SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from Trustix bind-utils-9.2.2-9tr.i586.rpm

RNDC

Section: (8)
Updated: June 30, 2000
Index 

NAME

rndc - name server control utility 

SYNOPSIS

rndc [ -c config-file ] [ -k key-file ] [ -s server ] [ -p port ] [ -V ] [ -y key_id ] command 

DESCRIPTION

rndc controls the operation of a nameserver. It supersedes the ndc utilitythat was provided in old BIND releases. Ifrndc is invoked with no command lineoptions or arguments, it prints a short summary of thesupported commands and the available options and theirarguments.

rndc communicates with the name serverover a TCP connection, sending commands authenticated withdigital signatures. In the current versions ofrndc and named namedthe only supported authentication algorithm is HMAC-MD5,which uses a shared secret on each end of the connection.This provides TSIG-style authentication for the commandrequest and the name server's response. All commands sentover the channel must be signed by a key_id known to theserver.

rndc reads a configuration file todetermine how to contact the name server and decide whatalgorithm and key it should use. 

OPTIONS

-c config-file
Use config-fileas the configuration file instead of the default,/etc/rndc.conf.
-k key-file
Use key-fileas the key file instead of the default,/etc/rndc.key. The key in/etc/rndc.key will be used to authenticatecommands sent to the server if the config-filedoes not exist.
-s server
server isthe name or address of the server which matches aserver statement in the configuration file forrndc. If no server is supplied on thecommand line, the host named by the default-server clausein the option statement of the configuration file will beused.
-p port
Send commands to TCP portport insteadof BIND 9's default control channel port, 953.
-V
Enable verbose logging.
-y keyid
Use the key keyidfrom the configuration file.keyid must beknown by named with the same algorithm and secret stringin order for control message validation to succeed.If no keyidis specified, rndc will first lookfor a key clause in the server statement of the serverbeing used, or if no server statement is present for thathost, then the default-key clause of the options statement.Note that the configuration file contains shared secretswhich are used to send authenticated control commandsto name servers. It should therefore not have general reador write access.

For the complete set of commands supported by rndc,see the BIND 9 Administrator Reference Manual or runrndc without arguments to see its help message.

 

LIMITATIONS

rndc does not yet support all the commands ofthe BIND 8 ndc utility.

There is currently no way to provide the shared secret for akey_id without using the configuration file.

Several error messages could be clearer. 

SEE ALSO

rndc.conf(5),named(8),named.conf(5)ndc(8),BIND 9 Administrator Reference Manual. 

AUTHOR

Internet Software Consortium

 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
LIMITATIONS
SEE ALSO
AUTHOR
This document was created byman2html,using the manual pages.