1*00b67f09SDavid van Moolenbroek<!-- 2*00b67f09SDavid van Moolenbroek - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC") 3*00b67f09SDavid van Moolenbroek - Copyright (C) 2000-2003 Internet Software Consortium. 4*00b67f09SDavid van Moolenbroek - 5*00b67f09SDavid van Moolenbroek - Permission to use, copy, modify, and/or distribute this software for any 6*00b67f09SDavid van Moolenbroek - purpose with or without fee is hereby granted, provided that the above 7*00b67f09SDavid van Moolenbroek - copyright notice and this permission notice appear in all copies. 8*00b67f09SDavid van Moolenbroek - 9*00b67f09SDavid van Moolenbroek - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10*00b67f09SDavid van Moolenbroek - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11*00b67f09SDavid van Moolenbroek - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12*00b67f09SDavid van Moolenbroek - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13*00b67f09SDavid van Moolenbroek - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14*00b67f09SDavid van Moolenbroek - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15*00b67f09SDavid van Moolenbroek - PERFORMANCE OF THIS SOFTWARE. 16*00b67f09SDavid van Moolenbroek--> 17*00b67f09SDavid van Moolenbroek<!-- Id --> 18*00b67f09SDavid van Moolenbroek<html> 19*00b67f09SDavid van Moolenbroek<head> 20*00b67f09SDavid van Moolenbroek<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 21*00b67f09SDavid van Moolenbroek<title>Chapter�3.�Name Server Configuration</title> 22*00b67f09SDavid van Moolenbroek<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> 23*00b67f09SDavid van Moolenbroek<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> 24*00b67f09SDavid van Moolenbroek<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> 25*00b67f09SDavid van Moolenbroek<link rel="prev" href="Bv9ARM.ch02.html" title="Chapter�2.�BIND Resource Requirements"> 26*00b67f09SDavid van Moolenbroek<link rel="next" href="Bv9ARM.ch04.html" title="Chapter�4.�Advanced DNS Features"> 27*00b67f09SDavid van Moolenbroek</head> 28*00b67f09SDavid van Moolenbroek<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> 29*00b67f09SDavid van Moolenbroek<div class="navheader"> 30*00b67f09SDavid van Moolenbroek<table width="100%" summary="Navigation header"> 31*00b67f09SDavid van Moolenbroek<tr><th colspan="3" align="center">Chapter�3.�Name Server Configuration</th></tr> 32*00b67f09SDavid van Moolenbroek<tr> 33*00b67f09SDavid van Moolenbroek<td width="20%" align="left"> 34*00b67f09SDavid van Moolenbroek<a accesskey="p" href="Bv9ARM.ch02.html">Prev</a>�</td> 35*00b67f09SDavid van Moolenbroek<th width="60%" align="center">�</th> 36*00b67f09SDavid van Moolenbroek<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch04.html">Next</a> 37*00b67f09SDavid van Moolenbroek</td> 38*00b67f09SDavid van Moolenbroek</tr> 39*00b67f09SDavid van Moolenbroek</table> 40*00b67f09SDavid van Moolenbroek<hr> 41*00b67f09SDavid van Moolenbroek</div> 42*00b67f09SDavid van Moolenbroek<div class="chapter" lang="en"> 43*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h2 class="title"> 44*00b67f09SDavid van Moolenbroek<a name="Bv9ARM.ch03"></a>Chapter�3.�Name Server Configuration</h2></div></div></div> 45*00b67f09SDavid van Moolenbroek<div class="toc"> 46*00b67f09SDavid van Moolenbroek<p><b>Table of Contents</b></p> 47*00b67f09SDavid van Moolenbroek<dl> 48*00b67f09SDavid van Moolenbroek<dt><span class="sect1"><a href="Bv9ARM.ch03.html#sample_configuration">Sample Configurations</a></span></dt> 49*00b67f09SDavid van Moolenbroek<dd><dl> 50*00b67f09SDavid van Moolenbroek<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2567998">A Caching-only Name Server</a></span></dt> 51*00b67f09SDavid van Moolenbroek<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568014">An Authoritative-only Name Server</a></span></dt> 52*00b67f09SDavid van Moolenbroek</dl></dd> 53*00b67f09SDavid van Moolenbroek<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568037">Load Balancing</a></span></dt> 54*00b67f09SDavid van Moolenbroek<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568391">Name Server Operations</a></span></dt> 55*00b67f09SDavid van Moolenbroek<dd><dl> 56*00b67f09SDavid van Moolenbroek<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568396">Tools for Use With the Name Server Daemon</a></span></dt> 57*00b67f09SDavid van Moolenbroek<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2569465">Signals</a></span></dt> 58*00b67f09SDavid van Moolenbroek</dl></dd> 59*00b67f09SDavid van Moolenbroek</dl> 60*00b67f09SDavid van Moolenbroek</div> 61*00b67f09SDavid van Moolenbroek<p> 62*00b67f09SDavid van Moolenbroek In this chapter we provide some suggested configurations along 63*00b67f09SDavid van Moolenbroek with guidelines for their use. We suggest reasonable values for 64*00b67f09SDavid van Moolenbroek certain option settings. 65*00b67f09SDavid van Moolenbroek </p> 66*00b67f09SDavid van Moolenbroek<div class="sect1" lang="en"> 67*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h2 class="title" style="clear: both"> 68*00b67f09SDavid van Moolenbroek<a name="sample_configuration"></a>Sample Configurations</h2></div></div></div> 69*00b67f09SDavid van Moolenbroek<div class="sect2" lang="en"> 70*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h3 class="title"> 71*00b67f09SDavid van Moolenbroek<a name="id2567998"></a>A Caching-only Name Server</h3></div></div></div> 72*00b67f09SDavid van Moolenbroek<p> 73*00b67f09SDavid van Moolenbroek The following sample configuration is appropriate for a caching-only 74*00b67f09SDavid van Moolenbroek name server for use by clients internal to a corporation. All 75*00b67f09SDavid van Moolenbroek queries 76*00b67f09SDavid van Moolenbroek from outside clients are refused using the <span><strong class="command">allow-query</strong></span> 77*00b67f09SDavid van Moolenbroek option. Alternatively, the same effect could be achieved using 78*00b67f09SDavid van Moolenbroek suitable 79*00b67f09SDavid van Moolenbroek firewall rules. 80*00b67f09SDavid van Moolenbroek </p> 81*00b67f09SDavid van Moolenbroek<pre class="programlisting"> 82*00b67f09SDavid van Moolenbroek// Two corporate subnets we wish to allow queries from. 83*00b67f09SDavid van Moolenbroekacl corpnets { 192.168.4.0/24; 192.168.7.0/24; }; 84*00b67f09SDavid van Moolenbroekoptions { 85*00b67f09SDavid van Moolenbroek // Working directory 86*00b67f09SDavid van Moolenbroek directory "/etc/namedb"; 87*00b67f09SDavid van Moolenbroek 88*00b67f09SDavid van Moolenbroek allow-query { corpnets; }; 89*00b67f09SDavid van Moolenbroek}; 90*00b67f09SDavid van Moolenbroek// Provide a reverse mapping for the loopback 91*00b67f09SDavid van Moolenbroek// address 127.0.0.1 92*00b67f09SDavid van Moolenbroekzone "0.0.127.in-addr.arpa" { 93*00b67f09SDavid van Moolenbroek type master; 94*00b67f09SDavid van Moolenbroek file "localhost.rev"; 95*00b67f09SDavid van Moolenbroek notify no; 96*00b67f09SDavid van Moolenbroek}; 97*00b67f09SDavid van Moolenbroek</pre> 98*00b67f09SDavid van Moolenbroek</div> 99*00b67f09SDavid van Moolenbroek<div class="sect2" lang="en"> 100*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h3 class="title"> 101*00b67f09SDavid van Moolenbroek<a name="id2568014"></a>An Authoritative-only Name Server</h3></div></div></div> 102*00b67f09SDavid van Moolenbroek<p> 103*00b67f09SDavid van Moolenbroek This sample configuration is for an authoritative-only server 104*00b67f09SDavid van Moolenbroek that is the master server for "<code class="filename">example.com</code>" 105*00b67f09SDavid van Moolenbroek and a slave for the subdomain "<code class="filename">eng.example.com</code>". 106*00b67f09SDavid van Moolenbroek </p> 107*00b67f09SDavid van Moolenbroek<pre class="programlisting"> 108*00b67f09SDavid van Moolenbroekoptions { 109*00b67f09SDavid van Moolenbroek // Working directory 110*00b67f09SDavid van Moolenbroek directory "/etc/namedb"; 111*00b67f09SDavid van Moolenbroek // Do not allow access to cache 112*00b67f09SDavid van Moolenbroek allow-query-cache { none; }; 113*00b67f09SDavid van Moolenbroek // This is the default 114*00b67f09SDavid van Moolenbroek allow-query { any; }; 115*00b67f09SDavid van Moolenbroek // Do not provide recursive service 116*00b67f09SDavid van Moolenbroek recursion no; 117*00b67f09SDavid van Moolenbroek}; 118*00b67f09SDavid van Moolenbroek 119*00b67f09SDavid van Moolenbroek// Provide a reverse mapping for the loopback 120*00b67f09SDavid van Moolenbroek// address 127.0.0.1 121*00b67f09SDavid van Moolenbroekzone "0.0.127.in-addr.arpa" { 122*00b67f09SDavid van Moolenbroek type master; 123*00b67f09SDavid van Moolenbroek file "localhost.rev"; 124*00b67f09SDavid van Moolenbroek notify no; 125*00b67f09SDavid van Moolenbroek}; 126*00b67f09SDavid van Moolenbroek// We are the master server for example.com 127*00b67f09SDavid van Moolenbroekzone "example.com" { 128*00b67f09SDavid van Moolenbroek type master; 129*00b67f09SDavid van Moolenbroek file "example.com.db"; 130*00b67f09SDavid van Moolenbroek // IP addresses of slave servers allowed to 131*00b67f09SDavid van Moolenbroek // transfer example.com 132*00b67f09SDavid van Moolenbroek allow-transfer { 133*00b67f09SDavid van Moolenbroek 192.168.4.14; 134*00b67f09SDavid van Moolenbroek 192.168.5.53; 135*00b67f09SDavid van Moolenbroek }; 136*00b67f09SDavid van Moolenbroek}; 137*00b67f09SDavid van Moolenbroek// We are a slave server for eng.example.com 138*00b67f09SDavid van Moolenbroekzone "eng.example.com" { 139*00b67f09SDavid van Moolenbroek type slave; 140*00b67f09SDavid van Moolenbroek file "eng.example.com.bk"; 141*00b67f09SDavid van Moolenbroek // IP address of eng.example.com master server 142*00b67f09SDavid van Moolenbroek masters { 192.168.4.12; }; 143*00b67f09SDavid van Moolenbroek}; 144*00b67f09SDavid van Moolenbroek</pre> 145*00b67f09SDavid van Moolenbroek</div> 146*00b67f09SDavid van Moolenbroek</div> 147*00b67f09SDavid van Moolenbroek<div class="sect1" lang="en"> 148*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h2 class="title" style="clear: both"> 149*00b67f09SDavid van Moolenbroek<a name="id2568037"></a>Load Balancing</h2></div></div></div> 150*00b67f09SDavid van Moolenbroek<p> 151*00b67f09SDavid van Moolenbroek A primitive form of load balancing can be achieved in 152*00b67f09SDavid van Moolenbroek the <acronym class="acronym">DNS</acronym> by using multiple records 153*00b67f09SDavid van Moolenbroek (such as multiple A records) for one name. 154*00b67f09SDavid van Moolenbroek </p> 155*00b67f09SDavid van Moolenbroek<p> 156*00b67f09SDavid van Moolenbroek For example, if you have three WWW servers with network addresses 157*00b67f09SDavid van Moolenbroek of 10.0.0.1, 10.0.0.2 and 10.0.0.3, a set of records such as the 158*00b67f09SDavid van Moolenbroek following means that clients will connect to each machine one third 159*00b67f09SDavid van Moolenbroek of the time: 160*00b67f09SDavid van Moolenbroek </p> 161*00b67f09SDavid van Moolenbroek<div class="informaltable"><table border="1"> 162*00b67f09SDavid van Moolenbroek<colgroup> 163*00b67f09SDavid van Moolenbroek<col> 164*00b67f09SDavid van Moolenbroek<col> 165*00b67f09SDavid van Moolenbroek<col> 166*00b67f09SDavid van Moolenbroek<col> 167*00b67f09SDavid van Moolenbroek<col> 168*00b67f09SDavid van Moolenbroek</colgroup> 169*00b67f09SDavid van Moolenbroek<tbody> 170*00b67f09SDavid van Moolenbroek<tr> 171*00b67f09SDavid van Moolenbroek<td> 172*00b67f09SDavid van Moolenbroek <p> 173*00b67f09SDavid van Moolenbroek Name 174*00b67f09SDavid van Moolenbroek </p> 175*00b67f09SDavid van Moolenbroek </td> 176*00b67f09SDavid van Moolenbroek<td> 177*00b67f09SDavid van Moolenbroek <p> 178*00b67f09SDavid van Moolenbroek TTL 179*00b67f09SDavid van Moolenbroek </p> 180*00b67f09SDavid van Moolenbroek </td> 181*00b67f09SDavid van Moolenbroek<td> 182*00b67f09SDavid van Moolenbroek <p> 183*00b67f09SDavid van Moolenbroek CLASS 184*00b67f09SDavid van Moolenbroek </p> 185*00b67f09SDavid van Moolenbroek </td> 186*00b67f09SDavid van Moolenbroek<td> 187*00b67f09SDavid van Moolenbroek <p> 188*00b67f09SDavid van Moolenbroek TYPE 189*00b67f09SDavid van Moolenbroek </p> 190*00b67f09SDavid van Moolenbroek </td> 191*00b67f09SDavid van Moolenbroek<td> 192*00b67f09SDavid van Moolenbroek <p> 193*00b67f09SDavid van Moolenbroek Resource Record (RR) Data 194*00b67f09SDavid van Moolenbroek </p> 195*00b67f09SDavid van Moolenbroek </td> 196*00b67f09SDavid van Moolenbroek</tr> 197*00b67f09SDavid van Moolenbroek<tr> 198*00b67f09SDavid van Moolenbroek<td> 199*00b67f09SDavid van Moolenbroek <p> 200*00b67f09SDavid van Moolenbroek <code class="literal">www</code> 201*00b67f09SDavid van Moolenbroek </p> 202*00b67f09SDavid van Moolenbroek </td> 203*00b67f09SDavid van Moolenbroek<td> 204*00b67f09SDavid van Moolenbroek <p> 205*00b67f09SDavid van Moolenbroek <code class="literal">600</code> 206*00b67f09SDavid van Moolenbroek </p> 207*00b67f09SDavid van Moolenbroek </td> 208*00b67f09SDavid van Moolenbroek<td> 209*00b67f09SDavid van Moolenbroek <p> 210*00b67f09SDavid van Moolenbroek <code class="literal">IN</code> 211*00b67f09SDavid van Moolenbroek </p> 212*00b67f09SDavid van Moolenbroek </td> 213*00b67f09SDavid van Moolenbroek<td> 214*00b67f09SDavid van Moolenbroek <p> 215*00b67f09SDavid van Moolenbroek <code class="literal">A</code> 216*00b67f09SDavid van Moolenbroek </p> 217*00b67f09SDavid van Moolenbroek </td> 218*00b67f09SDavid van Moolenbroek<td> 219*00b67f09SDavid van Moolenbroek <p> 220*00b67f09SDavid van Moolenbroek <code class="literal">10.0.0.1</code> 221*00b67f09SDavid van Moolenbroek </p> 222*00b67f09SDavid van Moolenbroek </td> 223*00b67f09SDavid van Moolenbroek</tr> 224*00b67f09SDavid van Moolenbroek<tr> 225*00b67f09SDavid van Moolenbroek<td> 226*00b67f09SDavid van Moolenbroek <p></p> 227*00b67f09SDavid van Moolenbroek </td> 228*00b67f09SDavid van Moolenbroek<td> 229*00b67f09SDavid van Moolenbroek <p> 230*00b67f09SDavid van Moolenbroek <code class="literal">600</code> 231*00b67f09SDavid van Moolenbroek </p> 232*00b67f09SDavid van Moolenbroek </td> 233*00b67f09SDavid van Moolenbroek<td> 234*00b67f09SDavid van Moolenbroek <p> 235*00b67f09SDavid van Moolenbroek <code class="literal">IN</code> 236*00b67f09SDavid van Moolenbroek </p> 237*00b67f09SDavid van Moolenbroek </td> 238*00b67f09SDavid van Moolenbroek<td> 239*00b67f09SDavid van Moolenbroek <p> 240*00b67f09SDavid van Moolenbroek <code class="literal">A</code> 241*00b67f09SDavid van Moolenbroek </p> 242*00b67f09SDavid van Moolenbroek </td> 243*00b67f09SDavid van Moolenbroek<td> 244*00b67f09SDavid van Moolenbroek <p> 245*00b67f09SDavid van Moolenbroek <code class="literal">10.0.0.2</code> 246*00b67f09SDavid van Moolenbroek </p> 247*00b67f09SDavid van Moolenbroek </td> 248*00b67f09SDavid van Moolenbroek</tr> 249*00b67f09SDavid van Moolenbroek<tr> 250*00b67f09SDavid van Moolenbroek<td> 251*00b67f09SDavid van Moolenbroek <p></p> 252*00b67f09SDavid van Moolenbroek </td> 253*00b67f09SDavid van Moolenbroek<td> 254*00b67f09SDavid van Moolenbroek <p> 255*00b67f09SDavid van Moolenbroek <code class="literal">600</code> 256*00b67f09SDavid van Moolenbroek </p> 257*00b67f09SDavid van Moolenbroek </td> 258*00b67f09SDavid van Moolenbroek<td> 259*00b67f09SDavid van Moolenbroek <p> 260*00b67f09SDavid van Moolenbroek <code class="literal">IN</code> 261*00b67f09SDavid van Moolenbroek </p> 262*00b67f09SDavid van Moolenbroek </td> 263*00b67f09SDavid van Moolenbroek<td> 264*00b67f09SDavid van Moolenbroek <p> 265*00b67f09SDavid van Moolenbroek <code class="literal">A</code> 266*00b67f09SDavid van Moolenbroek </p> 267*00b67f09SDavid van Moolenbroek </td> 268*00b67f09SDavid van Moolenbroek<td> 269*00b67f09SDavid van Moolenbroek <p> 270*00b67f09SDavid van Moolenbroek <code class="literal">10.0.0.3</code> 271*00b67f09SDavid van Moolenbroek </p> 272*00b67f09SDavid van Moolenbroek </td> 273*00b67f09SDavid van Moolenbroek</tr> 274*00b67f09SDavid van Moolenbroek</tbody> 275*00b67f09SDavid van Moolenbroek</table></div> 276*00b67f09SDavid van Moolenbroek<p> 277*00b67f09SDavid van Moolenbroek When a resolver queries for these records, <acronym class="acronym">BIND</acronym> will rotate 278*00b67f09SDavid van Moolenbroek them and respond to the query with the records in a different 279*00b67f09SDavid van Moolenbroek order. In the example above, clients will randomly receive 280*00b67f09SDavid van Moolenbroek records in the order 1, 2, 3; 2, 3, 1; and 3, 1, 2. Most clients 281*00b67f09SDavid van Moolenbroek will use the first record returned and discard the rest. 282*00b67f09SDavid van Moolenbroek </p> 283*00b67f09SDavid van Moolenbroek<p> 284*00b67f09SDavid van Moolenbroek For more detail on ordering responses, check the 285*00b67f09SDavid van Moolenbroek <span><strong class="command">rrset-order</strong></span> sub-statement in the 286*00b67f09SDavid van Moolenbroek <span><strong class="command">options</strong></span> statement, see 287*00b67f09SDavid van Moolenbroek <a href="Bv9ARM.ch06.html#rrset_ordering">RRset Ordering</a>. 288*00b67f09SDavid van Moolenbroek </p> 289*00b67f09SDavid van Moolenbroek</div> 290*00b67f09SDavid van Moolenbroek<div class="sect1" lang="en"> 291*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h2 class="title" style="clear: both"> 292*00b67f09SDavid van Moolenbroek<a name="id2568391"></a>Name Server Operations</h2></div></div></div> 293*00b67f09SDavid van Moolenbroek<div class="sect2" lang="en"> 294*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h3 class="title"> 295*00b67f09SDavid van Moolenbroek<a name="id2568396"></a>Tools for Use With the Name Server Daemon</h3></div></div></div> 296*00b67f09SDavid van Moolenbroek<p> 297*00b67f09SDavid van Moolenbroek This section describes several indispensable diagnostic, 298*00b67f09SDavid van Moolenbroek administrative and monitoring tools available to the system 299*00b67f09SDavid van Moolenbroek administrator for controlling and debugging the name server 300*00b67f09SDavid van Moolenbroek daemon. 301*00b67f09SDavid van Moolenbroek </p> 302*00b67f09SDavid van Moolenbroek<div class="sect3" lang="en"> 303*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h4 class="title"> 304*00b67f09SDavid van Moolenbroek<a name="diagnostic_tools"></a>Diagnostic Tools</h4></div></div></div> 305*00b67f09SDavid van Moolenbroek<p> 306*00b67f09SDavid van Moolenbroek The <span><strong class="command">dig</strong></span>, <span><strong class="command">host</strong></span>, and 307*00b67f09SDavid van Moolenbroek <span><strong class="command">nslookup</strong></span> programs are all command 308*00b67f09SDavid van Moolenbroek line tools 309*00b67f09SDavid van Moolenbroek for manually querying name servers. They differ in style and 310*00b67f09SDavid van Moolenbroek output format. 311*00b67f09SDavid van Moolenbroek </p> 312*00b67f09SDavid van Moolenbroek<div class="variablelist"><dl> 313*00b67f09SDavid van Moolenbroek<dt><span class="term"><a name="dig"></a><span><strong class="command">dig</strong></span></span></dt> 314*00b67f09SDavid van Moolenbroek<dd> 315*00b67f09SDavid van Moolenbroek<p> 316*00b67f09SDavid van Moolenbroek The domain information groper (<span><strong class="command">dig</strong></span>) 317*00b67f09SDavid van Moolenbroek is the most versatile and complete of these lookup tools. 318*00b67f09SDavid van Moolenbroek It has two modes: simple interactive 319*00b67f09SDavid van Moolenbroek mode for a single query, and batch mode which executes a 320*00b67f09SDavid van Moolenbroek query for 321*00b67f09SDavid van Moolenbroek each in a list of several query lines. All query options are 322*00b67f09SDavid van Moolenbroek accessible 323*00b67f09SDavid van Moolenbroek from the command line. 324*00b67f09SDavid van Moolenbroek </p> 325*00b67f09SDavid van Moolenbroek<div class="cmdsynopsis"><p><code class="command">dig</code> [@<em class="replaceable"><code>server</code></em>] <em class="replaceable"><code>domain</code></em> [<em class="replaceable"><code>query-type</code></em>] [<em class="replaceable"><code>query-class</code></em>] [+<em class="replaceable"><code>query-option</code></em>] [-<em class="replaceable"><code>dig-option</code></em>] [%<em class="replaceable"><code>comment</code></em>]</p></div> 326*00b67f09SDavid van Moolenbroek<p> 327*00b67f09SDavid van Moolenbroek The usual simple use of <span><strong class="command">dig</strong></span> will take the form 328*00b67f09SDavid van Moolenbroek </p> 329*00b67f09SDavid van Moolenbroek<p> 330*00b67f09SDavid van Moolenbroek <span><strong class="command">dig @server domain query-type query-class</strong></span> 331*00b67f09SDavid van Moolenbroek </p> 332*00b67f09SDavid van Moolenbroek<p> 333*00b67f09SDavid van Moolenbroek For more information and a list of available commands and 334*00b67f09SDavid van Moolenbroek options, see the <span><strong class="command">dig</strong></span> man 335*00b67f09SDavid van Moolenbroek page. 336*00b67f09SDavid van Moolenbroek </p> 337*00b67f09SDavid van Moolenbroek</dd> 338*00b67f09SDavid van Moolenbroek<dt><span class="term"><span><strong class="command">host</strong></span></span></dt> 339*00b67f09SDavid van Moolenbroek<dd> 340*00b67f09SDavid van Moolenbroek<p> 341*00b67f09SDavid van Moolenbroek The <span><strong class="command">host</strong></span> utility emphasizes 342*00b67f09SDavid van Moolenbroek simplicity 343*00b67f09SDavid van Moolenbroek and ease of use. By default, it converts 344*00b67f09SDavid van Moolenbroek between host names and Internet addresses, but its 345*00b67f09SDavid van Moolenbroek functionality 346*00b67f09SDavid van Moolenbroek can be extended with the use of options. 347*00b67f09SDavid van Moolenbroek </p> 348*00b67f09SDavid van Moolenbroek<div class="cmdsynopsis"><p><code class="command">host</code> [-aCdlnrsTwv] [-c <em class="replaceable"><code>class</code></em>] [-N <em class="replaceable"><code>ndots</code></em>] [-t <em class="replaceable"><code>type</code></em>] [-W <em class="replaceable"><code>timeout</code></em>] [-R <em class="replaceable"><code>retries</code></em>] [-m <em class="replaceable"><code>flag</code></em>] [-4] [-6] <em class="replaceable"><code>hostname</code></em> [<em class="replaceable"><code>server</code></em>]</p></div> 349*00b67f09SDavid van Moolenbroek<p> 350*00b67f09SDavid van Moolenbroek For more information and a list of available commands and 351*00b67f09SDavid van Moolenbroek options, see the <span><strong class="command">host</strong></span> man 352*00b67f09SDavid van Moolenbroek page. 353*00b67f09SDavid van Moolenbroek </p> 354*00b67f09SDavid van Moolenbroek</dd> 355*00b67f09SDavid van Moolenbroek<dt><span class="term"><span><strong class="command">nslookup</strong></span></span></dt> 356*00b67f09SDavid van Moolenbroek<dd> 357*00b67f09SDavid van Moolenbroek<p><span><strong class="command">nslookup</strong></span> 358*00b67f09SDavid van Moolenbroek has two modes: interactive and 359*00b67f09SDavid van Moolenbroek non-interactive. Interactive mode allows the user to 360*00b67f09SDavid van Moolenbroek query name servers for information about various 361*00b67f09SDavid van Moolenbroek hosts and domains or to print a list of hosts in a 362*00b67f09SDavid van Moolenbroek domain. Non-interactive mode is used to print just 363*00b67f09SDavid van Moolenbroek the name and requested information for a host or 364*00b67f09SDavid van Moolenbroek domain. 365*00b67f09SDavid van Moolenbroek </p> 366*00b67f09SDavid van Moolenbroek<div class="cmdsynopsis"><p><code class="command">nslookup</code> [-option...] [[<em class="replaceable"><code>host-to-find</code></em>] | [- [server]]]</p></div> 367*00b67f09SDavid van Moolenbroek<p> 368*00b67f09SDavid van Moolenbroek Interactive mode is entered when no arguments are given (the 369*00b67f09SDavid van Moolenbroek default name server will be used) or when the first argument 370*00b67f09SDavid van Moolenbroek is a 371*00b67f09SDavid van Moolenbroek hyphen (`-') and the second argument is the host name or 372*00b67f09SDavid van Moolenbroek Internet address 373*00b67f09SDavid van Moolenbroek of a name server. 374*00b67f09SDavid van Moolenbroek </p> 375*00b67f09SDavid van Moolenbroek<p> 376*00b67f09SDavid van Moolenbroek Non-interactive mode is used when the name or Internet 377*00b67f09SDavid van Moolenbroek address 378*00b67f09SDavid van Moolenbroek of the host to be looked up is given as the first argument. 379*00b67f09SDavid van Moolenbroek The 380*00b67f09SDavid van Moolenbroek optional second argument specifies the host name or address 381*00b67f09SDavid van Moolenbroek of a name server. 382*00b67f09SDavid van Moolenbroek </p> 383*00b67f09SDavid van Moolenbroek<p> 384*00b67f09SDavid van Moolenbroek Due to its arcane user interface and frequently inconsistent 385*00b67f09SDavid van Moolenbroek behavior, we do not recommend the use of <span><strong class="command">nslookup</strong></span>. 386*00b67f09SDavid van Moolenbroek Use <span><strong class="command">dig</strong></span> instead. 387*00b67f09SDavid van Moolenbroek </p> 388*00b67f09SDavid van Moolenbroek</dd> 389*00b67f09SDavid van Moolenbroek</dl></div> 390*00b67f09SDavid van Moolenbroek</div> 391*00b67f09SDavid van Moolenbroek<div class="sect3" lang="en"> 392*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h4 class="title"> 393*00b67f09SDavid van Moolenbroek<a name="admin_tools"></a>Administrative Tools</h4></div></div></div> 394*00b67f09SDavid van Moolenbroek<p> 395*00b67f09SDavid van Moolenbroek Administrative tools play an integral part in the management 396*00b67f09SDavid van Moolenbroek of a server. 397*00b67f09SDavid van Moolenbroek </p> 398*00b67f09SDavid van Moolenbroek<div class="variablelist"><dl> 399*00b67f09SDavid van Moolenbroek<dt> 400*00b67f09SDavid van Moolenbroek<a name="named-checkconf"></a><span class="term"><span><strong class="command">named-checkconf</strong></span></span> 401*00b67f09SDavid van Moolenbroek</dt> 402*00b67f09SDavid van Moolenbroek<dd> 403*00b67f09SDavid van Moolenbroek<p> 404*00b67f09SDavid van Moolenbroek The <span><strong class="command">named-checkconf</strong></span> program 405*00b67f09SDavid van Moolenbroek checks the syntax of a <code class="filename">named.conf</code> file. 406*00b67f09SDavid van Moolenbroek </p> 407*00b67f09SDavid van Moolenbroek<div class="cmdsynopsis"><p><code class="command">named-checkconf</code> [-jvz] [-t <em class="replaceable"><code>directory</code></em>] [<em class="replaceable"><code>filename</code></em>]</p></div> 408*00b67f09SDavid van Moolenbroek</dd> 409*00b67f09SDavid van Moolenbroek<dt> 410*00b67f09SDavid van Moolenbroek<a name="named-checkzone"></a><span class="term"><span><strong class="command">named-checkzone</strong></span></span> 411*00b67f09SDavid van Moolenbroek</dt> 412*00b67f09SDavid van Moolenbroek<dd> 413*00b67f09SDavid van Moolenbroek<p> 414*00b67f09SDavid van Moolenbroek The <span><strong class="command">named-checkzone</strong></span> program 415*00b67f09SDavid van Moolenbroek checks a master file for 416*00b67f09SDavid van Moolenbroek syntax and consistency. 417*00b67f09SDavid van Moolenbroek </p> 418*00b67f09SDavid van Moolenbroek<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [-djqvD] [-c <em class="replaceable"><code>class</code></em>] [-o <em class="replaceable"><code>output</code></em>] [-t <em class="replaceable"><code>directory</code></em>] [-w <em class="replaceable"><code>directory</code></em>] [-k <em class="replaceable"><code>(ignore|warn|fail)</code></em>] [-n <em class="replaceable"><code>(ignore|warn|fail)</code></em>] [-W <em class="replaceable"><code>(ignore|warn)</code></em>] <em class="replaceable"><code>zone</code></em> [<em class="replaceable"><code>filename</code></em>]</p></div> 419*00b67f09SDavid van Moolenbroek</dd> 420*00b67f09SDavid van Moolenbroek<dt> 421*00b67f09SDavid van Moolenbroek<a name="named-compilezone"></a><span class="term"><span><strong class="command">named-compilezone</strong></span></span> 422*00b67f09SDavid van Moolenbroek</dt> 423*00b67f09SDavid van Moolenbroek<dd><p> 424*00b67f09SDavid van Moolenbroek Similar to <span><strong class="command">named-checkzone,</strong></span> but 425*00b67f09SDavid van Moolenbroek it always dumps the zone content to a specified file 426*00b67f09SDavid van Moolenbroek (typically in a different format). 427*00b67f09SDavid van Moolenbroek </p></dd> 428*00b67f09SDavid van Moolenbroek<dt> 429*00b67f09SDavid van Moolenbroek<a name="rndc"></a><span class="term"><span><strong class="command">rndc</strong></span></span> 430*00b67f09SDavid van Moolenbroek</dt> 431*00b67f09SDavid van Moolenbroek<dd> 432*00b67f09SDavid van Moolenbroek<p> 433*00b67f09SDavid van Moolenbroek The remote name daemon control 434*00b67f09SDavid van Moolenbroek (<span><strong class="command">rndc</strong></span>) program allows the 435*00b67f09SDavid van Moolenbroek system 436*00b67f09SDavid van Moolenbroek administrator to control the operation of a name server. 437*00b67f09SDavid van Moolenbroek Since <acronym class="acronym">BIND</acronym> 9.2, <span><strong class="command">rndc</strong></span> 438*00b67f09SDavid van Moolenbroek supports all the commands of the BIND 8 <span><strong class="command">ndc</strong></span> 439*00b67f09SDavid van Moolenbroek utility except <span><strong class="command">ndc start</strong></span> and 440*00b67f09SDavid van Moolenbroek <span><strong class="command">ndc restart</strong></span>, which were also 441*00b67f09SDavid van Moolenbroek not supported in <span><strong class="command">ndc</strong></span>'s 442*00b67f09SDavid van Moolenbroek channel mode. 443*00b67f09SDavid van Moolenbroek If you run <span><strong class="command">rndc</strong></span> without any 444*00b67f09SDavid van Moolenbroek options 445*00b67f09SDavid van Moolenbroek it will display a usage message as follows: 446*00b67f09SDavid van Moolenbroek </p> 447*00b67f09SDavid van Moolenbroek<div class="cmdsynopsis"><p><code class="command">rndc</code> [-c <em class="replaceable"><code>config</code></em>] [-s <em class="replaceable"><code>server</code></em>] [-p <em class="replaceable"><code>port</code></em>] [-y <em class="replaceable"><code>key</code></em>] <em class="replaceable"><code>command</code></em> [<em class="replaceable"><code>command</code></em>...]</p></div> 448*00b67f09SDavid van Moolenbroek<p>See <a href="man.rndc.html" title="rndc"><span class="refentrytitle"><span class="application">rndc</span></span>(8)</a> for details of 449*00b67f09SDavid van Moolenbroek the available <span><strong class="command">rndc</strong></span> commands. 450*00b67f09SDavid van Moolenbroek </p> 451*00b67f09SDavid van Moolenbroek<p> 452*00b67f09SDavid van Moolenbroek <span><strong class="command">rndc</strong></span> requires a configuration file, 453*00b67f09SDavid van Moolenbroek since all 454*00b67f09SDavid van Moolenbroek communication with the server is authenticated with 455*00b67f09SDavid van Moolenbroek digital signatures that rely on a shared secret, and 456*00b67f09SDavid van Moolenbroek there is no way to provide that secret other than with a 457*00b67f09SDavid van Moolenbroek configuration file. The default location for the 458*00b67f09SDavid van Moolenbroek <span><strong class="command">rndc</strong></span> configuration file is 459*00b67f09SDavid van Moolenbroek <code class="filename">/etc/rndc.conf</code>, but an 460*00b67f09SDavid van Moolenbroek alternate 461*00b67f09SDavid van Moolenbroek location can be specified with the <code class="option">-c</code> 462*00b67f09SDavid van Moolenbroek option. If the configuration file is not found, 463*00b67f09SDavid van Moolenbroek <span><strong class="command">rndc</strong></span> will also look in 464*00b67f09SDavid van Moolenbroek <code class="filename">/etc/rndc.key</code> (or whatever 465*00b67f09SDavid van Moolenbroek <code class="varname">sysconfdir</code> was defined when 466*00b67f09SDavid van Moolenbroek the <acronym class="acronym">BIND</acronym> build was 467*00b67f09SDavid van Moolenbroek configured). 468*00b67f09SDavid van Moolenbroek The <code class="filename">rndc.key</code> file is 469*00b67f09SDavid van Moolenbroek generated by 470*00b67f09SDavid van Moolenbroek running <span><strong class="command">rndc-confgen -a</strong></span> as 471*00b67f09SDavid van Moolenbroek described in 472*00b67f09SDavid van Moolenbroek <a href="Bv9ARM.ch06.html#controls_statement_definition_and_usage" title="controls Statement Definition and 473*00b67f09SDavid van Moolenbroek Usage">the section called “<span><strong class="command">controls</strong></span> Statement Definition and 474*00b67f09SDavid van Moolenbroek Usage”</a>. 475*00b67f09SDavid van Moolenbroek </p> 476*00b67f09SDavid van Moolenbroek<p> 477*00b67f09SDavid van Moolenbroek The format of the configuration file is similar to 478*00b67f09SDavid van Moolenbroek that of <code class="filename">named.conf</code>, but 479*00b67f09SDavid van Moolenbroek limited to 480*00b67f09SDavid van Moolenbroek only four statements, the <span><strong class="command">options</strong></span>, 481*00b67f09SDavid van Moolenbroek <span><strong class="command">key</strong></span>, <span><strong class="command">server</strong></span> and 482*00b67f09SDavid van Moolenbroek <span><strong class="command">include</strong></span> 483*00b67f09SDavid van Moolenbroek statements. These statements are what associate the 484*00b67f09SDavid van Moolenbroek secret keys to the servers with which they are meant to 485*00b67f09SDavid van Moolenbroek be shared. The order of statements is not 486*00b67f09SDavid van Moolenbroek significant. 487*00b67f09SDavid van Moolenbroek </p> 488*00b67f09SDavid van Moolenbroek<p> 489*00b67f09SDavid van Moolenbroek The <span><strong class="command">options</strong></span> statement has 490*00b67f09SDavid van Moolenbroek three clauses: 491*00b67f09SDavid van Moolenbroek <span><strong class="command">default-server</strong></span>, <span><strong class="command">default-key</strong></span>, 492*00b67f09SDavid van Moolenbroek and <span><strong class="command">default-port</strong></span>. 493*00b67f09SDavid van Moolenbroek <span><strong class="command">default-server</strong></span> takes a 494*00b67f09SDavid van Moolenbroek host name or address argument and represents the server 495*00b67f09SDavid van Moolenbroek that will 496*00b67f09SDavid van Moolenbroek be contacted if no <code class="option">-s</code> 497*00b67f09SDavid van Moolenbroek option is provided on the command line. 498*00b67f09SDavid van Moolenbroek <span><strong class="command">default-key</strong></span> takes 499*00b67f09SDavid van Moolenbroek the name of a key as its argument, as defined by a <span><strong class="command">key</strong></span> statement. 500*00b67f09SDavid van Moolenbroek <span><strong class="command">default-port</strong></span> specifies the 501*00b67f09SDavid van Moolenbroek port to which 502*00b67f09SDavid van Moolenbroek <span><strong class="command">rndc</strong></span> should connect if no 503*00b67f09SDavid van Moolenbroek port is given on the command line or in a 504*00b67f09SDavid van Moolenbroek <span><strong class="command">server</strong></span> statement. 505*00b67f09SDavid van Moolenbroek </p> 506*00b67f09SDavid van Moolenbroek<p> 507*00b67f09SDavid van Moolenbroek The <span><strong class="command">key</strong></span> statement defines a 508*00b67f09SDavid van Moolenbroek key to be used 509*00b67f09SDavid van Moolenbroek by <span><strong class="command">rndc</strong></span> when authenticating 510*00b67f09SDavid van Moolenbroek with 511*00b67f09SDavid van Moolenbroek <span><strong class="command">named</strong></span>. Its syntax is 512*00b67f09SDavid van Moolenbroek identical to the 513*00b67f09SDavid van Moolenbroek <span><strong class="command">key</strong></span> statement in <code class="filename">named.conf</code>. 514*00b67f09SDavid van Moolenbroek The keyword <strong class="userinput"><code>key</code></strong> is 515*00b67f09SDavid van Moolenbroek followed by a key name, which must be a valid 516*00b67f09SDavid van Moolenbroek domain name, though it need not actually be hierarchical; 517*00b67f09SDavid van Moolenbroek thus, 518*00b67f09SDavid van Moolenbroek a string like "<strong class="userinput"><code>rndc_key</code></strong>" is a valid 519*00b67f09SDavid van Moolenbroek name. 520*00b67f09SDavid van Moolenbroek The <span><strong class="command">key</strong></span> statement has two 521*00b67f09SDavid van Moolenbroek clauses: 522*00b67f09SDavid van Moolenbroek <span><strong class="command">algorithm</strong></span> and <span><strong class="command">secret</strong></span>. 523*00b67f09SDavid van Moolenbroek While the configuration parser will accept any string as the 524*00b67f09SDavid van Moolenbroek argument 525*00b67f09SDavid van Moolenbroek to algorithm, currently only the strings 526*00b67f09SDavid van Moolenbroek "<strong class="userinput"><code>hmac-md5</code></strong>", 527*00b67f09SDavid van Moolenbroek "<strong class="userinput"><code>hmac-sha1</code></strong>", 528*00b67f09SDavid van Moolenbroek "<strong class="userinput"><code>hmac-sha224</code></strong>", 529*00b67f09SDavid van Moolenbroek "<strong class="userinput"><code>hmac-sha256</code></strong>", 530*00b67f09SDavid van Moolenbroek "<strong class="userinput"><code>hmac-sha384</code></strong>" 531*00b67f09SDavid van Moolenbroek and "<strong class="userinput"><code>hmac-sha512</code></strong>" 532*00b67f09SDavid van Moolenbroek have any meaning. The secret is a base-64 encoded string 533*00b67f09SDavid van Moolenbroek as specified in RFC 3548. 534*00b67f09SDavid van Moolenbroek </p> 535*00b67f09SDavid van Moolenbroek<p> 536*00b67f09SDavid van Moolenbroek The <span><strong class="command">server</strong></span> statement 537*00b67f09SDavid van Moolenbroek associates a key 538*00b67f09SDavid van Moolenbroek defined using the <span><strong class="command">key</strong></span> 539*00b67f09SDavid van Moolenbroek statement with a server. 540*00b67f09SDavid van Moolenbroek The keyword <strong class="userinput"><code>server</code></strong> is followed by a 541*00b67f09SDavid van Moolenbroek host name or address. The <span><strong class="command">server</strong></span> statement 542*00b67f09SDavid van Moolenbroek has two clauses: <span><strong class="command">key</strong></span> and <span><strong class="command">port</strong></span>. 543*00b67f09SDavid van Moolenbroek The <span><strong class="command">key</strong></span> clause specifies the 544*00b67f09SDavid van Moolenbroek name of the key 545*00b67f09SDavid van Moolenbroek to be used when communicating with this server, and the 546*00b67f09SDavid van Moolenbroek <span><strong class="command">port</strong></span> clause can be used to 547*00b67f09SDavid van Moolenbroek specify the port <span><strong class="command">rndc</strong></span> should 548*00b67f09SDavid van Moolenbroek connect 549*00b67f09SDavid van Moolenbroek to on the server. 550*00b67f09SDavid van Moolenbroek </p> 551*00b67f09SDavid van Moolenbroek<p> 552*00b67f09SDavid van Moolenbroek A sample minimal configuration file is as follows: 553*00b67f09SDavid van Moolenbroek </p> 554*00b67f09SDavid van Moolenbroek<pre class="programlisting"> 555*00b67f09SDavid van Moolenbroekkey rndc_key { 556*00b67f09SDavid van Moolenbroek algorithm "hmac-sha256"; 557*00b67f09SDavid van Moolenbroek secret 558*00b67f09SDavid van Moolenbroek "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"; 559*00b67f09SDavid van Moolenbroek}; 560*00b67f09SDavid van Moolenbroekoptions { 561*00b67f09SDavid van Moolenbroek default-server 127.0.0.1; 562*00b67f09SDavid van Moolenbroek default-key rndc_key; 563*00b67f09SDavid van Moolenbroek}; 564*00b67f09SDavid van Moolenbroek</pre> 565*00b67f09SDavid van Moolenbroek<p> 566*00b67f09SDavid van Moolenbroek This file, if installed as <code class="filename">/etc/rndc.conf</code>, 567*00b67f09SDavid van Moolenbroek would allow the command: 568*00b67f09SDavid van Moolenbroek </p> 569*00b67f09SDavid van Moolenbroek<p> 570*00b67f09SDavid van Moolenbroek <code class="prompt">$ </code><strong class="userinput"><code>rndc reload</code></strong> 571*00b67f09SDavid van Moolenbroek </p> 572*00b67f09SDavid van Moolenbroek<p> 573*00b67f09SDavid van Moolenbroek to connect to 127.0.0.1 port 953 and cause the name server 574*00b67f09SDavid van Moolenbroek to reload, if a name server on the local machine were 575*00b67f09SDavid van Moolenbroek running with 576*00b67f09SDavid van Moolenbroek following controls statements: 577*00b67f09SDavid van Moolenbroek </p> 578*00b67f09SDavid van Moolenbroek<pre class="programlisting"> 579*00b67f09SDavid van Moolenbroekcontrols { 580*00b67f09SDavid van Moolenbroek inet 127.0.0.1 581*00b67f09SDavid van Moolenbroek allow { localhost; } keys { rndc_key; }; 582*00b67f09SDavid van Moolenbroek}; 583*00b67f09SDavid van Moolenbroek</pre> 584*00b67f09SDavid van Moolenbroek<p> 585*00b67f09SDavid van Moolenbroek and it had an identical key statement for 586*00b67f09SDavid van Moolenbroek <code class="literal">rndc_key</code>. 587*00b67f09SDavid van Moolenbroek </p> 588*00b67f09SDavid van Moolenbroek<p> 589*00b67f09SDavid van Moolenbroek Running the <span><strong class="command">rndc-confgen</strong></span> 590*00b67f09SDavid van Moolenbroek program will 591*00b67f09SDavid van Moolenbroek conveniently create a <code class="filename">rndc.conf</code> 592*00b67f09SDavid van Moolenbroek file for you, and also display the 593*00b67f09SDavid van Moolenbroek corresponding <span><strong class="command">controls</strong></span> 594*00b67f09SDavid van Moolenbroek statement that you need to 595*00b67f09SDavid van Moolenbroek add to <code class="filename">named.conf</code>. 596*00b67f09SDavid van Moolenbroek Alternatively, 597*00b67f09SDavid van Moolenbroek you can run <span><strong class="command">rndc-confgen -a</strong></span> 598*00b67f09SDavid van Moolenbroek to set up 599*00b67f09SDavid van Moolenbroek a <code class="filename">rndc.key</code> file and not 600*00b67f09SDavid van Moolenbroek modify 601*00b67f09SDavid van Moolenbroek <code class="filename">named.conf</code> at all. 602*00b67f09SDavid van Moolenbroek </p> 603*00b67f09SDavid van Moolenbroek</dd> 604*00b67f09SDavid van Moolenbroek</dl></div> 605*00b67f09SDavid van Moolenbroek</div> 606*00b67f09SDavid van Moolenbroek</div> 607*00b67f09SDavid van Moolenbroek<div class="sect2" lang="en"> 608*00b67f09SDavid van Moolenbroek<div class="titlepage"><div><div><h3 class="title"> 609*00b67f09SDavid van Moolenbroek<a name="id2569465"></a>Signals</h3></div></div></div> 610*00b67f09SDavid van Moolenbroek<p> 611*00b67f09SDavid van Moolenbroek Certain UNIX signals cause the name server to take specific 612*00b67f09SDavid van Moolenbroek actions, as described in the following table. These signals can 613*00b67f09SDavid van Moolenbroek be sent using the <span><strong class="command">kill</strong></span> command. 614*00b67f09SDavid van Moolenbroek </p> 615*00b67f09SDavid van Moolenbroek<div class="informaltable"><table border="1"> 616*00b67f09SDavid van Moolenbroek<colgroup> 617*00b67f09SDavid van Moolenbroek<col> 618*00b67f09SDavid van Moolenbroek<col> 619*00b67f09SDavid van Moolenbroek</colgroup> 620*00b67f09SDavid van Moolenbroek<tbody> 621*00b67f09SDavid van Moolenbroek<tr> 622*00b67f09SDavid van Moolenbroek<td> 623*00b67f09SDavid van Moolenbroek <p><span><strong class="command">SIGHUP</strong></span></p> 624*00b67f09SDavid van Moolenbroek </td> 625*00b67f09SDavid van Moolenbroek<td> 626*00b67f09SDavid van Moolenbroek <p> 627*00b67f09SDavid van Moolenbroek Causes the server to read <code class="filename">named.conf</code> and 628*00b67f09SDavid van Moolenbroek reload the database. 629*00b67f09SDavid van Moolenbroek </p> 630*00b67f09SDavid van Moolenbroek </td> 631*00b67f09SDavid van Moolenbroek</tr> 632*00b67f09SDavid van Moolenbroek<tr> 633*00b67f09SDavid van Moolenbroek<td> 634*00b67f09SDavid van Moolenbroek <p><span><strong class="command">SIGTERM</strong></span></p> 635*00b67f09SDavid van Moolenbroek </td> 636*00b67f09SDavid van Moolenbroek<td> 637*00b67f09SDavid van Moolenbroek <p> 638*00b67f09SDavid van Moolenbroek Causes the server to clean up and exit. 639*00b67f09SDavid van Moolenbroek </p> 640*00b67f09SDavid van Moolenbroek </td> 641*00b67f09SDavid van Moolenbroek</tr> 642*00b67f09SDavid van Moolenbroek<tr> 643*00b67f09SDavid van Moolenbroek<td> 644*00b67f09SDavid van Moolenbroek <p><span><strong class="command">SIGINT</strong></span></p> 645*00b67f09SDavid van Moolenbroek </td> 646*00b67f09SDavid van Moolenbroek<td> 647*00b67f09SDavid van Moolenbroek <p> 648*00b67f09SDavid van Moolenbroek Causes the server to clean up and exit. 649*00b67f09SDavid van Moolenbroek </p> 650*00b67f09SDavid van Moolenbroek </td> 651*00b67f09SDavid van Moolenbroek</tr> 652*00b67f09SDavid van Moolenbroek</tbody> 653*00b67f09SDavid van Moolenbroek</table></div> 654*00b67f09SDavid van Moolenbroek</div> 655*00b67f09SDavid van Moolenbroek</div> 656*00b67f09SDavid van Moolenbroek</div> 657*00b67f09SDavid van Moolenbroek<div class="navfooter"> 658*00b67f09SDavid van Moolenbroek<hr> 659*00b67f09SDavid van Moolenbroek<table width="100%" summary="Navigation footer"> 660*00b67f09SDavid van Moolenbroek<tr> 661*00b67f09SDavid van Moolenbroek<td width="40%" align="left"> 662*00b67f09SDavid van Moolenbroek<a accesskey="p" href="Bv9ARM.ch02.html">Prev</a>�</td> 663*00b67f09SDavid van Moolenbroek<td width="20%" align="center">�</td> 664*00b67f09SDavid van Moolenbroek<td width="40%" align="right">�<a accesskey="n" href="Bv9ARM.ch04.html">Next</a> 665*00b67f09SDavid van Moolenbroek</td> 666*00b67f09SDavid van Moolenbroek</tr> 667*00b67f09SDavid van Moolenbroek<tr> 668*00b67f09SDavid van Moolenbroek<td width="40%" align="left" valign="top">Chapter�2.�<acronym class="acronym">BIND</acronym> Resource Requirements�</td> 669*00b67f09SDavid van Moolenbroek<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> 670*00b67f09SDavid van Moolenbroek<td width="40%" align="right" valign="top">�Chapter�4.�Advanced DNS Features</td> 671*00b67f09SDavid van Moolenbroek</tr> 672*00b67f09SDavid van Moolenbroek</table> 673*00b67f09SDavid van Moolenbroek</div> 674*00b67f09SDavid van Moolenbroek<p style="text-align: center;">BIND 9.10.2-P4</p> 675*00b67f09SDavid van Moolenbroek</body> 676*00b67f09SDavid van Moolenbroek</html> 677