Remove building with NOCRYPTO option
[minix.git] / external / bsd / bind / dist / bin / check / named-checkzone.html
bloba514e17b8c74ce6c400975299e6fd01d686a649c
1 <!--
2 - Copyright (C) 2004-2007, 2009-2014 Internet Systems Consortium, Inc. ("ISC")
3 - Copyright (C) 2000-2002 Internet Software Consortium.
4 -
5 - Permission to use, copy, modify, and/or distribute this software for any
6 - purpose with or without fee is hereby granted, provided that the above
7 - copyright notice and this permission notice appear in all copies.
8 -
9 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 - PERFORMANCE OF THIS SOFTWARE.
16 -->
17 <!-- Id -->
18 <html>
19 <head>
20 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
21 <title>named-checkzone</title>
22 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
23 </head>
24 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
25 <a name="man.named-checkzone"></a><div class="titlepage"></div>
26 <div class="refnamediv">
27 <h2>Name</h2>
28 <p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> &#8212; zone file validity checking or converting tool</p>
29 </div>
30 <div class="refsynopsisdiv">
31 <h2>Synopsis</h2>
32 <div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-h</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-J <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-l <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-T <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
33 <div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-J <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-l <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-T <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {<code class="option">-o <em class="replaceable"><code>filename</code></em></code>} {zonename} {filename}</p></div>
34 </div>
35 <div class="refsect1" lang="en">
36 <a name="id2543784"></a><h2>DESCRIPTION</h2>
37 <p><span><strong class="command">named-checkzone</strong></span>
38 checks the syntax and integrity of a zone file. It performs the
39 same checks as <span><strong class="command">named</strong></span> does when loading a
40 zone. This makes <span><strong class="command">named-checkzone</strong></span> useful for
41 checking zone files before configuring them into a name server.
42 </p>
43 <p>
44 <span><strong class="command">named-compilezone</strong></span> is similar to
45 <span><strong class="command">named-checkzone</strong></span>, but it always dumps the
46 zone contents to a specified file in a specified format.
47 Additionally, it applies stricter check levels by default,
48 since the dump output will be used as an actual zone file
49 loaded by <span><strong class="command">named</strong></span>.
50 When manually specified otherwise, the check levels must at
51 least be as strict as those specified in the
52 <span><strong class="command">named</strong></span> configuration file.
53 </p>
54 </div>
55 <div class="refsect1" lang="en">
56 <a name="id2543819"></a><h2>OPTIONS</h2>
57 <div class="variablelist"><dl>
58 <dt><span class="term">-d</span></dt>
59 <dd><p>
60 Enable debugging.
61 </p></dd>
62 <dt><span class="term">-h</span></dt>
63 <dd><p>
64 Print the usage summary and exit.
65 </p></dd>
66 <dt><span class="term">-q</span></dt>
67 <dd><p>
68 Quiet mode - exit code only.
69 </p></dd>
70 <dt><span class="term">-v</span></dt>
71 <dd><p>
72 Print the version of the <span><strong class="command">named-checkzone</strong></span>
73 program and exit.
74 </p></dd>
75 <dt><span class="term">-j</span></dt>
76 <dd><p>
77 When loading a zone file, read the journal if it exists.
78 The journal file name is assumed to be the zone file name
79 appended with the string <code class="filename">.jnl</code>.
80 </p></dd>
81 <dt><span class="term">-J <em class="replaceable"><code>filename</code></em></span></dt>
82 <dd><p>
83 When loading the zone file read the journal from the given
84 file, if it exists. (Implies -j.)
85 </p></dd>
86 <dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
87 <dd><p>
88 Specify the class of the zone. If not specified, "IN" is assumed.
89 </p></dd>
90 <dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt>
91 <dd>
92 <p>
93 Perform post-load zone integrity checks. Possible modes are
94 <span><strong class="command">"full"</strong></span> (default),
95 <span><strong class="command">"full-sibling"</strong></span>,
96 <span><strong class="command">"local"</strong></span>,
97 <span><strong class="command">"local-sibling"</strong></span> and
98 <span><strong class="command">"none"</strong></span>.
99 </p>
101 Mode <span><strong class="command">"full"</strong></span> checks that MX records
102 refer to A or AAAA record (both in-zone and out-of-zone
103 hostnames). Mode <span><strong class="command">"local"</strong></span> only
104 checks MX records which refer to in-zone hostnames.
105 </p>
107 Mode <span><strong class="command">"full"</strong></span> checks that SRV records
108 refer to A or AAAA record (both in-zone and out-of-zone
109 hostnames). Mode <span><strong class="command">"local"</strong></span> only
110 checks SRV records which refer to in-zone hostnames.
111 </p>
113 Mode <span><strong class="command">"full"</strong></span> checks that delegation NS
114 records refer to A or AAAA record (both in-zone and out-of-zone
115 hostnames). It also checks that glue address records
116 in the zone match those advertised by the child.
117 Mode <span><strong class="command">"local"</strong></span> only checks NS records which
118 refer to in-zone hostnames or that some required glue exists,
119 that is when the nameserver is in a child zone.
120 </p>
122 Mode <span><strong class="command">"full-sibling"</strong></span> and
123 <span><strong class="command">"local-sibling"</strong></span> disable sibling glue
124 checks but are otherwise the same as <span><strong class="command">"full"</strong></span>
125 and <span><strong class="command">"local"</strong></span> respectively.
126 </p>
128 Mode <span><strong class="command">"none"</strong></span> disables the checks.
129 </p>
130 </dd>
131 <dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt>
132 <dd><p>
133 Specify the format of the zone file.
134 Possible formats are <span><strong class="command">"text"</strong></span> (default),
135 <span><strong class="command">"raw"</strong></span>, and <span><strong class="command">"map"</strong></span>.
136 </p></dd>
137 <dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt>
138 <dd>
140 Specify the format of the output file specified.
141 For <span><strong class="command">named-checkzone</strong></span>,
142 this does not cause any effects unless it dumps the zone
143 contents.
144 </p>
146 Possible formats are <span><strong class="command">"text"</strong></span> (default),
147 which is the standard textual representation of the zone,
148 and <span><strong class="command">"map"</strong></span>, <span><strong class="command">"raw"</strong></span>,
149 and <span><strong class="command">"raw=N"</strong></span>, which store the zone in a
150 binary format for rapid loading by <span><strong class="command">named</strong></span>.
151 <span><strong class="command">"raw=N"</strong></span> specifies the format version of
152 the raw zone file: if N is 0, the raw file can be read by
153 any version of <span><strong class="command">named</strong></span>; if N is 1, the file
154 can be read by release 9.9.0 or higher; the default is 1.
155 </p>
156 </dd>
157 <dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt>
158 <dd><p>
159 Perform <span><strong class="command">"check-names"</strong></span> checks with the
160 specified failure mode.
161 Possible modes are <span><strong class="command">"fail"</strong></span>
162 (default for <span><strong class="command">named-compilezone</strong></span>),
163 <span><strong class="command">"warn"</strong></span>
164 (default for <span><strong class="command">named-checkzone</strong></span>) and
165 <span><strong class="command">"ignore"</strong></span>.
166 </p></dd>
167 <dt><span class="term">-l <em class="replaceable"><code>ttl</code></em></span></dt>
168 <dd><p>
169 Sets a maximum permissible TTL for the input file.
170 Any record with a TTL higher than this value will cause
171 the zone to be rejected. This is similar to using the
172 <span><strong class="command">max-zone-ttl</strong></span> option in
173 <code class="filename">named.conf</code>.
174 </p></dd>
175 <dt><span class="term">-L <em class="replaceable"><code>serial</code></em></span></dt>
176 <dd><p>
177 When compiling a zone to "raw" or "map" format, set the
178 "source serial" value in the header to the specified serial
179 number. (This is expected to be used primarily for testing
180 purposes.)
181 </p></dd>
182 <dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt>
183 <dd><p>
184 Specify whether MX records should be checked to see if they
185 are addresses. Possible modes are <span><strong class="command">"fail"</strong></span>,
186 <span><strong class="command">"warn"</strong></span> (default) and
187 <span><strong class="command">"ignore"</strong></span>.
188 </p></dd>
189 <dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt>
190 <dd><p>
191 Check if a MX record refers to a CNAME.
192 Possible modes are <span><strong class="command">"fail"</strong></span>,
193 <span><strong class="command">"warn"</strong></span> (default) and
194 <span><strong class="command">"ignore"</strong></span>.
195 </p></dd>
196 <dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt>
197 <dd><p>
198 Specify whether NS records should be checked to see if they
199 are addresses.
200 Possible modes are <span><strong class="command">"fail"</strong></span>
201 (default for <span><strong class="command">named-compilezone</strong></span>),
202 <span><strong class="command">"warn"</strong></span>
203 (default for <span><strong class="command">named-checkzone</strong></span>) and
204 <span><strong class="command">"ignore"</strong></span>.
205 </p></dd>
206 <dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt>
207 <dd><p>
208 Write zone output to <code class="filename">filename</code>.
209 If <code class="filename">filename</code> is <code class="filename">-</code> then
210 write to standard out.
211 This is mandatory for <span><strong class="command">named-compilezone</strong></span>.
212 </p></dd>
213 <dt><span class="term">-r <em class="replaceable"><code>mode</code></em></span></dt>
214 <dd><p>
215 Check for records that are treated as different by DNSSEC but
216 are semantically equal in plain DNS.
217 Possible modes are <span><strong class="command">"fail"</strong></span>,
218 <span><strong class="command">"warn"</strong></span> (default) and
219 <span><strong class="command">"ignore"</strong></span>.
220 </p></dd>
221 <dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt>
222 <dd><p>
223 Specify the style of the dumped zone file.
224 Possible styles are <span><strong class="command">"full"</strong></span> (default)
225 and <span><strong class="command">"relative"</strong></span>.
226 The full format is most suitable for processing
227 automatically by a separate script.
228 On the other hand, the relative format is more
229 human-readable and is thus suitable for editing by hand.
230 For <span><strong class="command">named-checkzone</strong></span>
231 this does not cause any effects unless it dumps the zone
232 contents.
233 It also does not have any meaning if the output format
234 is not text.
235 </p></dd>
236 <dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt>
237 <dd><p>
238 Check if a SRV record refers to a CNAME.
239 Possible modes are <span><strong class="command">"fail"</strong></span>,
240 <span><strong class="command">"warn"</strong></span> (default) and
241 <span><strong class="command">"ignore"</strong></span>.
242 </p></dd>
243 <dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
244 <dd><p>
245 Chroot to <code class="filename">directory</code> so that
246 include
247 directives in the configuration file are processed as if
248 run by a similarly chrooted named.
249 </p></dd>
250 <dt><span class="term">-T <em class="replaceable"><code>mode</code></em></span></dt>
251 <dd><p>
252 Check if Sender Policy Framework (SPF) records exist
253 and issues a warning if an SPF-formatted TXT record is
254 not also present. Possible modes are <span><strong class="command">"warn"</strong></span>
255 (default), <span><strong class="command">"ignore"</strong></span>.
256 </p></dd>
257 <dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt>
258 <dd><p>
259 chdir to <code class="filename">directory</code> so that
260 relative
261 filenames in master file $INCLUDE directives work. This
262 is similar to the directory clause in
263 <code class="filename">named.conf</code>.
264 </p></dd>
265 <dt><span class="term">-D</span></dt>
266 <dd><p>
267 Dump zone file in canonical format.
268 This is always enabled for <span><strong class="command">named-compilezone</strong></span>.
269 </p></dd>
270 <dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt>
271 <dd><p>
272 Specify whether to check for non-terminal wildcards.
273 Non-terminal wildcards are almost always the result of a
274 failure to understand the wildcard matching algorithm (RFC 1034).
275 Possible modes are <span><strong class="command">"warn"</strong></span> (default)
277 <span><strong class="command">"ignore"</strong></span>.
278 </p></dd>
279 <dt><span class="term">zonename</span></dt>
280 <dd><p>
281 The domain name of the zone being checked.
282 </p></dd>
283 <dt><span class="term">filename</span></dt>
284 <dd><p>
285 The name of the zone file.
286 </p></dd>
287 </dl></div>
288 </div>
289 <div class="refsect1" lang="en">
290 <a name="id2544710"></a><h2>RETURN VALUES</h2>
291 <p><span><strong class="command">named-checkzone</strong></span>
292 returns an exit status of 1 if
293 errors were detected and 0 otherwise.
294 </p>
295 </div>
296 <div class="refsect1" lang="en">
297 <a name="id2544722"></a><h2>SEE ALSO</h2>
298 <p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
299 <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
300 <em class="citetitle">RFC 1035</em>,
301 <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
302 </p>
303 </div>
304 <div class="refsect1" lang="en">
305 <a name="id2544755"></a><h2>AUTHOR</h2>
306 <p><span class="corpauthor">Internet Systems Consortium</span>
307 </p>
308 </div>
309 </div></body>
310 </html>