<!-- $Id: rndc.docbook,v 1.21 2007/12/14 20:39:14 marka Exp $ -->
<refentry id="man.rndc">
<refentryinfo>
- <date>June 30, 2000</date>
+ <date>June 7, 2013</date>
</refentryinfo>
<refmeta>
</varlistentry>
</variablelist>
+ </refsect1>
+ <refsect1>
+ <title>COMMANDS</title>
+ <para>
+ A list of commands supported by <command>rndc</command> can
+ be seen by running <command>rndc</command> without arguments.
+ </para>
<para>
- For the complete set of commands supported by <command>rndc</command>,
- see the BIND 9 Administrator Reference Manual or run
- <command>rndc</command> without arguments to see its help
- message.
+ Currently supported commands are:
</para>
+ <variablelist>
+ <varlistentry>
+ <term><userinput>reload</userinput></term>
+ <listitem>
+ <para>
+ Reload configuration file and zones.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>reload <replaceable>zone</replaceable> <optional><replaceable>class</replaceable> <optional><replaceable>view</replaceable></optional></optional></userinput></term>
+ <listitem>
+ <para>
+ Reload the given zone.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>refresh <replaceable>zone</replaceable> <optional><replaceable>class</replaceable> <optional><replaceable>view</replaceable></optional></optional></userinput></term>
+ <listitem>
+ <para>
+ Schedule zone maintenance for the given zone.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>retransfer <replaceable>zone</replaceable> <optional><replaceable>class</replaceable> <optional><replaceable>view</replaceable></optional></optional></userinput></term>
+ <listitem>
+ <para>
+ Retransfer the given zone from the master.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>freeze <optional><replaceable>zone</replaceable> <optional><replaceable>class</replaceable> <optional><replaceable>view</replaceable></optional></optional></optional></userinput></term>
+ <listitem>
+ <para>
+ Suspend updates to a dynamic zone. If no zone is
+ specified, then all zones are suspended. This allows
+ manual edits to be made to a zone normally updated by
+ dynamic update. It also causes changes in the
+ journal file to be synced into the master file,
+ and the journal file to be removed.
+ All dynamic update attempts will be refused while
+ the zone is frozen.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>thaw <optional><replaceable>zone</replaceable> <optional><replaceable>class</replaceable> <optional><replaceable>view</replaceable></optional></optional></optional></userinput></term>
+ <listitem>
+ <para>
+ Enable updates to a frozen dynamic zone. If no
+ zone is specified, then all frozen zones are
+ enabled. This causes the server to reload the zone
+ from disk, and re-enables dynamic updates after the
+ load has completed. After a zone is thawed,
+ dynamic updates will no longer be refused.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>notify <replaceable>zone</replaceable> <optional><replaceable>class</replaceable> <optional><replaceable>view</replaceable></optional></optional></userinput></term>
+ <listitem>
+ <para>
+ Resend NOTIFY messages for the zone.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>reconfig</userinput></term>
+ <listitem>
+ <para>
+ Reload the configuration file and load new zones,
+ but do not reload existing zone files even if they
+ have changed.
+ This is faster than a full <command>reload</command> when there
+ is a large number of zones because it avoids the need
+ to examine the
+ modification times of the zones files.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>stats</userinput></term>
+ <listitem>
+ <para>
+ Write server statistics to the statistics file.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>querylog</userinput> <optional>on|off</optional> </term>
+ <listitem>
+ <para>
+ Toggle query logging. Query logging can also be enabled
+ by explicitly directing the <command>queries</command>
+ <command>category</command> to a
+ <command>channel</command> in the
+ <command>logging</command> section of
+ <filename>named.conf</filename> or by specifying
+ <command>querylog yes;</command> in the
+ <command>options</command> section of
+ <filename>named.conf</filename>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>dumpdb <optional>-all|-cache|-zone</optional> <optional><replaceable>view ...</replaceable></optional></userinput></term>
+ <listitem>
+ <para>
+ Dump the server's caches (default) and/or zones to
+ the
+ dump file for the specified views. If no view is
+ specified, all
+ views are dumped.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>stop <optional>-p</optional></userinput></term>
+ <listitem>
+ <para>
+ Stop the server, making sure any recent changes
+ made through dynamic update or IXFR are first saved to
+ the master files of the updated zones.
+ If <option>-p</option> is specified <command>named</command>'s process id is returned.
+ This allows an external process to determine when <command>named</command>
+ had completed stopping.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>halt <optional>-p</optional></userinput></term>
+ <listitem>
+ <para>
+ Stop the server immediately. Recent changes
+ made through dynamic update or IXFR are not saved to
+ the master files, but will be rolled forward from the
+ journal files when the server is restarted.
+ If <option>-p</option> is specified <command>named</command>'s process id is returned.
+ This allows an external process to determine when <command>named</command>
+ had completed halting.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>trace</userinput></term>
+ <listitem>
+ <para>
+ Increment the servers debugging level by one.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>trace <replaceable>level</replaceable></userinput></term>
+ <listitem>
+ <para>
+ Sets the server's debugging level to an explicit
+ value.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>notrace</userinput></term>
+ <listitem>
+ <para>
+ Sets the server's debugging level to 0.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>flush</userinput></term>
+ <listitem>
+ <para>
+ Flushes the server's cache.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>flushname</userinput> <replaceable>name</replaceable> <optional><replaceable>view</replaceable></optional> </term>
+ <listitem>
+ <para>
+ Flushes the given name from the server's cache.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>status</userinput></term>
+ <listitem>
+ <para>
+ Display status of the server.
+ Note that the number of zones includes the internal <command>bind/CH</command> zone
+ and the default <command>./IN</command>
+ hint zone if there is not an
+ explicit root zone configured.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>recursing</userinput></term>
+ <listitem>
+ <para>
+ Dump the list of queries <command>named</command> is currently recursing
+ on.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>validation ( on | off | check ) <optional><replaceable>view ...</replaceable></optional> </userinput></term>
+ <listitem>
+ <para>
+ Enable, disable, or check the current status of
+ DNSSEC validation.
+ Note <command>dnssec-enable</command> also needs to be
+ set to <userinput>yes</userinput> or
+ <userinput>auto</userinput> to be effective.
+ It defaults to enabled.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>tsig-list</userinput></term>
+ <listitem>
+ <para>
+ List the names of all TSIG keys currently configured
+ for use by <command>named</command> in each view. The
+ list both statically configured keys and dynamic
+ TKEY-negotiated keys.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><userinput>tsig-delete</userinput> <replaceable>keyname</replaceable> <optional><replaceable>view</replaceable></optional></term>
+ <listitem>
+ <para>
+ Delete a given TKEY-negotiated key from the server.
+ (This does not apply to statically configured TSIG
+ keys.)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
</refsect1>
<refsect1>
<title>LIMITATIONS</title>
- <para><command>rndc</command>
- does not yet support all the commands of
- the BIND 8 <command>ndc</command> utility.
- </para>
<para>
There is currently no way to provide the shared secret for a
<option>key_id</option> without using the configuration file.
<arg choice="plain"><replaceable>command</replaceable></arg>
<arg rep="repeat"><replaceable>command</replaceable></arg>
</cmdsynopsis>
- <para>The <command>command</command>
- is one of the following:
- </para>
-
- <variablelist>
-
- <varlistentry>
- <term><userinput>reload</userinput></term>
- <listitem>
- <para>
- Reload configuration file and zones.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>reload <replaceable>zone</replaceable>
- <optional><replaceable>class</replaceable>
- <optional><replaceable>view</replaceable></optional></optional></userinput></term>
- <listitem>
- <para>
- Reload the given zone.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>refresh <replaceable>zone</replaceable>
- <optional><replaceable>class</replaceable>
- <optional><replaceable>view</replaceable></optional></optional></userinput></term>
- <listitem>
- <para>
- Schedule zone maintenance for the given zone.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>retransfer <replaceable>zone</replaceable>
-
- <optional><replaceable>class</replaceable>
- <optional><replaceable>view</replaceable></optional></optional></userinput></term>
- <listitem>
- <para>
- Retransfer the given zone from the master.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
-
- <term><userinput>freeze
- <optional><replaceable>zone</replaceable>
- <optional><replaceable>class</replaceable>
- <optional><replaceable>view</replaceable></optional></optional></optional></userinput></term>
- <listitem>
- <para>
- Suspend updates to a dynamic zone. If no zone is
- specified,
- then all zones are suspended. This allows manual
- edits to be made to a zone normally updated by dynamic
- update. It
- also causes changes in the journal file to be synced
- into the master
- and the journal file to be removed. All dynamic
- update attempts will
- be refused while the zone is frozen.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>thaw
- <optional><replaceable>zone</replaceable>
- <optional><replaceable>class</replaceable>
- <optional><replaceable>view</replaceable></optional></optional></optional></userinput></term>
- <listitem>
- <para>
- Enable updates to a frozen dynamic zone. If no zone
- is
- specified, then all frozen zones are enabled. This
- causes
- the server to reload the zone from disk, and
- re-enables dynamic updates
- after the load has completed. After a zone is thawed,
- dynamic updates
- will no longer be refused.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>notify <replaceable>zone</replaceable>
- <optional><replaceable>class</replaceable>
- <optional><replaceable>view</replaceable></optional></optional></userinput></term>
- <listitem>
- <para>
- Resend NOTIFY messages for the zone.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>reconfig</userinput></term>
- <listitem>
- <para>
- Reload the configuration file and load new zones,
- but do not reload existing zone files even if they
- have changed.
- This is faster than a full <command>reload</command> when there
- is a large number of zones because it avoids the need
- to examine the
- modification times of the zones files.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>stats</userinput></term>
- <listitem>
- <para>
- Write server statistics to the statistics file.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>querylog</userinput></term>
- <listitem>
- <para>
- Toggle query logging. Query logging can also be enabled
- by explicitly directing the <command>queries</command>
- <command>category</command> to a
- <command>channel</command> in the
- <command>logging</command> section of
- <filename>named.conf</filename> or by specifying
- <command>querylog yes;</command> in the
- <command>options</command> section of
- <filename>named.conf</filename>.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>dumpdb
- <optional>-all|-cache|-zone</optional>
- <optional><replaceable>view ...</replaceable></optional></userinput></term>
- <listitem>
- <para>
- Dump the server's caches (default) and/or zones to
- the
- dump file for the specified views. If no view is
- specified, all
- views are dumped.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>stop <optional>-p</optional></userinput></term>
- <listitem>
- <para>
- Stop the server, making sure any recent changes
- made through dynamic update or IXFR are first saved to
- the master files of the updated zones.
- If <option>-p</option> is specified <command>named</command>'s process id is returned.
- This allows an external process to determine when <command>named</command>
- had completed stopping.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>halt <optional>-p</optional></userinput></term>
- <listitem>
- <para>
- Stop the server immediately. Recent changes
- made through dynamic update or IXFR are not saved to
- the master files, but will be rolled forward from the
- journal files when the server is restarted.
- If <option>-p</option> is specified <command>named</command>'s process id is returned.
- This allows an external process to determine when <command>named</command>
- had completed halting.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>trace</userinput></term>
- <listitem>
- <para>
- Increment the servers debugging level by one.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>trace <replaceable>level</replaceable></userinput></term>
- <listitem>
- <para>
- Sets the server's debugging level to an explicit
- value.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>notrace</userinput></term>
- <listitem>
- <para>
- Sets the server's debugging level to 0.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>flush</userinput></term>
- <listitem>
- <para>
- Flushes the server's cache.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>flushname</userinput> <replaceable>name</replaceable></term>
- <listitem>
- <para>
- Flushes the given name from the server's cache.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>status</userinput></term>
- <listitem>
- <para>
- Display status of the server.
- Note that the number of zones includes the internal <command>bind/CH</command> zone
- and the default <command>./IN</command>
- hint zone if there is not an
- explicit root zone configured.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>tsig-list</userinput></term>
- <listitem>
- <para>
- List the names of all TSIG keys currently configured
- for use by <command>named</command> in each view. The
- list both statically configured keys and dynamic
- TKEY-negotiated keys.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>tsig-delete</userinput>
- <replaceable>keyname</replaceable>
- <optional><replaceable>view</replaceable></optional></term>
- <listitem>
- <para>
- Delete a given TKEY-negotated key from the server.
- (This does not apply to statically configured TSIG
- keys.)
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><userinput>recursing</userinput></term>
- <listitem>
- <para>
- Dump the list of queries <command>named</command> is currently recursing
- on.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><userinput>validation
- <optional>on|off</optional>
- <optional><replaceable>view ...</replaceable></optional>
- </userinput></term>
- <listitem>
- <para>
- Enable or disable DNSSEC validation.
- Note <command>dnssec-enable</command> also needs to be
- set to <userinput>yes</userinput> to be effective.
- It defaults to enabled.
- </para>
- </listitem>
- </varlistentry>
-
- </variablelist>
+ <para>See <xref linkend="man.rndc"/> for details of
+ the available <command>rndc</command> commands.
+ </para>
<para>
- A configuration file is required, since all
+ <command>rndc</command> requires a configuration file,
+ since all
communication with the server is authenticated with
digital signatures that rely on a shared secret, and
there is no way to provide that secret other than with a
projects / thirdparty / bind9.git / commitdiff
