-.\"
.\" Copyright (C) 2000 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this document for any
+.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwresd.8,v 1.4 2000/07/17 17:49:25 gson Exp $
+.\" $Id: lwresd.8,v 1.4.2.1 2000/08/22 01:10:06 gson Exp $
.\"
.Dd Jun 30, 2000
.Dt LWRESD 8
is the daemon providing name lookup services to clients that use
the BIND 9 lightweight resolver library.
It is essentially a stripped-down, caching-only name server that
-answers queries using the BIND 9 lightweight resolver protocol
+answers queries using the BIND 9 lightweight resolver protocol
rather than the DNS protocol.
.Pp
.Nm lwresd
-listens for resolver queries on a UDP port on the IPv4 loopback
+listens for resolver queries on a UDP port on the IPv4 loopback
interface, 127.0.0.1.
This means that
.Nm lwresd
.Sy nameserver
entries are present, or if forwarding fails,
.Nm lwresd
-resolves the queries autonomously starting at the
-root name servers, using a compiled-in list of root
+resolves the queries autonomously starting at the
+root name servers, using a compiled-in list of root
servers hints.
.Pp
The options to
.Ar pid-file
instead of the default pathname.
.It Fl n
-create
+create
.Ar #cpus
worker threads to take advantage of multiple CPUs.
If no option is given,
-.\" Copyright (C) @YEARS@ Internet Software Consortium.
-.\"
+.\" Copyright (C) 2000 Internet Software Consortium.
+.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
-.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
-.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
-.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
-.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
-.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
-.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
-.\" SOFTWARE.
-.\"
-.\" $Id: rndc.8,v 1.6 2000/07/12 16:48:19 gson Exp $
-.\"
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" $Id: rndc.8,v 1.6.2.1 2000/08/22 01:10:07 gson Exp $
+.\"
.Dd Jun 30, 2000
.Dt RDNC 8
.Os BIND9 9
.Op Fl s Ar server
.Op Fl v
.Op Fl y Ar key_id
-.Ar command ....
+.Ar command ....
.Sh DESCRIPTION
This command allows the system administrator to control the operation
of a name server.
options and their arguments.
.Pp
.Nm rndc
-communicates with the name server over a TCP connection,
-sending commands authenticated with digital signatures.
+communicates with the name server over a TCP connection,
+sending commands authenticated with digital signatures.
In the current versions of
.Nm rndc
-and
+and
.Xr named 8
the only supported encryption algorithm is HMAC-MD5, which uses a
shared secret on each end of the connection.
This provides TSIG-style authentication for the command request
-and the name server's response.
+and the name server's response.
All commands sent over the channel
must be signed by a key_id known to the server.
.Pp
.Nm rndc
send commands to TCP port number
.Ar port#
-on the system running the name server instead of BIND 9's
+on the system running the name server instead of BIND 9's
default control channel port of 953.
.Pp
The
.Fl y
option is provided,
.Nm rndc
-will first look for a
+will first look for a
.Dv key
clause in the
.Dv server{}
.Xr ndc
utility.
.Pp
-There is currently no way to provide the shared secret for a key_id
+There is currently no way to provide the shared secret for a key_id
without using the configuration file.
.Pp
Several error messages could be clearer.
-.\" Copyright (C) @YEARS@ Internet Software Consortium.
-.\"
+.\" Copyright (C) 2000 Internet Software Consortium.
+.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
-.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
-.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
-.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
-.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
-.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
-.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
-.\" SOFTWARE.
-.\"
-.\" $Id: rndc.conf.5,v 1.4 2000/07/12 17:37:57 gson Exp $
-.\"
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" $Id: rndc.conf.5,v 1.4.2.1 2000/08/22 01:10:08 gson Exp $
+.\"
.Dd Jun 30, 2000
.Dt RDNC.CONF 5
.Os BIND9 9
.Nd rdnc configuration file
.Sh SYNOPSIS
.Nm rdnc.conf
-.Sh DESCRIPTION
+.Sh DESCRIPTION
The BIND9 utility for controlling the name server,
.Nm rndc ,
has its own configuration file
The
.Dv default-key
clause
-is followed by the name of a key which is identified by a
+is followed by the name of a key which is identified by a
.Dv key{}
statement.
-If no
+If no
.Fl y
option is provided on the
-.Xr rndc
+.Xr rndc
command line, and no
.Dv key
clause is found in a a matching
.Pp
After the keyword
.Dv server ,
-the
+the
.Dv server{}
statement is followed by a string which is the hostname or address for a
name server.
identifies the encryption algorithm for
.Nm rndc
to use; currently only HMAC-MD5 is supported.
-This is followed by a
+This is followed by a
.Dv secret
clause which contains the base-64 encoding of the
algorithm's encryption key.
$ dnssec-keygen -a hmac-md5 -b 128 -n user rndc
.Ed
.Pp
-The base-64 string will appear in two files,
+The base-64 string will appear in two files,
.Pa Krndc.+157.+{random}.key
-and
+and
.Pa Krndc.+157.+{random}.private .
After extracting the key to be
placed in the
projects / thirdparty / bind9.git / commitdiff
