. Described in RFC 2535.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>SOA</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>identifies the start of a zone of authority.
Described in RFC 1035.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>SRV</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>information about well known network
services (replaces WKS). Described in RFC 2782.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>TXT</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>text records. Described in RFC 1035.</P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>WKS</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>information about which well known
network services, such as SMTP, that a domain supports. Historical.
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>X25</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>representation of X.25 network addresses.
Experimental. Described in RFC 1183.</P
are currently valid in the DNS:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4210"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>IN</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The Internet.</P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>CH</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
> CHAOSnet, a LAN protocol created at MIT in the mid-1970s.
Rarely used for its historical purpose, but reused for BIND's
built-in server information zones, e.g.,
-<TT
+<VAR
CLASS="literal"
->version.bind</TT
+>version.bind</VAR
>.
</P
></TD
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>HS</P
></TD
><TD
-WIDTH="348"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
> Hesiod, an information service
developed by MIT's Project Athena. It is used to share information
>For example, we might show the RRs carried in a message as:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4241"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="133"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->ISI.EDU.</TT
+>ISI.EDU.</VAR
></P
></TD
><TD
-WIDTH="98"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->MX</TT
+>MX</VAR
></P
></TD
><TD
-WIDTH="202"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10 VENERA.ISI.EDU.</TT
+>10 VENERA.ISI.EDU.</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="133"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="98"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->MX</TT
+>MX</VAR
></P
></TD
><TD
-WIDTH="202"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10 VAXA.ISI.EDU</TT
+>10 VAXA.ISI.EDU</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="133"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->VENERA.ISI.EDU</TT
+>VENERA.ISI.EDU</VAR
></P
></TD
><TD
-WIDTH="98"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="202"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->128.9.0.32</TT
+>128.9.0.32</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="133"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="98"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="202"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10.1.0.52</TT
+>10.1.0.52</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="133"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->VAXA.ISI.EDU</TT
+>VAXA.ISI.EDU</VAR
></P
></TD
><TD
-WIDTH="98"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="202"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10.2.0.27</TT
+>10.2.0.27</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="133"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="98"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="202"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->128.9.0.33</TT
+>128.9.0.33</VAR
></P
></TD
></TR
>Similarly we might see:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4307"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="143"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->XX.LCS.MIT.EDU. IN</TT
+>XX.LCS.MIT.EDU. IN</VAR
></P
></TD
><TD
-WIDTH="102"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="198"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10.0.0.44</TT
+>10.0.0.44</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="143"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->CH</TT
+>CH</VAR
></P
></TD
><TD
-WIDTH="102"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="198"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->MIT.EDU. 2420</TT
+>MIT.EDU. 2420</VAR
></P
></TD
></TR
></P
></DIV
><P
->This example shows two addresses for <TT
+>This example shows two addresses for <VAR
CLASS="literal"
->XX.LCS.MIT.EDU</TT
+>XX.LCS.MIT.EDU</VAR
>,
each of a different class.</P
></DIV
pointed to by the CNAME.</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4341"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="164"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->example.com.</TT
+>example.com.</VAR
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN</TT
+>IN</VAR
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->MX</TT
+>MX</VAR
></P
></TD
><TD
-WIDTH="94"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10</TT
+>10</VAR
></P
></TD
><TD
-WIDTH="149"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->mail.example.com.</TT
+>mail.example.com.</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="164"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN</TT
+>IN</VAR
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->MX</TT
+>MX</VAR
></P
></TD
><TD
-WIDTH="94"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10</TT
+>10</VAR
></P
></TD
><TD
-WIDTH="149"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->mail2.example.com.</TT
+>mail2.example.com.</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="164"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN</TT
+>IN</VAR
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->MX</TT
+>MX</VAR
></P
></TD
><TD
-WIDTH="94"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->20</TT
+>20</VAR
></P
></TD
><TD
-WIDTH="149"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->mail.backup.org.</TT
+>mail.backup.org.</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="164"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->mail.example.com.</TT
+>mail.example.com.</VAR
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN</TT
+>IN</VAR
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="94"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10.0.0.1</TT
+>10.0.0.1</VAR
></P
></TD
><TD
-WIDTH="149"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
></TR
><TR
><TD
-WIDTH="164"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->mail2.example.com.</TT
+>mail2.example.com.</VAR
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN</TT
+>IN</VAR
></P
></TD
><TD
-WIDTH="43"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->A</TT
+>A</VAR
></P
></TD
><TD
-WIDTH="94"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->10.0.0.2</TT
+>10.0.0.2</VAR
></P
></TD
><TD
-WIDTH="149"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><P
>For example:</P
><P
->Mail delivery will be attempted to <TT
+>Mail delivery will be attempted to <VAR
CLASS="literal"
->mail.example.com</TT
+>mail.example.com</VAR
> and
-<TT
+<VAR
CLASS="literal"
->mail2.example.com</TT
+>mail2.example.com</VAR
> (in
-any order), and if neither of those succeed, delivery to <TT
+any order), and if neither of those succeed, delivery to <VAR
CLASS="literal"
->mail.backup.org</TT
+>mail.backup.org</VAR
> will
be attempted.</P
></DIV
used in a zone file.</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4433"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>SOA</P
></TD
><TD
-WIDTH="420"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The last field in the SOA is the negative
caching TTL. This controls how long other servers will cache no-such-domain
></TR
><TR
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>$TTL</P
></TD
><TD
-WIDTH="420"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>The $TTL directive at the top of the
zone file (before the SOA) gives a default TTL for every RR without
></TR
><TR
><TD
-WIDTH="72"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>RR TTLs</P
></TD
><TD
-WIDTH="420"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Each RR can have a TTL as the second
field in the RR, which will control how long other servers can cache
></DIV
><P
>All of these TTLs default to units of seconds, though units
-can be explicitly specified, for example, <TT
+can be explicitly specified, for example, <VAR
CLASS="literal"
->1h30m</TT
+>1h30m</VAR
>. </P
></DIV
><DIV
>] domain:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4461"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->$ORIGIN</TT
+>$ORIGIN</VAR
></P
></TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->2.1.10.in-addr.arpa</TT
+>2.1.10.in-addr.arpa</VAR
></P
></TD
></TR
><TR
><TD
-WIDTH="108"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->3</TT
+>3</VAR
></P
></TD
><TD
-WIDTH="384"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
-><TT
+><VAR
CLASS="literal"
->IN PTR foo.example.com.</TT
+>IN PTR foo.example.com.</VAR
></P
></TD
></TR
CLASS="command"
>$ORIGIN
</B
-><TT
+><VAR
CLASS="replaceable"
-><I
->domain-name</I
-></TT
+>domain-name</VAR
> [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->comment</I
-></TT
+>comment</VAR
></SPAN
>]</P
><P
in there is an implicit <B
CLASS="command"
>$ORIGIN</B
-> <<TT
+> <<VAR
CLASS="varname"
->zone-name</TT
+>zone-name</VAR
>><B
CLASS="command"
>.</B
> argument if it is not absolute.</P
><PRE
CLASS="programlisting"
-><TT
+><VAR
CLASS="literal"
>$ORIGIN example.com.
-WWW CNAME MAIN-SERVER</TT
+WWW CNAME MAIN-SERVER</VAR
></PRE
><P
>is equivalent to</P
><PRE
CLASS="programlisting"
-><TT
+><VAR
CLASS="literal"
->WWW.EXAMPLE.COM. CNAME MAIN-SERVER.EXAMPLE.COM.</TT
+>WWW.EXAMPLE.COM. CNAME MAIN-SERVER.EXAMPLE.COM.</VAR
></PRE
></DIV
><DIV
CLASS="command"
>$INCLUDE</B
>
-<TT
+<VAR
CLASS="replaceable"
-><I
->filename</I
-></TT
+>filename</VAR
> [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->origin</I
-></TT
+>origin</VAR
> </SPAN
>] [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->comment</I
-></TT
+>comment</VAR
> </SPAN
>]</P
><P
CLASS="command"
>$TTL</B
>
-<TT
+<VAR
CLASS="replaceable"
-><I
->default-ttl</I
-></TT
+>default-ttl</VAR
> [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->comment</I
-></TT
+>comment</VAR
> </SPAN
>]</P
><P
CLASS="sect2"
><A
NAME="AEN4541"
->6.3.6. <SPAN
+>6.3.6. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> Master File Extension: the <B
CLASS="command"
>$GENERATE</B
>Syntax: <B
CLASS="command"
>$GENERATE</B
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->range</I
-></TT
-> <TT
+>range</VAR
+> <VAR
CLASS="replaceable"
-><I
->lhs</I
-></TT
+>lhs</VAR
> [<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->ttl</I
-></TT
+>ttl</VAR
></SPAN
>] [<SPAN
CLASS="optional"
-><TT
+><VAR
CLASS="replaceable"
-><I
->class</I
-></TT
+>class</VAR
></SPAN
->] <TT
+>] <VAR
CLASS="replaceable"
-><I
->type</I
-></TT
-> <TT
+>type</VAR
+> <VAR
CLASS="replaceable"
-><I
->rhs</I
-></TT
+>rhs</VAR
> [<SPAN
CLASS="optional"
-> <TT
+> <VAR
CLASS="replaceable"
-><I
->comment</I
-></TT
+>comment</VAR
> </SPAN
>]</P
><P
delegation.</P
><PRE
CLASS="programlisting"
-><TT
+><VAR
CLASS="literal"
>$ORIGIN 0.0.192.IN-ADDR.ARPA.
$GENERATE 1-2 0 NS SERVER$.EXAMPLE.
-$GENERATE 1-127 $ CNAME $.0</TT
+$GENERATE 1-127 $ CNAME $.0</VAR
></PRE
><P
>is equivalent to</P
><PRE
CLASS="programlisting"
-><TT
+><VAR
CLASS="literal"
>0.0.0.192.IN-ADDR.ARPA NS SERVER1.EXAMPLE.
0.0.0.192.IN-ADDR.ARPA. NS SERVER2.EXAMPLE.
2.0.0.192.IN-ADDR.ARPA. CNAME 2.0.0.0.192.IN-ADDR.ARPA.
...
127.0.0.192.IN-ADDR.ARPA. CNAME 127.0.0.0.192.IN-ADDR.ARPA.
-</TT
+</VAR
></PRE
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4565"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="408"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>This can be one of two forms: start-stop
or start-stop/step. If the first form is used then step is set to
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="408"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="408"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="408"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="408"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>At present the only supported types are
PTR, CNAME, DNAME, A, AAAA and NS.</P
></TR
><TR
><TD
-WIDTH="84"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><B
CLASS="command"
></P
></TD
><TD
-WIDTH="408"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>rhs is a domain name. It is processed
similarly to lhs.</P
>The <B
CLASS="command"
>$GENERATE</B
-> directive is a <SPAN
+> directive is a <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> extension
and not part of the standard zone file format.</P
><P
WIDTH="33%"
ALIGN="left"
VALIGN="top"
->The <SPAN
+>The <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Lightweight Resolver</TD
><TD
WIDTH="34%"
WIDTH="33%"
ALIGN="right"
VALIGN="top"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Security Considerations</TD
></TR
></TABLE
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>BIND 9 Security Considerations</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch07"
->Chapter 7. <SPAN
+></A
+>Chapter 7. <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> 9 Security Considerations</A
-></H1
+>BIND</ACRONYM
+> 9 Security Considerations</H1
><DIV
CLASS="TOC"
><DL
UNIX servers)</A
></H1
><P
->On UNIX servers, it is possible to run <SPAN
+>On UNIX servers, it is possible to run <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> in a <SPAN
CLASS="emphasis"
><I
(<B
CLASS="command"
>chroot()</B
->) by specifying the "<TT
+>) by specifying the "<VAR
CLASS="option"
->-t</TT
+>-t</VAR
>"
-option. This can help improve system security by placing <SPAN
+option. This can help improve system security by placing <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> in
a "sandbox", which will limit the damage done if a server is compromised.</P
><P
->Another useful feature in the UNIX version of <SPAN
+>Another useful feature in the UNIX version of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> is the
-ability to run the daemon as an unprivileged user ( <TT
+ability to run the daemon as an unprivileged user ( <VAR
CLASS="option"
->-u</TT
-> <TT
+>-u</VAR
+> <VAR
CLASS="replaceable"
-><I
->user</I
-></TT
+>user</VAR
> ).
We suggest running as an unprivileged user when using the <B
CLASS="command"
>chroot</B
> feature.</P
><P
->Here is an example command line to load <SPAN
+>Here is an example command line to load <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> in a <B
CLASS="command"
>chroot()</B
> to
user 202:</P
><P
-><TT
+><KBD
CLASS="userinput"
-><B
->/usr/local/bin/named -u 202 -t /var/named</B
-></TT
+>/usr/local/bin/named -u 202 -t /var/named</KBD
></P
><DIV
CLASS="sect2"
>/var/named</TT
>),
you will need to set up an environment that includes everything
-<SPAN
+<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> needs to run.
-From <SPAN
+From <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>'s point of view, <TT
CLASS="filename"
>/var/named</TT
>chown</B
> utility (to
set the user id and/or group id) on files
-to which you want <SPAN
+to which you want <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>
to write. Note that if the <B
CLASS="command"
><P
>Access to the dynamic
update facility should be strictly limited. In earlier versions of
-<SPAN
+<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> the only way to do this was based on the IP
address of the host requesting the update, by listing an IP address or
network prefix in the <B
WIDTH="33%"
ALIGN="left"
VALIGN="top"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Configuration Reference</TD
><TD
WIDTH="34%"
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Troubleshooting</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch08"
->Chapter 8. Troubleshooting</A
-></H1
+></A
+>Chapter 8. Troubleshooting</H1
><DIV
CLASS="TOC"
><DL
>8.3. Where Can I Get Help?</A
></H1
><P
->The Internet Software Consortium (<SPAN
+>The Internet Software Consortium (<ACRONYM
CLASS="acronym"
->ISC</SPAN
+>ISC</ACRONYM
>) offers a wide range
- of support and service agreements for <SPAN
+ of support and service agreements for <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> and <SPAN
+>BIND</ACRONYM
+> and <ACRONYM
CLASS="acronym"
->DHCP</SPAN
+>DHCP</ACRONYM
> servers. Four
levels of premium support are available and each level includes
- support for all <SPAN
+ support for all <ACRONYM
CLASS="acronym"
->ISC</SPAN
+>ISC</ACRONYM
> programs, significant discounts on products
and training, and a recognized priority on bug fixes and
- non-funded feature requests. In addition, <SPAN
+ non-funded feature requests. In addition, <ACRONYM
CLASS="acronym"
->ISC</SPAN
+>ISC</ACRONYM
> offers a standard
support agreement package which includes services ranging from bug
fix announcements to remote support. It also includes training in
- <SPAN
+ <ACRONYM
CLASS="acronym"
->BIND</SPAN
-> and <SPAN
+>BIND</ACRONYM
+> and <ACRONYM
CLASS="acronym"
->DHCP</SPAN
+>DHCP</ACRONYM
>.</P
><P
>To discuss arrangements for support, contact
TARGET="_top"
>info@isc.org</A
> or visit the
- <SPAN
+ <ACRONYM
CLASS="acronym"
->ISC</SPAN
+>ISC</ACRONYM
> web page at <A
HREF="http://www.isc.org/services/support/"
TARGET="_top"
WIDTH="33%"
ALIGN="left"
VALIGN="top"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Security Considerations</TD
><TD
WIDTH="34%"
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Appendices</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
><H1
><A
NAME="ch09"
->Appendix A. Appendices</A
-></H1
+></A
+>Appendix A. Appendices</H1
><DIV
CLASS="TOC"
><DL
><DT
>A.2. <A
HREF="Bv9ARM.ch09.html#historical_dns_information"
->General <SPAN
+>General <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Reference Information</A
></DT
><DT
CLASS="sect2"
><A
NAME="AEN4748"
->A.1.1. A Brief History of the <SPAN
+>A.1.1. A Brief History of the <ACRONYM
CLASS="acronym"
->DNS</SPAN
-> and <SPAN
+>DNS</ACRONYM
+> and <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
></A
></H2
><P
incorporate improvements based on the working model. RFC 1034,
"Domain Names-Concepts and Facilities", and RFC 1035, "Domain
Names-Implementation and Specification" were published and
- became the standards upon which all <SPAN
+ became the standards upon which all <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> implementations are
built.
</P
written in 1983-84 by Paul Mockapetris for operation on DEC Tops-20
machines located at the University of Southern California's Information
Sciences Institute (USC-ISI) and SRI International's Network Information
-Center (SRI-NIC). A <SPAN
+Center (SRI-NIC). A <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> server for Unix machines, the Berkeley Internet
-Name Domain (<SPAN
+Name Domain (<ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>) package, was written soon after by a group of
graduate students at the University of California at Berkeley under
a grant from the US Defense Advanced Research Projects Administration
-(DARPA). Versions of <SPAN
+(DARPA). Versions of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> through 4.8.3 were maintained by the Computer
Systems Research Group (CSRG) at UC Berkeley. Douglas Terry, Mark
-Painter, David Riggle and Songnian Zhou made up the initial <SPAN
+Painter, David Riggle and Songnian Zhou made up the initial <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>
project team. After that, additional work on the software package
was done by Ralph Campbell. Kevin Dunlap, a Digital Equipment Corporation
-employee on loan to the CSRG, worked on <SPAN
+employee on loan to the CSRG, worked on <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> for 2 years, from 1985
-to 1987. Many other people also contributed to <SPAN
+to 1987. Many other people also contributed to <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> development
during that time: Doug Kingston, Craig Partridge, Smoot Carl-Mitchell,
-Mike Muuss, Jim Bloom and Mike Schwartz. <SPAN
+Mike Muuss, Jim Bloom and Mike Schwartz. <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> maintenance was subsequently
handled by Mike Karels and O. Kure.</P
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> versions 4.9 and 4.9.1 were released by Digital Equipment
Corporation (now Compaq Computer Corporation). Paul Vixie, then
-a DEC employee, became <SPAN
+a DEC employee, became <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>'s primary caretaker. Paul was assisted
by Phil Almquist, Robert Elz, Alan Barrett, Paul Albitz, Bryan Beecher, Andrew
Partan, Andy Cherenson, Tom Limoncelli, Berthold Paffrath, Fuat
Baran, Anant Kumar, Art Harkin, Win Treese, Don Lewis, Christophe
Wolfhugel, and others.</P
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> Version 4.9.2 was sponsored by Vixie Enterprises. Paul
-Vixie became <SPAN
+Vixie became <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
>'s principal architect/programmer.</P
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> versions from 4.9.3 onward have been developed and maintained
by the Internet Software Consortium with support being provided
by ISC's sponsors. As co-architects/programmers, Bob Halley and
-Paul Vixie released the first production-ready version of <SPAN
+Paul Vixie released the first production-ready version of <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> version
8 in May 1997.</P
><P
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> development work is made possible today by the sponsorship
of several corporations, and by the tireless work efforts of numerous
individuals.</P
CLASS="sect1"
><A
NAME="historical_dns_information"
->A.2. General <SPAN
+>A.2. General <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Reference Information</A
></H1
><DIV
></H2
><P
>IPv6 addresses are 128-bit identifiers for interfaces and
-sets of interfaces which were introduced in the <SPAN
+sets of interfaces which were introduced in the <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> to facilitate
scalable Internet routing. There are three types of addresses: <SPAN
CLASS="emphasis"
>The aggregatable global Unicast address format is as follows:</P
><DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4784"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="46"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>3</P
></TD
><TD
-WIDTH="48"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>13</P
></TD
><TD
-WIDTH="50"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>8</P
></TD
><TD
-WIDTH="70"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>24</P
></TD
><TD
-WIDTH="129"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>16</P
></TD
><TD
-WIDTH="243"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>64 bits</P
></TD
></TR
><TR
><TD
-WIDTH="46"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>FP</P
></TD
><TD
-WIDTH="48"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>TLA ID</P
></TD
><TD
-WIDTH="50"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>RES</P
></TD
><TD
-WIDTH="70"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>NLA ID</P
></TD
><TD
-WIDTH="129"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>SLA ID</P
></TD
><TD
-WIDTH="243"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Interface ID</P
></TD
><TR
><TD
COLSPAN="4"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><------ Public Topology
------></P
></TD
><TD
-WIDTH="129"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="243"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
></TR
><TR
><TD
-WIDTH="46"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="48"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="50"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="70"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="129"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><-Site Topology-></P
></TD
><TD
-WIDTH="243"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
></TR
><TR
><TD
-WIDTH="46"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="48"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="50"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="70"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="129"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
></P
></TD
><TD
-WIDTH="243"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
><------ Interface Identifier ------></P
></TD
>Where
<DIV
CLASS="informaltable"
+><P
+></P
><A
NAME="AEN4853"
></A
-><P
-></P
><TABLE
CELLPADDING="3"
BORDER="1"
><TBODY
><TR
><TD
-WIDTH="132"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>FP</P
></TD
><TD
-WIDTH="24"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>=</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Format Prefix (001)</P
></TD
></TR
><TR
><TD
-WIDTH="132"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>TLA ID</P
></TD
><TD
-WIDTH="24"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>=</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Top-Level Aggregation Identifier</P
></TD
></TR
><TR
><TD
-WIDTH="132"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>RES</P
></TD
><TD
-WIDTH="24"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>=</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Reserved for future use</P
></TD
></TR
><TR
><TD
-WIDTH="132"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>NLA ID</P
></TD
><TD
-WIDTH="24"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>=</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Next-Level Aggregation Identifier</P
></TD
></TR
><TR
><TD
-WIDTH="132"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>SLA ID</P
></TD
><TD
-WIDTH="24"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>=</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Site-Level Aggregation Identifier</P
></TD
></TR
><TR
><TD
-WIDTH="132"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>INTERFACE ID</P
></TD
><TD
-WIDTH="24"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>=</P
></TD
><TD
-WIDTH="336"
-ALIGN="LEFT"
-VALIGN="MIDDLE"
><P
>Interface Identifier</P
></TD
></H2
><P
>Specification documents for the Internet protocol suite, including
-the <SPAN
+the <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
>, are published as part of the Request for Comments (RFCs)
series of technical notes. The standards themselves are defined
by the Internet Engineering Task Force (IETF) and the Internet Engineering
<A
HREF="ftp://www.isi.edu/in-notes/"
TARGET="_top"
->ftp://www.isi.edu/in-notes/RFC<TT
+>ftp://www.isi.edu/in-notes/RFC<VAR
CLASS="replaceable"
-><I
->xxx</I
-></TT
+>xxx</VAR
>.txt</A
-> (where <TT
+> (where <VAR
CLASS="replaceable"
-><I
->xxx</I
-></TT
+>xxx</VAR
> is
the number of the RFC). RFCs are also available via the Web at
<A
>, January 1986.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, November 1987.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, November 1987.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><H2
CLASS="AUTHOR"
>R., R. Bush Elz</SPAN
>, <I
->Clarifications to the <SPAN
+>Clarifications to the <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Specification</I
>, July 1997.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>M. Andrews</SPAN
>, <I
->Negative Caching of <SPAN
+>Negative Caching of <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Queries</I
>, March 1998.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>M. Ohta</SPAN
>, <I
->Incremental Zone Transfer in <SPAN
+>Incremental Zone Transfer in <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
></I
>, August 1996.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, August 1996.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, April 1997.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>and B. Wellington</SPAN
>, <I
->Secret Key Transaction Authentication for <SPAN
+>Secret Key Transaction Authentication for <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> (TSIG)</I
>, May 2000.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><H2
CLASS="AUTHOR"
>and C. Huitema</SPAN
>, <I
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Extensions to support IP version 6</I
>, December 1995.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, January 1997.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, April 1997.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><H2
CLASS="bibliodiv"
><A
NAME="AEN5051"
->Other Important RFCs About <SPAN
+>Other Important RFCs About <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Implementation</A
></H2
><DIV
CLASS="AUTHOR"
>E. Gavron</SPAN
>, <I
->A Security Problem and Proposed Correction With Widely Deployed <SPAN
+>A Security Problem and Proposed Correction With Widely Deployed <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Software.</I
>, October 1993.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>and S. Miller</SPAN
>, <I
->Common <SPAN
+>Common <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Implementation Errors and Suggested Fixes</I
>, October 1993.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, August 1996.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><H2
CLASS="AUTHOR"
>and P. Mockapetris</SPAN
>, <I
->New <SPAN
+>New <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> RR Definitions</I
>, October 1990.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>and R. Colella</SPAN
>, <I
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> NSAP Resource Records</I
>, October 1994.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, June 1997.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, January 1996.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>and P. Vixie</SPAN
>, <I
->A <SPAN
+>A <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> RR for Specifying the Location of
Services.</I
>, October 1996.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>A. Allocchio</SPAN
>, <I
->Using the Internet <SPAN
+>Using the Internet <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> to Distribute MIXER
Conformant Global Address Mapping</I
>, January 1998.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>R. Atkinson</SPAN
>, <I
->Key Exchange Delegation Record for the <SPAN
+>Key Exchange Delegation Record for the <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
></I
>, October 1997.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><H2
CLASS="bibliodiv"
><A
NAME="AEN5182"
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> and the Internet</A
></H2
><DIV
CLASS="AUTHOR"
>P. V. Mockapetris</SPAN
>, <I
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Encoding of Network Names and Other Types</I
>, April 1989.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, October 1989.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, March 1994.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, March 1998.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><H2
CLASS="bibliodiv"
><A
NAME="AEN5221"
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Operations</A
></H2
><DIV
CLASS="AUTHOR"
>P. Beertema</SPAN
>, <I
->Common <SPAN
+>Common <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Data File Configuration Errors</I
>, October 1993.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>D. Barr</SPAN
>, <I
->Common <SPAN
+>Common <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Operational and Configuration Errors</I
>, February 1996.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, October 1996.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>and R. Wright</SPAN
>, <I
->Use of <SPAN
+>Use of <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Aliases for Network Services.</I
>, October 1997.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><H2
CLASS="bibliodiv"
><A
NAME="AEN5263"
->Other <SPAN
+>Other <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
>-related RFCs</A
></H2
><DIV
>, May 1993.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>A. Romao</SPAN
>, <I
->Tools for <SPAN
+>Tools for <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Debugging</I
>, November 1994.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
CLASS="AUTHOR"
>T. Brisco</SPAN
>, <I
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Support for Load Balancing</I
>, April 1995.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, November 1997.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, May 1998.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><DIV
>, May 1998.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
><H2
CLASS="AUTHOR"
>and D. Baldoni</SPAN
>, <I
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Encoding of Geographical
Location</I
>, November 1994.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
></DIV
CLASS="sect2"
><A
NAME="AEN5343"
->A.3.3. Other Documents About <SPAN
+>A.3.3. Other Documents About <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
></A
></H2
><P
CLASS="AUTHOR"
>and Cricket Liu</SPAN
>, <I
-><SPAN
+><ACRONYM
CLASS="acronym"
->DNS</SPAN
-> and <SPAN
+>DNS</ACRONYM
+> and <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
></I
>, 1998.</P
><DIV
CLASS="BIBLIOENTRYBLOCK"
-STYLE="margin-left=0.5in"
+STYLE="margin-left: 0.5in"
></DIV
></DIV
></DIV
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>BIND 9 Administrator Reference Manual</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="NEXT"
TITLE="Introduction "
HREF="Bv9ARM.ch01.html"></HEAD
></H1
><P
CLASS="copyright"
->Copyright © 2004 by Internet Systems Consortium, Inc. ("ISC")</P
+>Copyright © 2004 Internet Systems Consortium, Inc. ("ISC")</P
><P
CLASS="copyright"
->Copyright © 2000-2003 by Internet Software Consortium</P
+>Copyright © 2000-2003 Internet Software Consortium</P
><HR></DIV
><DIV
CLASS="TOC"
><DT
>1.4. <A
HREF="Bv9ARM.ch01.html#AEN107"
->The Domain Name System (<SPAN
+>The Domain Name System (<ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
>)</A
></DT
><DD
><DT
>2. <A
HREF="Bv9ARM.ch02.html"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> Resource Requirements</A
></DT
><DD
><DT
>4.9. <A
HREF="Bv9ARM.ch04.html#AEN1001"
->IPv6 Support in <SPAN
+>IPv6 Support in <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9</A
></DT
><DD
><DT
>5. <A
HREF="Bv9ARM.ch05.html"
->The <SPAN
+>The <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Lightweight Resolver</A
></DT
><DD
><DT
>6. <A
HREF="Bv9ARM.ch06.html"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Configuration Reference</A
></DT
><DD
><DT
>6.3.6. <A
HREF="Bv9ARM.ch06.html#AEN4541"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> Master File Extension: the <B
CLASS="command"
>$GENERATE</B
><DT
>7. <A
HREF="Bv9ARM.ch07.html"
-><SPAN
+><ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
> 9 Security Considerations</A
></DT
><DD
><DT
>A.1.1. <A
HREF="Bv9ARM.ch09.html#AEN4748"
->A Brief History of the <SPAN
+>A Brief History of the <ACRONYM
CLASS="acronym"
->DNS</SPAN
-> and <SPAN
+>DNS</ACRONYM
+> and <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
></A
></DT
></DL
><DT
>A.2. <A
HREF="Bv9ARM.ch09.html#historical_dns_information"
->General <SPAN
+>General <ACRONYM
CLASS="acronym"
->DNS</SPAN
+>DNS</ACRONYM
> Reference Information</A
></DT
><DD
><DT
>A.3.3. <A
HREF="Bv9ARM.ch09.html#AEN5343"
->Other Documents About <SPAN
+>Other Documents About <ACRONYM
CLASS="acronym"
->BIND</SPAN
+>BIND</ACRONYM
></A
></DT
></DL
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres.html,v 1.4.2.1.4.1 2004/03/06 08:15:37 marka Exp $ -->
+<!-- $Id: lwres.html,v 1.4.2.1.4.2 2004/08/22 23:39:02 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres</A
-></H1
+></A
+>lwres</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN12"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwres.h></PRE
><P
>The lwresd library implements multiple name service APIs.
The standard
-<TT
+<CODE
CLASS="FUNCTION"
->gethostbyname()</TT
+>gethostbyname()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->gethostbyaddr()</TT
+>gethostbyaddr()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->gethostbyname_r()</TT
+>gethostbyname_r()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->gethostbyaddr_r()</TT
+>gethostbyaddr_r()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->getaddrinfo()</TT
+>getaddrinfo()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->getipnodebyname()</TT
+>getipnodebyname()</CODE
>,
and
-<TT
+<CODE
CLASS="FUNCTION"
->getipnodebyaddr()</TT
+>getipnodebyaddr()</CODE
>
functions are all supported. To allow the lwres library to coexist
with system libraries that define functions of the same name,
the library defines these functions with names prefixed by
-<TT
+<VAR
CLASS="LITERAL"
->lwres_</TT
+>lwres_</VAR
>.
To define the standard names, applications must include the
header file
>
which contains macro definitions mapping the standard function names
into
-<TT
+<VAR
CLASS="LITERAL"
->lwres_</TT
+>lwres_</VAR
>
prefixed ones. Operating system vendors who integrate the lwres
library into their base distributions should rename the functions
in the library proper so that the renaming macros are not needed.</P
><P
>The library also provides a native API consisting of the functions
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrsbyname()</TT
+>lwres_getaddrsbyname()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getnamebyaddr()</TT
+>lwres_getnamebyaddr()</CODE
>.
These may be called by applications that require more detailed
control over the lookup process than the standard functions
>In addition to these name service independent address lookup
functions, the library implements a new, experimental API
for looking up arbitrary DNS resource records, using the
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrsbyname()</TT
+>lwres_getaddrsbyname()</CODE
>
function.</P
><P
CLASS="TYPE"
>lwres_packet_t</SPAN
>,
-called <TT
+called <VAR
CLASS="VARNAME"
->pkt</TT
+>pkt</VAR
> below.</P
><P
->(2) Set <TT
+>(2) Set <CODE
CLASS="STRUCTFIELD"
-><I
->pkt.recvlength</I
-></TT
+>pkt.recvlength</CODE
> to the maximum length we will accept.
This is done so the receiver of our packets knows how large our receive
buffer is. The "default" is a constant in
<TT
CLASS="FILENAME"
>lwres.h</TT
->: <TT
+>: <CODE
CLASS="CONSTANT"
->LWRES_RECVLENGTH = 4096</TT
+>LWRES_RECVLENGTH = 4096</CODE
>.</P
><P
->(3) Set <TT
+>(3) Set <CODE
CLASS="STRUCTFIELD"
-><I
->pkt.serial</I
-></TT
+>pkt.serial</CODE
>
to a unique serial number. This value is echoed
back to the application by the remote server.</P
><P
->(4) Set <TT
+>(4) Set <CODE
CLASS="STRUCTFIELD"
-><I
->pkt.pktflags</I
-></TT
+>pkt.pktflags</CODE
>. Usually this is set to 0.</P
><P
->(5) Set <TT
+>(5) Set <CODE
CLASS="STRUCTFIELD"
-><I
->pkt.result</I
-></TT
+>pkt.result</CODE
> to 0.</P
><P
->(6) Call <TT
+>(6) Call <CODE
CLASS="FUNCTION"
->lwres_*request_render()</TT
+>lwres_*request_render()</CODE
>,
or marshall in the data using the primitives
-such as <TT
+such as <CODE
CLASS="FUNCTION"
->lwres_packet_render()</TT
+>lwres_packet_render()</CODE
>
and storing the packet data.</P
><P
>(7) Transmit the resulting buffer.</P
><P
->(8) Call <TT
+>(8) Call <CODE
CLASS="FUNCTION"
->lwres_*response_parse()</TT
+>lwres_*response_parse()</CODE
>
to parse any packets received.</P
><P
CLASS="TYPE"
>lwres_packet_t</SPAN
> is used
-in both the <TT
+in both the <CODE
CLASS="FUNCTION"
->_parse()</TT
-> and <TT
+>_parse()</CODE
+> and <CODE
CLASS="FUNCTION"
->_render()</TT
+>_render()</CODE
> calls,
with only a few modifications made
to the packet header's contents between uses. This method is recommended
as it keeps the serial, opcode, and other fields correct.</P
><P
->(1) When a packet is received, call <TT
+>(1) When a packet is received, call <CODE
CLASS="FUNCTION"
->lwres_*request_parse()</TT
+>lwres_*request_parse()</CODE
> to
unmarshall it. This returns a <SPAN
CLASS="TYPE"
>lwres_packet_t</SPAN
-> (also called <TT
+> (also called <VAR
CLASS="VARNAME"
->pkt</TT
+>pkt</VAR
>, below)
as well as a data specific type, such as <SPAN
CLASS="TYPE"
><P
>(2) Process the request in the data specific type.</P
><P
->(3) Set the <TT
+>(3) Set the <CODE
CLASS="STRUCTFIELD"
-><I
->pkt.result</I
-></TT
+>pkt.result</CODE
>,
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->pkt.recvlength</I
-></TT
+>pkt.recvlength</CODE
> as above. All other fields can
-be left untouched since they were filled in by the <TT
+be left untouched since they were filled in by the <CODE
CLASS="FUNCTION"
->*_parse()</TT
+>*_parse()</CODE
> call
-above. If using <TT
+above. If using <CODE
CLASS="FUNCTION"
->lwres_*response_render()</TT
+>lwres_*response_render()</CODE
>,
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->pkt.pktflags</I
-></TT
+>pkt.pktflags</CODE
> will be set up
-properly. Otherwise, the <TT
+properly. Otherwise, the <CODE
CLASS="CONSTANT"
->LWRES_LWPACKETFLAG_RESPONSE</TT
+>LWRES_LWPACKETFLAG_RESPONSE</CODE
> bit should be
set.</P
><P
>(4) Call the data specific rendering function, such as
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnresponse_render()</TT
+>lwres_gabnresponse_render()</CODE
>.</P
><P
>(5) Send the resulting packet to the client.</P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_buffer.html,v 1.4.2.1.4.1 2004/03/06 08:15:37 marka Exp $ -->
+<!-- $Id: lwres_buffer.html,v 1.4.2.1.4.2 2004/08/22 23:39:03 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_buffer</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_buffer</A
-></H1
+></A
+>lwres_buffer</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN27"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwbuffer.h></PRE
>These functions provide bounds checked access to a region of memory
where data is being read or written.
They are based on, and similar to, the
-<TT
+<VAR
CLASS="LITERAL"
->isc_buffer_</TT
+>isc_buffer_</VAR
>
functions in the ISC library.</P
><P
b-c == optional active region.</PRE
></P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_buffer_init()</TT
+>lwres_buffer_init()</CODE
>
initializes the
<SPAN
CLASS="TYPE"
>lwres_buffer_t</SPAN
>
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
>
and assocates it with the memory region of size
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->length</I
-></TT
+>length</VAR
>
bytes starting at location
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->base.</I
-></TT
+>base.</VAR
></P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_buffer_invalidate()</TT
+>lwres_buffer_invalidate()</CODE
>
marks the buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
>
as invalid. Invalidating a buffer after use is not required,
but makes it possible to catch its possible accidental use.</P
><P
>The functions
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_add()</TT
+>lwres_buffer_add()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_subtract()</TT
+>lwres_buffer_subtract()</CODE
>
respectively increase and decrease the used space in
buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
>
by
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->n</I
-></TT
+>n</VAR
>
bytes.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_add()</TT
+>lwres_buffer_add()</CODE
>
checks for buffer overflow and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_subtract()</TT
+>lwres_buffer_subtract()</CODE
>
checks for underflow.
These functions do not allocate or deallocate memory.
They just change the value of
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->used</I
-></TT
+>used</CODE
>.</P
><P
>A buffer is re-initialised by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_clear()</TT
+>lwres_buffer_clear()</CODE
>.
The function sets
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->used</I
-></TT
+>used</CODE
> ,
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->current</I
-></TT
+>current</CODE
>
and
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->active</I
-></TT
+>active</CODE
>
to zero.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_buffer_first</TT
+>lwres_buffer_first</CODE
>
makes the consumed region of buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*p</I
-></TT
+>*p</VAR
>
empty by setting
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->current</I
-></TT
+>current</CODE
>
to zero (the start of the buffer).</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_buffer_forward()</TT
+>lwres_buffer_forward()</CODE
>
increases the consumed region of buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
>
by
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->n</I
-></TT
+>n</VAR
>
bytes, checking for overflow.
Similarly,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_back()</TT
+>lwres_buffer_back()</CODE
>
decreases buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>'s
consumed region by
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->n</I
-></TT
+>n</VAR
>
bytes and checks for underflow.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_buffer_getuint8()</TT
+>lwres_buffer_getuint8()</CODE
>
reads an unsigned 8-bit integer from
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
>
and returns it.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_putuint8()</TT
+>lwres_buffer_putuint8()</CODE
>
writes the unsigned 8-bit integer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->val</I
-></TT
+>val</VAR
>
to buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
>.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_buffer_getuint16()</TT
+>lwres_buffer_getuint16()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_getuint32()</TT
+>lwres_buffer_getuint32()</CODE
>
are identical to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_putuint8()</TT
+>lwres_buffer_putuint8()</CODE
>
except that they respectively read an unsigned 16-bit or 32-bit integer
in network byte order from
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>.
Similarly,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_putuint16()</TT
+>lwres_buffer_putuint16()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_putuint32()</TT
+>lwres_buffer_putuint32()</CODE
>
writes the unsigned 16-bit or 32-bit integer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->val</I
-></TT
+>val</VAR
>
to buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>,
in network byte order.</P
><P
>Arbitrary amounts of data are read or written from a lightweight
resolver buffer with
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_getmem()</TT
+>lwres_buffer_getmem()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_putmem()</TT
+>lwres_buffer_putmem()</CODE
>
respectively.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_putmem()</TT
+>lwres_buffer_putmem()</CODE
>
copies
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->length</I
-></TT
+>length</VAR
>
bytes of memory at
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->base</I
-></TT
+>base</VAR
>
to
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>.
Conversely,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_buffer_getmem()</TT
+>lwres_buffer_getmem()</CODE
>
copies
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->length</I
-></TT
+>length</VAR
>
bytes of memory from
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>
to
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->base</I
-></TT
+>base</VAR
>.</P
></DIV
></BODY
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_config.html,v 1.4.2.1.4.1 2004/03/06 08:15:38 marka Exp $ -->
+<!-- $Id: lwres_config.html,v 1.4.2.1.4.2 2004/08/22 23:39:03 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_config</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_config</A
-></H1
+></A
+>lwres_config</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN16"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwres.h></PRE
><H2
>DESCRIPTION</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_conf_init()</TT
+>lwres_conf_init()</CODE
>
creates an empty
<SPAN
>lwres_conf_t</SPAN
>
structure for lightweight resolver context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
>.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_conf_clear()</TT
+>lwres_conf_clear()</CODE
>
frees up all the internal memory used by
that
>lwres_conf_t</SPAN
>
structure in resolver context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
>.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_conf_parse()</TT
+>lwres_conf_parse()</CODE
>
opens the file
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->filename</I
-></TT
+>filename</VAR
>
and parses it to initialise the resolver context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
>'s
<SPAN
CLASS="TYPE"
>
structure.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_conf_print()</TT
+>lwres_conf_print()</CODE
>
prints the
<SPAN
>lwres_conf_t</SPAN
>
structure for resolver context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
>
to the
<SPAN
CLASS="TYPE"
>FILE</SPAN
>
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->fp</I
-></TT
+>fp</VAR
>.</P
></DIV
><DIV
><H2
>RETURN VALUES</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_conf_parse()</TT
+>lwres_conf_parse()</CODE
>
returns
<SPAN
>LWRES_R_SUCCESS</SPAN
>
if it successfully read and parsed
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->filename</I
-></TT
+>filename</VAR
>.
It returns
<SPAN
>LWRES_R_FAILURE</SPAN
>
if
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->filename</I
-></TT
+>filename</VAR
>
could not be opened or contained incorrect
resolver statements.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_conf_print()</TT
+>lwres_conf_print()</CODE
>
returns
<SPAN
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_context.html,v 1.5.2.2.2.2 2004/03/08 09:05:12 marka Exp $ -->
+<!-- $Id: lwres_context.html,v 1.5.2.2.2.3 2004/08/22 23:39:03 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_context</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_context</A
-></H1
+></A
+>lwres_context</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN18"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwres.h></PRE
><H2
>DESCRIPTION</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_context_create()</TT
+>lwres_context_create()</CODE
>
creates a
<SPAN
>lwres_context_t</SPAN
>
is returned through
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->contextp</I
-></TT
+>contextp</VAR
>,
a pointer to a
><P
>When the lightweight resolver needs to perform dynamic memory
allocation, it will call
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->malloc_function</I
-></TT
+>malloc_function</VAR
>
to allocate memory and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->free_function</I
-></TT
+>free_function</VAR
>
to free it. If
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->malloc_function</I
-></TT
+>malloc_function</VAR
>
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->free_function</I
-></TT
+>free_function</VAR
>
are NULL, memory is allocated using
>.
It is not permitted to have a NULL
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->malloc_function</I
-></TT
+>malloc_function</VAR
>
and a non-NULL
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->free_function</I
-></TT
+>free_function</VAR
>
or vice versa.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->arg</I
-></TT
+>arg</VAR
>
is passed as the first parameter to the memory
allocation functions.
If
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->malloc_function</I
-></TT
+>malloc_function</VAR
>
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->free_function</I
-></TT
+>free_function</VAR
>
are NULL,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->arg</I
-></TT
+>arg</VAR
>
is unused and should be passed as NULL.</P
>
and returned via
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*contextp</I
-></TT
+>*contextp</VAR
>. </P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_context_destroy()</TT
+>lwres_context_destroy()</CODE
>
destroys a
<SPAN
>,
closing its socket.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->contextp</I
-></TT
+>contextp</VAR
>
is a pointer to a pointer to the context that is to be destroyed.
The pointer will be set to NULL when the context has been destroyed.</P
>The context holds a serial number that is used to identify resolver
request packets and associate responses with the corresponding requests.
This serial number is controlled using
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_initserial()</TT
+>lwres_context_initserial()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_nextserial()</TT
+>lwres_context_nextserial()</CODE
>.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_initserial()</TT
+>lwres_context_initserial()</CODE
>
sets the serial number for context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*ctx</I
-></TT
+>*ctx</VAR
>
to
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->serial</I
-></TT
+>serial</VAR
>.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_nextserial()</TT
+>lwres_context_nextserial()</CODE
>
increments the serial number and returns the previous value.</P
><P
>Memory for a lightweight resolver context is allocated and freed using
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_allocmem()</TT
+>lwres_context_allocmem()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_freemem()</TT
+>lwres_context_freemem()</CODE
>.
These use whatever allocations were defined when the context was
created with
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_create()</TT
+>lwres_context_create()</CODE
>.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_allocmem()</TT
+>lwres_context_allocmem()</CODE
>
allocates
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->len</I
-></TT
+>len</VAR
>
bytes of memory and if successful returns a pointer to the allocated
storage.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_freemem()</TT
+>lwres_context_freemem()</CODE
>
frees
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->len</I
-></TT
+>len</VAR
>
bytes of space starting at location
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->mem</I
-></TT
+>mem</VAR
>. </P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_context_sendrecv()</TT
+>lwres_context_sendrecv()</CODE
>
performs I/O for the context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
>.
Data are read and written from the context's socket.
It writes data from
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->sendbase</I
-></TT
+>sendbase</VAR
>
— typically a lightweight resolver query packet —
and waits for a reply which is copied to the receive buffer at
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->recvbase</I
-></TT
+>recvbase</VAR
>.
The number of bytes that were written to this receive buffer is
returned in
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*recvd_len</I
-></TT
+>*recvd_len</VAR
>. </P
></DIV
><DIV
><H2
>RETURN VALUES</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_context_create()</TT
+>lwres_context_create()</CODE
>
returns
<SPAN
otherwise.</P
><P
>Successful calls to the memory allocator
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_allocmem()</TT
+>lwres_context_allocmem()</CODE
>
return a pointer to the start of the allocated space.
It returns NULL if memory could not be allocated.</P
>LWRES_R_SUCCESS</SPAN
>
is returned when
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_sendrecv()</TT
+>lwres_context_sendrecv()</CODE
>
completes successfully.
<SPAN
>LWRES_R_TIMEOUT</SPAN
>
is returned if
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_context_sendrecv()</TT
+>lwres_context_sendrecv()</CODE
>
times out waiting for a response.</P
></DIV
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_gabn.html,v 1.6.2.1.4.1 2004/03/06 08:15:38 marka Exp $ -->
+<!-- $Id: lwres_gabn.html,v 1.6.2.1.4.2 2004/08/22 23:39:03 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_gabn</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_gabn</A
-></H1
+></A
+>lwres_gabn</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN17"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwres.h></PRE
} lwres_gabnresponse_t;</PRE
></P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gabnrequest_render()</TT
+>lwres_gabnrequest_render()</CODE
>
uses resolver context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
>
to convert getaddrbyname request structure
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->req</I
-></TT
+>req</VAR
>
to canonical format.
The packet header structure
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->pkt</I
-></TT
+>pkt</VAR
>
is initialised and transferred to
buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>.
The contents of
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*req</I
-></TT
+>*req</VAR
>
are then appended to the buffer in canonical format.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnresponse_render()</TT
+>lwres_gabnresponse_render()</CODE
>
performs the same task, except it converts a getaddrbyname response structure
<SPAN
>
to the lightweight resolver's canonical format.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gabnrequest_parse()</TT
+>lwres_gabnrequest_parse()</CODE
>
uses context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
>
to convert the contents of packet
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->pkt</I
-></TT
+>pkt</VAR
>
to a
<SPAN
>
structure.
Buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>
provides space to be used for storing this structure.
When the function succeeds, the resulting
>lwres_gabnrequest_t</SPAN
>
is made available through
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*structp</I
-></TT
+>*structp</VAR
>.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnresponse_parse()</TT
+>lwres_gabnresponse_parse()</CODE
>
offers the same semantics as
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnrequest_parse()</TT
+>lwres_gabnrequest_parse()</CODE
>
except it yields a
<SPAN
>
structure.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gabnresponse_free()</TT
+>lwres_gabnresponse_free()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnrequest_free()</TT
+>lwres_gabnrequest_free()</CODE
>
release the memory in resolver context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
>
that was allocated to the
<SPAN
>lwres_gabnrequest_t</SPAN
>
structures referenced via
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->structp</I
-></TT
+>structp</VAR
>.
Any memory associated with ancillary buffers and strings for those
>RETURN VALUES</H2
><P
>The getaddrbyname opcode functions
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnrequest_render()</TT
+>lwres_gabnrequest_render()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnresponse_render()</TT
+>lwres_gabnresponse_render()</CODE
>
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnrequest_parse()</TT
+>lwres_gabnrequest_parse()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnresponse_parse()</TT
+>lwres_gabnresponse_parse()</CODE
>
all return
<SPAN
>LWRES_R_UNEXPECTEDEND</SPAN
>
is returned if the available space in the buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>
is too small to accommodate the packet header or the
<SPAN
>lwres_gabnresponse_t</SPAN
>
structures.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnrequest_parse()</TT
+>lwres_gabnrequest_parse()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gabnresponse_parse()</TT
+>lwres_gabnresponse_parse()</CODE
>
will return
<SPAN
>LWRES_R_FAILURE</SPAN
>
if
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->pktflags</I
-></TT
+>pktflags</CODE
>
in the packet header structure
<SPAN
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_gai_strerror.html,v 1.5.2.1.4.1 2004/03/06 08:15:39 marka Exp $ -->
+<!-- $Id: lwres_gai_strerror.html,v 1.5.2.1.4.2 2004/08/22 23:39:03 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_gai_strerror</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_gai_strerror</A
-></H1
+></A
+>lwres_gai_strerror</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN12"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/netdb.h></PRE
><H2
>DESCRIPTION</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gai_strerror()</TT
+>lwres_gai_strerror()</CODE
>
returns an error message corresponding to an error code returned by
-<TT
+<CODE
CLASS="FUNCTION"
->getaddrinfo()</TT
+>getaddrinfo()</CODE
>.
The following error codes and their meaning are defined in
<TT
><DD
><P
>invalid value for
-<TT
+<CODE
CLASS="CONSTANT"
->ai_flags</TT
+>ai_flags</CODE
></P
></DD
><DT
></DT
><DD
><P
-><TT
+><CODE
CLASS="CONSTANT"
->ai_family</TT
+>ai_family</CODE
> not supported</P
></DD
><DT
></DT
><DD
><P
->servname not supported for <TT
+>servname not supported for <CODE
CLASS="CONSTANT"
->ai_socktype</TT
+>ai_socktype</CODE
></P
></DD
><DT
></DT
><DD
><P
-><TT
+><CODE
CLASS="CONSTANT"
->ai_socktype</TT
+>ai_socktype</CODE
> not supported</P
></DD
><DT
CLASS="ERRORNAME"
>invalid error code</SPAN
> is returned if
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ecode</I
-></TT
+>ecode</VAR
>
is out of range.</P
><P
-><TT
+><CODE
CLASS="CONSTANT"
->ai_flags</TT
+>ai_flags</CODE
>,
-<TT
+<CODE
CLASS="CONSTANT"
->ai_family</TT
+>ai_family</CODE
>
and
-<TT
+<CODE
CLASS="CONSTANT"
->ai_socktype</TT
+>ai_socktype</CODE
>
are elements of the
<SPAN
>struct addrinfo</SPAN
>
used by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>.</P
></DIV
><DIV
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_getaddrinfo.html,v 1.8.2.1.4.2 2004/03/06 08:15:39 marka Exp $ -->
+<!-- $Id: lwres_getaddrinfo.html,v 1.8.2.1.4.3 2004/08/22 23:39:03 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_getaddrinfo</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_getaddrinfo</A
-></H1
+></A
+>lwres_getaddrinfo</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN13"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/netdb.h></PRE
><H2
>DESCRIPTION</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>
is used to get a list of IP addresses and port numbers for host
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostname</I
-></TT
+>hostname</VAR
>
and service
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->servname</I
-></TT
+>servname</VAR
>.
The function is the lightweight resolver's implementation of
-<TT
+<CODE
CLASS="FUNCTION"
->getaddrinfo()</TT
+>getaddrinfo()</CODE
>
as defined in RFC2133.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostname</I
-></TT
+>hostname</VAR
>
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->servname</I
-></TT
+>servname</VAR
>
are pointers to null-terminated
strings or
>NULL</SPAN
>.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostname</I
-></TT
+>hostname</VAR
>
is either a host name or a numeric host address string: a dotted decimal
IPv4 address or an IPv6 address.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->servname</I
-></TT
+>servname</VAR
>
is either a decimal port number or a service name as listed in
<TT
>/etc/services</TT
>.</P
><P
-><TT
+><VAR
CLASS="PARAMETER"
-><I
->hints</I
-></TT
+>hints</VAR
>
is an optional pointer to a
<SPAN
This structure can be used to provide hints concerning the type of socket
that the caller supports or wishes to use.
The caller can supply the following structure elements in
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*hints</I
-></TT
+>*hints</VAR
>:
<P
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ai_family</TT
+>ai_family</CODE
></DT
><DD
><P
>The protocol family that should be used.
When
-<TT
+<CODE
CLASS="CONSTANT"
->ai_family</TT
+>ai_family</CODE
>
is set to
<SPAN
operating system.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ai_socktype</TT
+>ai_socktype</CODE
></DT
><DD
><P
>
— that is wanted.
When
-<TT
+<CODE
CLASS="CONSTANT"
->ai_socktype</TT
+>ai_socktype</CODE
>
is zero the caller will accept any socket type.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ai_protocol</TT
+>ai_protocol</CODE
></DT
><DD
><P
>indicates which transport protocol is wanted: IPPROTO_UDP or
IPPROTO_TCP.
If
-<TT
+<CODE
CLASS="CONSTANT"
->ai_protocol</TT
+>ai_protocol</CODE
>
is zero the caller will accept any protocol.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ai_flags</TT
+>ai_flags</CODE
></DT
><DD
><P
>AI_CANONNAME</SPAN
>
bit is set, a successful call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>
will return a null-terminated string containing the canonical name
of the specified hostname in
-<TT
+<CODE
CLASS="CONSTANT"
->ai_canonname</TT
+>ai_canonname</CODE
>
of the first
<SPAN
for an IPv6 address.</P
><P
>When
-<TT
+<CODE
CLASS="CONSTANT"
->ai_flags</TT
+>ai_flags</CODE
>
does not set the
<SPAN
if a connectionless protocol was chosen.
The IP address portion of the socket address structure will be
set to the loopback address if
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostname</I
-></TT
+>hostname</VAR
>
is a
<SPAN
>AI_PASSIVE</SPAN
>
is not set in
-<TT
+<CODE
CLASS="CONSTANT"
->ai_flags</TT
+>ai_flags</CODE
>.</P
><P
>If
-<TT
+<CODE
CLASS="CONSTANT"
->ai_flags</TT
+>ai_flags</CODE
>
is set to
<SPAN
>AI_NUMERICHOST</SPAN
>
it indicates that
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostname</I
-></TT
+>hostname</VAR
>
should be treated as a numeric string defining an IPv4 or IPv6 address
and no name resolution should be attempted.</P
CLASS="TYPE"
>struct addrinfo</SPAN
> passed
-via <TT
+via <VAR
CLASS="PARAMETER"
-><I
->hints</I
-></TT
+>hints</VAR
> must be zero.</P
><P
->A <TT
+>A <VAR
CLASS="PARAMETER"
-><I
->hints</I
-></TT
+>hints</VAR
> of <SPAN
CLASS="TYPE"
>NULL</SPAN
CLASS="TYPE"
>struct addrinfo</SPAN
> initialized to zero
-with <TT
+with <CODE
CLASS="CONSTANT"
->ai_family</TT
+>ai_family</CODE
>set to
-<TT
+<CODE
CLASS="CONSTANT"
->PF_UNSPEC</TT
+>PF_UNSPEC</CODE
>.</P
><P
>After a successful call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*res</I
-></TT
+>*res</VAR
>
is a pointer to a linked list of one or more
<SPAN
>
in this list cn be processed by following
the
-<TT
+<CODE
CLASS="CONSTANT"
->ai_next</TT
+>ai_next</CODE
>
pointer, until a
<SPAN
>
pointer is encountered.
The three members
-<TT
+<CODE
CLASS="CONSTANT"
->ai_family</TT
+>ai_family</CODE
>,
-<TT
+<CODE
CLASS="CONSTANT"
->ai_socktype</TT
+>ai_socktype</CODE
>,
and
-<TT
+<CODE
CLASS="CONSTANT"
->ai_protocol</TT
+>ai_protocol</CODE
>
in each
returned
>addrinfo</SPAN
>
structure in the list, the
-<TT
+<CODE
CLASS="CONSTANT"
->ai_addr</TT
+>ai_addr</CODE
>
member points to a filled-in socket address structure of length
-<TT
+<CODE
CLASS="CONSTANT"
->ai_addrlen</TT
+>ai_addrlen</CODE
>.</P
><P
>All of the information returned by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>
is dynamically allocated: the addrinfo structures, and the socket
address structures and canonical host name strings pointed to by the
-<TT
+<CODE
CLASS="CONSTANT"
->addrinfo</TT
+>addrinfo</CODE
>structures.
Memory allocated for the dynamically allocated structures created by
a successful call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>
is released by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_freeaddrinfo()</TT
+>lwres_freeaddrinfo()</CODE
>.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ai</I
-></TT
+>ai</VAR
>
is a pointer to a
<SPAN
>struct addrinfo</SPAN
>
created by a call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>.</P
></DIV
><DIV
><H2
>RETURN VALUES</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>
returns zero on success or one of the error codes listed in
<SPAN
>
if an error occurs.
If both
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostname</I
-></TT
+>hostname</VAR
>
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->servname</I
-></TT
+>servname</VAR
>
are
<SPAN
CLASS="TYPE"
>NULL</SPAN
>
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrinfo()</TT
+>lwres_getaddrinfo()</CODE
>
returns
<SPAN
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_gethostent.html,v 1.8.2.1.4.1 2004/03/06 08:15:39 marka Exp $ -->
+<!-- $Id: lwres_gethostent.html,v 1.8.2.1.4.2 2004/08/22 23:39:04 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_gethostent</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_gethostent</A
-></H1
+></A
+>lwres_gethostent</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN22"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/netdb.h></PRE
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_name</TT
+>h_name</CODE
></DT
><DD
><P
>The official (canonical) name of the host.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_aliases</TT
+>h_aliases</CODE
></DT
><DD
><P
>A NULL-terminated array of alternate names (nicknames) for the host.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_addrtype</TT
+>h_addrtype</CODE
></DT
><DD
><P
>.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_length</TT
+>h_length</CODE
></DT
><DD
><P
>The length of the address in bytes.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_addr_list</TT
+>h_addr_list</CODE
></DT
><DD
><P
></P
><P
>For backward compatibility with very old software,
-<TT
+<CODE
CLASS="CONSTANT"
->h_addr</TT
+>h_addr</CODE
>
is the first address in
-<TT
+<CODE
CLASS="CONSTANT"
->h_addr_list.</TT
+>h_addr_list.</CODE
></P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gethostent()</TT
+>lwres_gethostent()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_sethostent()</TT
+>lwres_sethostent()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_endhostent()</TT
+>lwres_endhostent()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostent_r()</TT
+>lwres_gethostent_r()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_sethostent_r()</TT
+>lwres_sethostent_r()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_endhostent_r()</TT
+>lwres_endhostent_r()</CODE
>
provide iteration over the known host entries on systems that
provide such functionality through facilities like
these functions; it only provides them as stub functions that always
return failure.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gethostbyname()</TT
+>lwres_gethostbyname()</CODE
> and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname2()</TT
+>lwres_gethostbyname2()</CODE
> look up the hostname
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
>.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname()</TT
+>lwres_gethostbyname()</CODE
> always looks for an IPv4
-address while <TT
+address while <CODE
CLASS="FUNCTION"
->lwres_gethostbyname2()</TT
+>lwres_gethostbyname2()</CODE
> looks for an
-address of protocol family <TT
+address of protocol family <VAR
CLASS="PARAMETER"
-><I
->af</I
-></TT
+>af</VAR
>: either
<SPAN
CLASS="TYPE"
CLASS="TYPE"
>NULL</SPAN
> is returned if the lookups by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname()</TT
+>lwres_gethostbyname()</CODE
> or
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname2()</TT
+>lwres_gethostbyname2()</CODE
> fail.</P
><P
>Reverse lookups of addresses are performed by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr()</TT
+>lwres_gethostbyaddr()</CODE
>.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->addr</I
-></TT
+>addr</VAR
> is an address of length
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->len</I
-></TT
+>len</VAR
> bytes and protocol family
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
> — <SPAN
CLASS="TYPE"
>PF_INET</SPAN
CLASS="TYPE"
>PF_INET6</SPAN
>.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname_r()</TT
+>lwres_gethostbyname_r()</CODE
> is a thread-safe function
for forward lookups. If an error occurs, an error code is returned in
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*error</I
-></TT
+>*error</VAR
>.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->resbuf</I
-></TT
+>resbuf</VAR
> is a pointer to a <SPAN
CLASS="TYPE"
>struct
hostent</SPAN
> which is initialised by a successful call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname_r()</TT
+>lwres_gethostbyname_r()</CODE
> .
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->buf</I
-></TT
+>buf</VAR
> is a buffer of length
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->len</I
-></TT
+>len</VAR
> bytes which is used to store the
-<TT
+<CODE
CLASS="CONSTANT"
->h_name</TT
->, <TT
+>h_name</CODE
+>, <CODE
CLASS="CONSTANT"
->h_aliases</TT
+>h_aliases</CODE
>, and
-<TT
+<CODE
CLASS="CONSTANT"
->h_addr_list</TT
+>h_addr_list</CODE
> elements of the <SPAN
CLASS="TYPE"
>struct
hostent</SPAN
-> returned in <TT
+> returned in <VAR
CLASS="PARAMETER"
-><I
->resbuf</I
-></TT
+>resbuf</VAR
>.
-Successful calls to <TT
+Successful calls to <CODE
CLASS="FUNCTION"
->lwres_gethostbyname_r()</TT
+>lwres_gethostbyname_r()</CODE
>
-return <TT
+return <VAR
CLASS="PARAMETER"
-><I
->resbuf</I
-></TT
+>resbuf</VAR
>,
which is a pointer to the <SPAN
CLASS="TYPE"
>struct hostent</SPAN
> it created.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr_r()</TT
+>lwres_gethostbyaddr_r()</CODE
> is a thread-safe function
-that performs a reverse lookup of address <TT
+that performs a reverse lookup of address <VAR
CLASS="PARAMETER"
-><I
->addr</I
-></TT
+>addr</VAR
>
-which is <TT
+which is <VAR
CLASS="PARAMETER"
-><I
->len</I
-></TT
+>len</VAR
> bytes long and is of protocol
-family <TT
+family <VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
> — <SPAN
CLASS="TYPE"
>PF_INET</SPAN
CLASS="TYPE"
>PF_INET6</SPAN
>. If an error occurs, the error code is returned
-in <TT
+in <VAR
CLASS="PARAMETER"
-><I
->*error</I
-></TT
+>*error</VAR
>. The other function parameters are
-identical to those in <TT
+identical to those in <CODE
CLASS="FUNCTION"
->lwres_gethostbyname_r()</TT
+>lwres_gethostbyname_r()</CODE
>.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->resbuf</I
-></TT
+>resbuf</VAR
> is a pointer to a <SPAN
CLASS="TYPE"
>struct
hostent</SPAN
> which is initialised by a successful call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr_r()</TT
+>lwres_gethostbyaddr_r()</CODE
>.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->buf</I
-></TT
+>buf</VAR
> is a buffer of length
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->len</I
-></TT
+>len</VAR
> bytes which is used to store the
-<TT
+<CODE
CLASS="CONSTANT"
->h_name</TT
->, <TT
+>h_name</CODE
+>, <CODE
CLASS="CONSTANT"
->h_aliases</TT
+>h_aliases</CODE
>, and
-<TT
+<CODE
CLASS="CONSTANT"
->h_addr_list</TT
+>h_addr_list</CODE
> elements of the <SPAN
CLASS="TYPE"
>struct
hostent</SPAN
-> returned in <TT
+> returned in <VAR
CLASS="PARAMETER"
-><I
->resbuf</I
-></TT
+>resbuf</VAR
>. Successful
-calls to <TT
+calls to <CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr_r()</TT
+>lwres_gethostbyaddr_r()</CODE
> return
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->resbuf</I
-></TT
+>resbuf</VAR
>, which is a pointer to the
-<TT
+<CODE
CLASS="FUNCTION"
->struct hostent()</TT
+>struct hostent()</CODE
> it created.</P
></DIV
><DIV
>RETURN VALUES</H2
><P
>The functions
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname()</TT
+>lwres_gethostbyname()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname2()</TT
+>lwres_gethostbyname2()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr()</TT
+>lwres_gethostbyaddr()</CODE
>,
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostent()</TT
+>lwres_gethostent()</CODE
>
return NULL to indicate an error. In this case the global variable
<SPAN
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->HOST_NOT_FOUND</TT
+>HOST_NOT_FOUND</CODE
></DT
><DD
><P
>The host or address was not found.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->TRY_AGAIN</TT
+>TRY_AGAIN</CODE
></DT
><DD
><P
Retrying the lookup may succeed.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NO_RECOVERY</TT
+>NO_RECOVERY</CODE
></DT
><DD
><P
>A non-recoverable error occurred.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NO_DATA</TT
+>NO_DATA</CODE
></DT
><DD
><P
>
translates these error codes to suitable error messages.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gethostent()</TT
+>lwres_gethostent()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostent_r()</TT
+>lwres_gethostent_r()</CODE
>
always return
<SPAN
>NULL</SPAN
>.</P
><P
->Successful calls to <TT
+>Successful calls to <CODE
CLASS="FUNCTION"
->lwres_gethostbyname_r()</TT
+>lwres_gethostbyname_r()</CODE
> and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr_r()</TT
+>lwres_gethostbyaddr_r()</CODE
> return
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->resbuf</I
-></TT
+>resbuf</VAR
>, a pointer to the <SPAN
CLASS="TYPE"
>struct
<SPAN
CLASS="TYPE"
>NULL</SPAN
-> if the lookups fail or if <TT
+> if the lookups fail or if <VAR
CLASS="PARAMETER"
-><I
->buf</I
-></TT
+>buf</VAR
>
was too small to hold the list of addresses and names referenced by
-the <TT
+the <CODE
CLASS="CONSTANT"
->h_name</TT
->, <TT
+>h_name</CODE
+>, <CODE
CLASS="CONSTANT"
->h_aliases</TT
+>h_aliases</CODE
>, and
-<TT
+<CODE
CLASS="CONSTANT"
->h_addr_list</TT
+>h_addr_list</CODE
> elements of the <SPAN
CLASS="TYPE"
>struct
hostent</SPAN
->. If <TT
+>. If <VAR
CLASS="PARAMETER"
-><I
->buf</I
-></TT
+>buf</VAR
> was too small, both
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname_r()</TT
+>lwres_gethostbyname_r()</CODE
> and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr_r()</TT
+>lwres_gethostbyaddr_r()</CODE
> set the global variable
<SPAN
CLASS="TYPE"
><H2
>BUGS</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gethostbyname()</TT
+>lwres_gethostbyname()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname2()</TT
+>lwres_gethostbyname2()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr()</TT
+>lwres_gethostbyaddr()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_endhostent()</TT
+>lwres_endhostent()</CODE
>
are not thread safe; they return pointers to static data and
provide error codes through a global variable.
Thread-safe versions for name and address lookup are provided by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyname_r()</TT
+>lwres_gethostbyname_r()</CODE
>,
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gethostbyaddr_r()</TT
+>lwres_gethostbyaddr_r()</CODE
>
respectively.</P
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_getipnode.html,v 1.7.2.1.4.1 2004/03/06 08:15:40 marka Exp $ -->
+<!-- $Id: lwres_getipnode.html,v 1.7.2.1.4.2 2004/08/22 23:39:04 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_getipnode</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_getipnode</A
-></H1
+></A
+>lwres_getipnode</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN14"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/netdb.h></PRE
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_name</TT
+>h_name</CODE
></DT
><DD
><P
>The official (canonical) name of the host.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_aliases</TT
+>h_aliases</CODE
></DT
><DD
><P
>A NULL-terminated array of alternate names (nicknames) for the host.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_addrtype</TT
+>h_addrtype</CODE
></DT
><DD
><P
>. </P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_length</TT
+>h_length</CODE
></DT
><DD
><P
>The length of the address in bytes.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->h_addr_list</TT
+>h_addr_list</CODE
></DT
><DD
><P
></DIV
></P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getipnodebyname()</TT
+>lwres_getipnodebyname()</CODE
>
looks up addresses of protocol family
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->af</I
-></TT
+>af</VAR
>
for the hostname
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
>.
The
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->flags</I
-></TT
+>flags</VAR
>
parameter contains ORed flag bits to
specify the types of addresses that are searched
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->AI_V4MAPPED</TT
+>AI_V4MAPPED</CODE
></DT
><DD
><P
>This is used with an
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->af</I
-></TT
+>af</VAR
>
of AF_INET6, and causes IPv4 addresses to be returned as IPv4-mapped
IPv6 addresses.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->AI_ALL</TT
+>AI_ALL</CODE
></DT
><DD
><P
>This is used with an
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->af</I
-></TT
+>af</VAR
>
of AF_INET6, and causes all known addresses (IPv6 and IPv4) to be returned.
If AI_V4MAPPED is also set, the IPv4 addresses are return as mapped
IPv6 addresses.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->AI_ADDRCONFIG</TT
+>AI_ADDRCONFIG</CODE
></DT
><DD
><P
in the BIND 9 lightweight resolver, and the flag is ignored.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->AI_DEFAULT</TT
+>AI_DEFAULT</CODE
></DT
><DD
><P
>This default sets the
-<TT
+<CODE
CLASS="CONSTANT"
->AI_V4MAPPED</TT
+>AI_V4MAPPED</CODE
>
and
-<TT
+<CODE
CLASS="CONSTANT"
->AI_ADDRCONFIG</TT
+>AI_ADDRCONFIG</CODE
>
flag bits.</P
></DD
></DIV
></P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getipnodebyaddr()</TT
+>lwres_getipnodebyaddr()</CODE
>
performs a reverse lookup
of address
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->src</I
-></TT
+>src</VAR
>
which is
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->len</I
-></TT
+>len</VAR
>
bytes long.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->af</I
-></TT
+>af</VAR
>
denotes the protocol family, typically
<SPAN
>PF_INET6</SPAN
>. </P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_freehostent()</TT
+>lwres_freehostent()</CODE
>
releases all the memory associated with
the
>struct hostent</SPAN
>
pointer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->he</I
-></TT
+>he</VAR
>.
Any memory allocated for the
-<TT
+<CODE
CLASS="CONSTANT"
->h_name</TT
+>h_name</CODE
>,
-<TT
+<CODE
CLASS="CONSTANT"
->h_addr_list</TT
+>h_addr_list</CODE
>
and
-<TT
+<CODE
CLASS="CONSTANT"
->h_aliases</TT
+>h_aliases</CODE
>
is freed, as is the memory for the
<SPAN
>RETURN VALUES</H2
><P
>If an error occurs,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getipnodebyname()</TT
+>lwres_getipnodebyname()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getipnodebyaddr()</TT
+>lwres_getipnodebyaddr()</CODE
>
set
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*error_num</I
-></TT
+>*error_num</VAR
>
to an appropriate error code and the function returns a
<SPAN
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->HOST_NOT_FOUND</TT
+>HOST_NOT_FOUND</CODE
></DT
><DD
><P
>No such host is known.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NO_ADDRESS</TT
+>NO_ADDRESS</CODE
></DT
><DD
><P
domain might return an answer.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->TRY_AGAIN</TT
+>TRY_AGAIN</CODE
></DT
><DD
><P
retried.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NO_RECOVERY</TT
+>NO_RECOVERY</CODE
></DT
><DD
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_getnameinfo.html,v 1.5.2.1.4.1 2004/03/06 08:15:40 marka Exp $ -->
+<!-- $Id: lwres_getnameinfo.html,v 1.5.2.1.4.2 2004/08/22 23:39:04 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_getnameinfo</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_getnameinfo</A
-></H1
+></A
+>lwres_getnameinfo</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN12"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/netdb.h></PRE
>getnameinfo</SPAN
>(3)</SPAN
> function defined in RFC2133.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getnameinfo()</TT
+>lwres_getnameinfo()</CODE
> returns the hostname for the
<SPAN
CLASS="TYPE"
>struct sockaddr</SPAN
-> <TT
+> <VAR
CLASS="PARAMETER"
-><I
->sa</I
-></TT
+>sa</VAR
> which is
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->salen</I
-></TT
+>salen</VAR
> bytes long. The hostname is of length
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostlen</I
-></TT
+>hostlen</VAR
> and is returned via
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*host.</I
-></TT
+>*host.</VAR
> The maximum length of the hostname is
-1025 bytes: <TT
+1025 bytes: <CODE
CLASS="CONSTANT"
->NI_MAXHOST</TT
+>NI_MAXHOST</CODE
>.</P
><P
> The name of the service associated with the port number in
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->sa</I
-></TT
-> is returned in <TT
+>sa</VAR
+> is returned in <VAR
CLASS="PARAMETER"
-><I
->*serv.</I
-></TT
+>*serv.</VAR
>
-It is <TT
+It is <VAR
CLASS="PARAMETER"
-><I
->servlen</I
-></TT
+>servlen</VAR
> bytes long. The maximum length
-of the service name is <TT
+of the service name is <CODE
CLASS="CONSTANT"
->NI_MAXSERV</TT
+>NI_MAXSERV</CODE
> - 32 bytes.</P
><P
-> The <TT
+> The <VAR
CLASS="PARAMETER"
-><I
->flags</I
-></TT
+>flags</VAR
> argument sets the following
bits:
<P
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NI_NOFQDN</TT
+>NI_NOFQDN</CODE
></DT
><DD
><P
The local part of the fully qualified domain name is returned instead.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NI_NUMERICHOST</TT
+>NI_NUMERICHOST</CODE
></DT
><DD
><P
instead of a host name.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NI_NAMEREQD</TT
+>NI_NAMEREQD</CODE
></DT
><DD
><P
address is returned in numeric form.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NI_NUMERICSERV</TT
+>NI_NUMERICSERV</CODE
></DT
><DD
><P
>The service name is returned as a digit string representing the port number.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NI_DGRAM</TT
+>NI_DGRAM</CODE
></DT
><DD
><P
><H2
>RETURN VALUES</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getnameinfo()</TT
+>lwres_getnameinfo()</CODE
>
returns 0 on success or a non-zero error code if an error occurs.</P
></DIV
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_getrrsetbyname.html,v 1.5.2.1.4.1 2004/03/06 08:15:40 marka Exp $ -->
+<!-- $Id: lwres_getrrsetbyname.html,v 1.5.2.1.4.2 2004/08/22 23:39:04 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_getrrsetbyname</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_getrrsetbyname</A
-></H1
+></A
+>lwres_getrrsetbyname</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN13"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/netdb.h></PRE
><H2
>DESCRIPTION</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getrrsetbyname()</TT
+>lwres_getrrsetbyname()</CODE
>
gets a set of resource records associated with a
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostname</I
-></TT
+>hostname</VAR
>,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->class</I
-></TT
+>class</VAR
>,
and
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->type</I
-></TT
+>type</VAR
>.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->hostname</I
-></TT
+>hostname</VAR
>
is
a pointer a to null-terminated string. The
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->flags</I
-></TT
+>flags</VAR
>
field is currently unused and must be zero.</P
><P
>After a successful call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getrrsetbyname()</TT
+>lwres_getrrsetbyname()</CODE
>,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*res</I
-></TT
+>*res</VAR
>
is a pointer to an
<SPAN
structures containing SIG resource records
associated with those records.
The members
-<TT
+<CODE
CLASS="CONSTANT"
->rri_rdclass</TT
+>rri_rdclass</CODE
>
and
-<TT
+<CODE
CLASS="CONSTANT"
->rri_rdtype</TT
+>rri_rdtype</CODE
>
are copied from the parameters.
-<TT
+<CODE
CLASS="CONSTANT"
->rri_ttl</TT
+>rri_ttl</CODE
>
and
-<TT
+<CODE
CLASS="CONSTANT"
->rri_name</TT
+>rri_name</CODE
>
are properties of the obtained rrset.
The resource records contained in
-<TT
+<CODE
CLASS="CONSTANT"
->rri_rdatas</TT
+>rri_rdatas</CODE
>
and
-<TT
+<CODE
CLASS="CONSTANT"
->rri_sigs</TT
+>rri_sigs</CODE
>
are in uncompressed DNS wire format.
Properties of the rdataset are represented in the
-<TT
+<CODE
CLASS="CONSTANT"
->rri_flags</TT
+>rri_flags</CODE
>
bitfield. If the RRSET_VALIDATED bit is set, the data has been DNSSEC
validated and the signatures verified. </P
><P
>All of the information returned by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getrrsetbyname()</TT
+>lwres_getrrsetbyname()</CODE
>
is dynamically allocated: the
-<TT
+<CODE
CLASS="CONSTANT"
->rrsetinfo</TT
+>rrsetinfo</CODE
>
and
-<TT
+<CODE
CLASS="CONSTANT"
->rdatainfo</TT
+>rdatainfo</CODE
>
structures,
and the canonical host name strings pointed to by the
-<TT
+<CODE
CLASS="CONSTANT"
->rrsetinfo</TT
+>rrsetinfo</CODE
>structure.
Memory allocated for the dynamically allocated structures created by
a successful call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getrrsetbyname()</TT
+>lwres_getrrsetbyname()</CODE
>
is released by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_freerrset()</TT
+>lwres_freerrset()</CODE
>.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->rrset</I
-></TT
+>rrset</VAR
>
is a pointer to a
<SPAN
>struct rrset</SPAN
>
created by a call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getrrsetbyname()</TT
+>lwres_getrrsetbyname()</CODE
>. </P
><P
></P
><H2
>RETURN VALUES</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getrrsetbyname()</TT
+>lwres_getrrsetbyname()</CODE
>
returns zero on success, and one of the following error
codes if an error occurred:
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ERRSET_NONAME</TT
+>ERRSET_NONAME</CODE
></DT
><DD
><P
>the name does not exist</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ERRSET_NODATA</TT
+>ERRSET_NODATA</CODE
></DT
><DD
><P
>the name exists, but does not have data of the desired type</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ERRSET_NOMEMORY</TT
+>ERRSET_NOMEMORY</CODE
></DT
><DD
><P
>memory could not be allocated</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ERRSET_INVAL</TT
+>ERRSET_INVAL</CODE
></DT
><DD
><P
>a parameter is invalid</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->ERRSET_FAIL</TT
+>ERRSET_FAIL</CODE
></DT
><DD
><P
>other failure</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
-></TT
+></CODE
></DT
><DD
><P
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_gnba.html,v 1.6.2.1.4.1 2004/03/06 08:15:40 marka Exp $ -->
+<!-- $Id: lwres_gnba.html,v 1.6.2.1.4.2 2004/08/22 23:39:04 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_gnba</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_gnba</A
-></H1
+></A
+>lwres_gnba</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN17"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwres.h></PRE
} lwres_gnbaresponse_t;</PRE
></P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gnbarequest_render()</TT
+>lwres_gnbarequest_render()</CODE
>
uses resolver context
-<TT
+<VAR
CLASS="VARNAME"
->ctx</TT
+>ctx</VAR
>
to convert getnamebyaddr request structure
-<TT
+<VAR
CLASS="VARNAME"
->req</TT
+>req</VAR
>
to canonical format.
The packet header structure
-<TT
+<VAR
CLASS="VARNAME"
->pkt</TT
+>pkt</VAR
>
is initialised and transferred to
buffer
-<TT
+<VAR
CLASS="VARNAME"
->b</TT
+>b</VAR
>.
The contents of
-<TT
+<VAR
CLASS="VARNAME"
->*req</TT
+>*req</VAR
>
are then appended to the buffer in canonical format.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbaresponse_render()</TT
+>lwres_gnbaresponse_render()</CODE
>
performs the same task, except it converts a getnamebyaddr response structure
<SPAN
>
to the lightweight resolver's canonical format.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gnbarequest_parse()</TT
+>lwres_gnbarequest_parse()</CODE
>
uses context
-<TT
+<VAR
CLASS="VARNAME"
->ctx</TT
+>ctx</VAR
>
to convert the contents of packet
-<TT
+<VAR
CLASS="VARNAME"
->pkt</TT
+>pkt</VAR
>
to a
<SPAN
>
structure.
Buffer
-<TT
+<VAR
CLASS="VARNAME"
->b</TT
+>b</VAR
>
provides space to be used for storing this structure.
When the function succeeds, the resulting
>lwres_gnbarequest_t</SPAN
>
is made available through
-<TT
+<VAR
CLASS="VARNAME"
->*structp</TT
+>*structp</VAR
>.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbaresponse_parse()</TT
+>lwres_gnbaresponse_parse()</CODE
>
offers the same semantics as
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbarequest_parse()</TT
+>lwres_gnbarequest_parse()</CODE
>
except it yields a
<SPAN
>
structure.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_gnbaresponse_free()</TT
+>lwres_gnbaresponse_free()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbarequest_free()</TT
+>lwres_gnbarequest_free()</CODE
>
release the memory in resolver context
-<TT
+<VAR
CLASS="VARNAME"
->ctx</TT
+>ctx</VAR
>
that was allocated to the
<SPAN
>lwres_gnbarequest_t</SPAN
>
structures referenced via
-<TT
+<VAR
CLASS="VARNAME"
->structp</TT
+>structp</VAR
>.
Any memory associated with ancillary buffers and strings for those
structures is also discarded.</P
>RETURN VALUES</H2
><P
>The getnamebyaddr opcode functions
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbarequest_render()</TT
+>lwres_gnbarequest_render()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbaresponse_render()</TT
+>lwres_gnbaresponse_render()</CODE
>
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbarequest_parse()</TT
+>lwres_gnbarequest_parse()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbaresponse_parse()</TT
+>lwres_gnbaresponse_parse()</CODE
>
all return
<SPAN
>LWRES_R_UNEXPECTEDEND</SPAN
>
is returned if the available space in the buffer
-<TT
+<VAR
CLASS="VARNAME"
->b</TT
+>b</VAR
>
is too small to accommodate the packet header or the
<SPAN
>lwres_gnbaresponse_t</SPAN
>
structures.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbarequest_parse()</TT
+>lwres_gnbarequest_parse()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_gnbaresponse_parse()</TT
+>lwres_gnbaresponse_parse()</CODE
>
will return
<SPAN
>LWRES_R_FAILURE</SPAN
>
if
-<TT
+<CODE
CLASS="STRUCTFIELD"
-><I
->pktflags</I
-></TT
+>pktflags</CODE
>
in the packet header structure
<SPAN
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_hstrerror.html,v 1.5.2.1.4.1 2004/03/06 08:15:41 marka Exp $ -->
+<!-- $Id: lwres_hstrerror.html,v 1.5.2.1.4.2 2004/08/22 23:39:04 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_hstrerror</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_hstrerror</A
-></H1
+></A
+>lwres_hstrerror</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN13"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/netdb.h></PRE
><H2
>DESCRIPTION</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_herror()</TT
+>lwres_herror()</CODE
> prints the string
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->s</I
-></TT
+>s</VAR
> on <SPAN
CLASS="TYPE"
>stderr</SPAN
> followed by the string
-generated by <TT
+generated by <CODE
CLASS="FUNCTION"
->lwres_hstrerror()</TT
+>lwres_hstrerror()</CODE
> for the error code
-stored in the global variable <TT
+stored in the global variable <CODE
CLASS="CONSTANT"
->lwres_h_errno</TT
+>lwres_h_errno</CODE
>.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_hstrerror()</TT
+>lwres_hstrerror()</CODE
> returns an appropriate string
-for the error code gievn by <TT
+for the error code gievn by <VAR
CLASS="PARAMETER"
-><I
->err</I
-></TT
+>err</VAR
>. The values of
the error codes and messages are as follows:
CLASS="ERRORNAME"
>Unknown resolver error</SPAN
> is returned by
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_hstrerror()</TT
+>lwres_hstrerror()</CODE
>
when the value of
-<TT
+<CODE
CLASS="CONSTANT"
->lwres_h_errno</TT
+>lwres_h_errno</CODE
>
is not a valid error code.</P
></DIV
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_inetntop.html,v 1.5.2.1.4.1 2004/03/06 08:15:41 marka Exp $ -->
+<!-- $Id: lwres_inetntop.html,v 1.5.2.1.4.2 2004/08/22 23:39:05 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_inetntop</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_inetntop</A
-></H1
+></A
+>lwres_inetntop</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN12"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/net.h></PRE
><H2
>DESCRIPTION</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_net_ntop()</TT
+>lwres_net_ntop()</CODE
> converts an IP address of
-protocol family <TT
+protocol family <VAR
CLASS="PARAMETER"
-><I
->af</I
-></TT
+>af</VAR
> — IPv4 or IPv6 —
-at location <TT
+at location <VAR
CLASS="PARAMETER"
-><I
->src</I
-></TT
+>src</VAR
> from network format to its
conventional representation as a string. For IPv4 addresses, that
string would be a dotted-decimal. An IPv6 address would be
represented in colon notation as described in RFC1884.</P
><P
->The generated string is copied to <TT
+>The generated string is copied to <VAR
CLASS="PARAMETER"
-><I
->dst</I
-></TT
+>dst</VAR
> provided
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->size</I
-></TT
+>size</VAR
> indicates it is long enough to store the
ASCII representation of the address.</P
></DIV
><H2
>RETURN VALUES</H2
><P
->If successful, the function returns <TT
+>If successful, the function returns <VAR
CLASS="PARAMETER"
-><I
->dst</I
-></TT
+>dst</VAR
>:
a pointer to a string containing the presentation format of the
-address. <TT
+address. <CODE
CLASS="FUNCTION"
->lwres_net_ntop()</TT
+>lwres_net_ntop()</CODE
> returns
<SPAN
CLASS="TYPE"
>NULL</SPAN
> and sets the global variable
-<TT
+<CODE
CLASS="CONSTANT"
->errno</TT
+>errno</CODE
> to <SPAN
CLASS="ERRORCODE"
>EAFNOSUPPORT</SPAN
> if
-the protocol family given in <TT
+the protocol family given in <VAR
CLASS="PARAMETER"
-><I
->af</I
-></TT
+>af</VAR
> is not
supported.</P
></DIV
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_noop.html,v 1.7.2.1.4.1 2004/03/06 08:15:41 marka Exp $ -->
+<!-- $Id: lwres_noop.html,v 1.7.2.1.4.2 2004/08/22 23:39:05 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_noop</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_noop</A
-></H1
+></A
+>lwres_noop</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN17"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwres.h></PRE
This is because the no-op opcode simply echos whatever data was sent:
the response is therefore identical to the request.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_nooprequest_render()</TT
+>lwres_nooprequest_render()</CODE
> uses resolver
-context <TT
+context <VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
> to convert no-op request structure
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->req</I
-></TT
+>req</VAR
> to canonical format. The packet header
-structure <TT
+structure <VAR
CLASS="PARAMETER"
-><I
->pkt</I
-></TT
+>pkt</VAR
> is initialised and transferred to
-buffer <TT
+buffer <VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>. The contents of
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*req</I
-></TT
+>*req</VAR
> are then appended to the buffer in
-canonical format. <TT
+canonical format. <CODE
CLASS="FUNCTION"
->lwres_noopresponse_render()</TT
+>lwres_noopresponse_render()</CODE
>
performs the same task, except it converts a no-op response structure
<SPAN
> to the lightweight resolver's
canonical format.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_nooprequest_parse()</TT
+>lwres_nooprequest_parse()</CODE
> uses context
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
> to convert the contents of packet
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->pkt</I
-></TT
+>pkt</VAR
> to a <SPAN
CLASS="TYPE"
>lwres_nooprequest_t</SPAN
>
-structure. Buffer <TT
+structure. Buffer <VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
> provides space to be used
for storing this structure. When the function succeeds, the resulting
<SPAN
CLASS="TYPE"
>lwres_nooprequest_t</SPAN
> is made available through
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*structp</I
-></TT
+>*structp</VAR
>.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_noopresponse_parse()</TT
+>lwres_noopresponse_parse()</CODE
> offers the same
-semantics as <TT
+semantics as <CODE
CLASS="FUNCTION"
->lwres_nooprequest_parse()</TT
+>lwres_nooprequest_parse()</CODE
> except it
yields a <SPAN
CLASS="TYPE"
>lwres_noopresponse_t</SPAN
> structure.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_noopresponse_free()</TT
+>lwres_noopresponse_free()</CODE
> and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_nooprequest_free()</TT
+>lwres_nooprequest_free()</CODE
> release the memory in
-resolver context <TT
+resolver context <VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
> that was allocated to the
<SPAN
CLASS="TYPE"
CLASS="TYPE"
>lwres_nooprequest_t</SPAN
>
-structures referenced via <TT
+structures referenced via <VAR
CLASS="PARAMETER"
-><I
->structp</I
-></TT
+>structp</VAR
>.</P
></DIV
><DIV
>RETURN VALUES</H2
><P
>The no-op opcode functions
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_nooprequest_render()</TT
+>lwres_nooprequest_render()</CODE
>,
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_noopresponse_render()</TT
+>lwres_noopresponse_render()</CODE
>
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_nooprequest_parse()</TT
+>lwres_nooprequest_parse()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_noopresponse_parse()</TT
+>lwres_noopresponse_parse()</CODE
>
all return
<SPAN
>LWRES_R_UNEXPECTEDEND</SPAN
>
is returned if the available space in the buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>
is too small to accommodate the packet header or the
<SPAN
>lwres_noopresponse_t</SPAN
>
structures.
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_nooprequest_parse()</TT
+>lwres_nooprequest_parse()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_noopresponse_parse()</TT
+>lwres_noopresponse_parse()</CODE
>
will return
<SPAN
>LWRES_R_FAILURE</SPAN
>
if
-<TT
+<CODE
CLASS="CONSTANT"
->pktflags</TT
+>pktflags</CODE
>
in the packet header structure
<SPAN
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_packet.html,v 1.8.2.1.4.1 2004/03/06 08:15:42 marka Exp $ -->
+<!-- $Id: lwres_packet.html,v 1.8.2.1.4.2 2004/08/22 23:39:05 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_packet</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_packet</A
-></H1
+></A
+>lwres_packet</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN13"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwpacket.h></PRE
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->length</TT
+>length</CODE
></DT
><DD
><P
calls.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->version</TT
+>version</CODE
></DT
><DD
><P
calls.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->pktflags</TT
+>pktflags</CODE
></DT
><DD
><P
lwres_gabn_*() and lwres_gnba_*() calls.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->serial</TT
+>serial</CODE
></DT
><DD
><P
This field must be set by the application.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->opcode</TT
+>opcode</CODE
></DT
><DD
><P
calls.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->result</TT
+>result</CODE
></DT
><DD
><P
calls.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->recvlength</TT
+>recvlength</CODE
></DT
><DD
><P
This field is supplied by the application.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->authtype</TT
+>authtype</CODE
></DT
><DD
><P
Currently these are not used and must be zero.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->authlen</TT
+>authlen</CODE
></DT
><DD
><P
CLASS="VARIABLELIST"
><DL
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->NOOP</TT
+>NOOP</CODE
></DT
><DD
><P
The lwres_noop_*() functions should be used for this type.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->GETADDRSBYNAME</TT
+>GETADDRSBYNAME</CODE
></DT
><DD
><P
The lwres_gabn_*() functions should be used for this type.</P
></DD
><DT
-><TT
+><CODE
CLASS="CONSTANT"
->GETNAMEBYADDR</TT
+>GETNAMEBYADDR</CODE
></DT
><DD
><P
></DIV
></P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_lwpacket_renderheader()</TT
+>lwres_lwpacket_renderheader()</CODE
> transfers the
contents of lightweight resolver packet structure
<SPAN
CLASS="TYPE"
>lwres_lwpacket_t</SPAN
-> <TT
+> <VAR
CLASS="PARAMETER"
-><I
->*pkt</I
-></TT
+>*pkt</VAR
> in network
byte order to the lightweight resolver buffer,
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
>.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_lwpacket_parseheader()</TT
+>lwres_lwpacket_parseheader()</CODE
> performs the
converse operation. It transfers data in network byte order from
-buffer <TT
+buffer <VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
> to resolver packet
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->*pkt</I
-></TT
+>*pkt</VAR
>. The contents of the buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
> should correspond to a
<SPAN
CLASS="TYPE"
>RETURN VALUES</H2
><P
> Successful calls to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_lwpacket_renderheader()</TT
+>lwres_lwpacket_renderheader()</CODE
> and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_lwpacket_parseheader()</TT
+>lwres_lwpacket_parseheader()</CODE
> return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>. If there is insufficient
-space to copy data between the buffer <TT
+space to copy data between the buffer <VAR
CLASS="PARAMETER"
-><I
->*b</I
-></TT
+>*b</VAR
> and
-lightweight resolver packet <TT
+lightweight resolver packet <VAR
CLASS="PARAMETER"
-><I
->*pkt</I
-></TT
+>*pkt</VAR
> both functions
return <SPAN
CLASS="ERRORCODE"
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_resutil.html,v 1.8.2.1.4.1 2004/03/06 08:15:42 marka Exp $ -->
+<!-- $Id: lwres_resutil.html,v 1.8.2.1.4.2 2004/08/22 23:39:05 marka Exp $ -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>lwres_resutil</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.73
-"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
><H1
><A
NAME="AEN1"
->lwres_resutil</A
-></H1
+></A
+>lwres_resutil</H1
><DIV
CLASS="REFNAMEDIV"
><A
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
+><P
+></P
><A
NAME="AEN15"
></A
-><P
-></P
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include <lwres/lwres.h></PRE
><H2
>DESCRIPTION</H2
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_string_parse()</TT
+>lwres_string_parse()</CODE
> retrieves a DNS-encoded
string starting the current pointer of lightweight resolver buffer
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
->: i.e. <TT
+>b</VAR
+>: i.e. <CODE
CLASS="CONSTANT"
->b->current</TT
+>b->current</CODE
>.
When the function returns, the address of the first byte of the
-encoded string is returned via <TT
+encoded string is returned via <VAR
CLASS="PARAMETER"
-><I
->*c</I
-></TT
+>*c</VAR
> and the
-length of that string is given by <TT
+length of that string is given by <VAR
CLASS="PARAMETER"
-><I
->*len</I
-></TT
+>*len</VAR
>. The
buffer's current pointer is advanced to point at the character
following the string length, the encoded string, and the trailing
>NULL</SPAN
> character.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_addr_parse()</TT
+>lwres_addr_parse()</CODE
> extracts an address from the
-buffer <TT
+buffer <VAR
CLASS="PARAMETER"
-><I
->b</I
-></TT
+>b</VAR
>. The buffer's current pointer
-<TT
+<CODE
CLASS="CONSTANT"
->b->current</TT
+>b->current</CODE
> is presumed to point at an encoded
address: the address preceded by a 32-bit protocol family identifier
and a 16-bit length field. The encoded address is copied to
-<TT
+<CODE
CLASS="CONSTANT"
->addr->address</TT
+>addr->address</CODE
> and
-<TT
+<CODE
CLASS="CONSTANT"
->addr->length</TT
+>addr->length</CODE
> indicates the size in bytes of
-the address that was copied. <TT
+the address that was copied. <CODE
CLASS="CONSTANT"
->b->current</TT
+>b->current</CODE
> is
advanced to point at the next byte of available data in the buffer
following the encoded address.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getaddrsbyname()</TT
+>lwres_getaddrsbyname()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getnamebyaddr()</TT
+>lwres_getnamebyaddr()</CODE
>
use the
<SPAN
functions.</P
><P
>The lightweight resolver uses
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrsbyname()</TT
+>lwres_getaddrsbyname()</CODE
> to perform foward lookups.
-Hostname <TT
+Hostname <VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
> is looked up using the resolver
-context <TT
+context <VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
> for memory allocation.
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->addrtypes</I
-></TT
+>addrtypes</VAR
> is a bitmask indicating which type of
addresses are to be looked up. Current values for this bitmask are
<SPAN
CLASS="TYPE"
>LWRES_ADDRTYPE_V6</SPAN
> for IPv6 addresses. Results of the
-lookup are returned in <TT
+lookup are returned in <VAR
CLASS="PARAMETER"
-><I
->*structp</I
-></TT
+>*structp</VAR
>.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getnamebyaddr()</TT
+>lwres_getnamebyaddr()</CODE
> performs reverse lookups.
-Resolver context <TT
+Resolver context <VAR
CLASS="PARAMETER"
-><I
->ctx</I
-></TT
+>ctx</VAR
> is used for memory
allocation. The address type is indicated by
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->addrtype</I
-></TT
+>addrtype</VAR
>: <SPAN
CLASS="TYPE"
>LWRES_ADDRTYPE_V4</SPAN
CLASS="TYPE"
>LWRES_ADDRTYPE_V6</SPAN
>. The address to be looked up is given
-by <TT
+by <VAR
CLASS="PARAMETER"
-><I
->addr</I
-></TT
+>addr</VAR
> and its length is
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->addrlen</I
-></TT
+>addrlen</VAR
> bytes. The result of the function call
-is made available through <TT
+is made available through <VAR
CLASS="PARAMETER"
-><I
->*structp</I
-></TT
+>*structp</VAR
>.</P
></DIV
><DIV
>RETURN VALUES</H2
><P
>Successful calls to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_string_parse()</TT
+>lwres_string_parse()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_addr_parse()</TT
+>lwres_addr_parse()</CODE
>
return
<SPAN
if the buffer has less space than expected for the components of the
encoded string or address.</P
><P
-><TT
+><CODE
CLASS="FUNCTION"
->lwres_getaddrsbyname()</TT
+>lwres_getaddrsbyname()</CODE
>
returns
<SPAN
>LWRES_R_NOTFOUND</SPAN
>
if the hostname
-<TT
+<VAR
CLASS="PARAMETER"
-><I
->name</I
-></TT
+>name</VAR
>
could not be found.</P
><P
>LWRES_R_SUCCESS</SPAN
>
is returned by a successful call to
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getnamebyaddr()</TT
+>lwres_getnamebyaddr()</CODE
>.</P
><P
>Both
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getaddrsbyname()</TT
+>lwres_getaddrsbyname()</CODE
>
and
-<TT
+<CODE
CLASS="FUNCTION"
->lwres_getnamebyaddr()</TT
+>lwres_getnamebyaddr()</CODE
>
return
<SPAN
projects / thirdparty / bind9.git / commitdiff
