diff --git a/bin/check/named-checkzone.8 b/bin/check/named-checkzone.8 index 5498d44c25..e4f329b5e5 100644 --- a/bin/check/named-checkzone.8 +++ b/bin/check/named-checkzone.8 @@ -19,7 +19,7 @@ named-checkzone \- zone file validity checking tool .SH SYNOPSIS .sp -\fBnamed-checkzone\fR [ \fB-d\fR ] [ \fB-j\fR ] [ \fB-q\fR ] [ \fB-v\fR ] [ \fB-c \fIclass\fB\fR ] [ \fB-n \fImode\fB\fR ] [ \fB-o \fIfilename\fB\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-w \fIdirectory\fB\fR ] [ \fB-D\fR ] \fBzonename\fR \fBfilename\fR +\fBnamed-checkzone\fR [ \fB-d\fR ] [ \fB-j\fR ] [ \fB-q\fR ] [ \fB-v\fR ] [ \fB-c \fIclass\fB\fR ] [ \fB-k \fImode\fB\fR ] [ \fB-n \fImode\fB\fR ] [ \fB-o \fIfilename\fB\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-w \fIdirectory\fB\fR ] [ \fB-D\fR ] \fBzonename\fR \fBfilename\fR .SH "DESCRIPTION" .PP \fBnamed-checkzone\fR checks the syntax and integrity of @@ -45,6 +45,12 @@ When loading the zone file read the journal if it exists. \fB-c \fIclass\fB\fR Specify the class of the zone. If not specified "IN" is assumed. .TP +\fB-k \fImode\fB\fR +Perform \fB"check-name"\fR checks with the specified failure mode. +Possible modes are \fB"fail"\fR, +\fB"warn"\fR (default) and +\fB"ignore"\fR. +.TP \fB-n \fImode\fB\fR Specify whether NS records should be checked to see if they are addresses. Possible modes are \fB"fail"\fR, diff --git a/bin/check/named-checkzone.html b/bin/check/named-checkzone.html index 5602eef0a6..97423f5a9d 100644 --- a/bin/check/named-checkzone.html +++ b/bin/check/named-checkzone.html @@ -81,6 +81,14 @@ CLASS="REPLACEABLE" >] [-k mode] [-n

DESCRIPTION

OPTIONS

-k mode

Perform "check-name" checks with the specified failure mode. + Possible modes are "fail", + "warn" (default) and + "ignore". +

-n

RETURN VALUES

SEE ALSO

AUTHOR

6.3. Zone File

lwres

configures named to +also act as a light weight resolver daemon (lwresd).

masters

6.2.1. acl

6.2.3. controls

6.2.5. include

6.2.6. include

6.2.7. key

6.2.8. key

6.2.9. logging

6.2.10. logging

6.2.10.1. The channel

delegation-only in a hint or stub zone declartation. +> in a hint or stub zone declaration.

6.2.11. lwres

6.2.12. lwres

6.2.13. masters

6.2.14. masters

6.2.15. options] [ enable-dnssec yes_or_no; ] + [ forward (

Turn on enforcment of delegation-only in TLDs and root zones with an optional +> Turn on enforcement of delegation-only in TLDs and root zones with an optional exclude list.

.

enable-dnssec

Enable DNSSEC support in named. Unless set to yes +named behaves as if it does not support DNSSEC. +The default is no. +

6.2.16.2. Forwarding

6.2.16.3. 6 to 4 Servers

6.2.16.5. Interfaces

6.2.16.6. Query Address

avoid-v6-udp-ports can be used to prevent named -from selecting certian ports. The defaults are

query-source address * port *;
@@ -6815,7 +6872,7 @@ CLASS="sect3"
 >
6.2.16.8. Bad UDP Port Lists
avoid-v6-udp-ports
 specify a list of IPv4 and IPv6 UDP ports that will not be used as system
-assigned source ports for UDP sockets.  These lists are expected to be
-used to prevent named using "well known" ports in the system assigned range
-that have become unusable due to wide spread use of acls containing these
-ports.
+assigned source ports for UDP sockets.  These lists prevent named
+from choosing as its random source port a port that is blocked by
+your firewall.  If a query went out with such a source port, the
+answer would not get by the firewall and the name server would have
+to query again.

6.2.16.9. Operating System Resource Limits

6.2.16.10. Server Resource Limits

Section 4.2.1). When the journal file approches +>). When the journal file approaches the specified size, some of the oldest transactions in the journal will be automatically removed. The default is

6.2.16.11. Periodic Task Intervals

6.2.19. trusted-keys

6.2.20. trusted-keys

6.2.22. view

6.2.24. zone

6.2.24.1. Zone Types

forward option (that is, "forward first to", then "forward only", or vice versa, but want to use the same -servers as set globally) you need to respecify the global forwarders.

This is used to enforce the delegation only status of infrastructure zones (e.g. COM, NET, ORG). Any answer that -is received without a explicit or implict delegation in the authority +is received without a explicit or implicit delegation in the authority section will be treated as NXDOMAIN. This does not apply to the zone apex. This SHOULD NOT be applied to leaf zones.

@@ -9686,7 +9744,7 @@ CLASS="sect3" >

6.2.24.2. Class

6.2.24.3. Zone Options

6.3. Zone File

6.3.1.1. Resource Records

6.3.1.2. Textual expression of RRs

6.3.2. Discussion of MX Records

6.3.4. Inverse Mapping in IPv4

6.3.5. Other Zone File Directives

6.3.5.1. The $ORIGIN

6.3.5.2. The $INCLUDE

6.3.5.3. The $TTL

6.3.6. BIND

$ may optionally be followed -by modifiers which change the offset from the interator, field width and base. +by modifiers which change the offset from the iterator, field width and base. Modifiers are introduced by a {$$ is still -recognised a indicating a literal $ in the output.

ttl specifies the ttl of the generated records. If not specified this will be - inherited using the normal ttl inhertance rules.

7.2. chroot

7.2. chroot

7.2.1. The chroot

7.2.2. Using the setuid

8.1. Common Problems
8.2. Incrementing and Changing the Serial Number
8.3. Where Can I Get Help?

8.1. Common Problems

8.1.1. It's not working; how can I figure out what's wrong?

8.2. Incrementing and Changing the Serial Number

8.3. Where Can I Get Help?

A.1. AcknowledgementsAcknowledgments
A.2.

A.1. AcknowledgementsA.1. Acknowledgments

A.1.1. A Brief History of the DNS

Bibliography

Standards

[RFC974] 

[RFC1034] 

[RFC1035] 

[RFC2181] 

[RFC2308] 

[RFC1995] 

[RFC1996] 

[RFC2136] 

[RFC2845] 

Proposed Standards Still Under Development

[RFC1886] 

[RFC2065] 

[RFC2137] 

Other Important RFCs About DNS

[RFC1535] 

[RFC1536] 

[RFC1982] 

Resource Record Types

[RFC1183] 

[RFC1706] 

[RFC2168] 

[RFC1876] 

[RFC2052] 

[RFC2163] 

[RFC2230] 

DNS

[RFC1101] 

[RFC1123] 

[RFC1591] 

[RFC2317] 

DNS

[RFC1537] 

[RFC1912] 

[RFC2010] 

[RFC2219] 

Other DNS

[RFC1464] 

[RFC1713] 

[RFC1794] 

[RFC2240] 

[RFC2345] 

[RFC2352] 

Obsolete and Unimplemented Experimental RRs

[RFC1712] 

A.3.3. Other Documents About BIND

Bibliography

6.2.1. acl
6.2.3. controls
6.2.5. include
6.2.6. include
6.2.7. key
6.2.8. key
6.2.9. logging
6.2.10. logging
6.2.11. lwres
6.2.12. lwres
6.2.13. masters
6.2.14. masters
6.2.15. options
6.2.19. trusted-keys
6.2.20. trusted-keys
6.2.22. view
6.2.24. zone
6.3. Zone File

6.3.2. Discussion of MX Records
6.3.4. Inverse Mapping in IPv4
6.3.5. Other Zone File Directives
6.3.6. BIND
7.2. chroot
7.2.1. The chroot
7.2.2. Using the setuid
8.1. Common Problems
8.1.1. It's not working; how can I figure out what's wrong?
8.2. Incrementing and Changing the Serial Number
8.3. Where Can I Get Help?
A.1. AcknowledgementsAcknowledgments
A.1.1. A Brief History of the DNS
A.3.3. Other Documents About BIND; transfer-format ( many-answers | one-answer ); max-cache-size ; - check-names ; // not implemented + check-names ( master | slave | response ) ( fail | warn | ignore ); cache-file ; suppress-initial-notify ; // not yet implemented preferred-glue ; @@ -80,6 +80,7 @@ options { edns-udp-size ; root-delegation-only [ exclude { ; ... } ]; disable-algorithms { ; ... }; + enable-dnssec ; allow-query { ; ... }; allow-transfer { ; ... }; allow-update-forwarding { ; ... }; @@ -166,7 +167,7 @@ view { subdomain | wildcard | self ) ; ... }; database ; delegation-only ; - check-names ; // not implemented + check-names ( fail | warn | ignore ); allow-query { ; ... }; allow-transfer { ; ... }; allow-update-forwarding { ; ... }; @@ -248,7 +249,7 @@ view { max-cache-ttl ; transfer-format ( many-answers | one-answer ); max-cache-size ; - check-names ; // not implemented + check-names ( master | slave | response ) ( fail | warn | ignore ); cache-file ; suppress-initial-notify ; // not yet implemented preferred-glue ; @@ -257,6 +258,7 @@ view { edns-udp-size ; root-delegation-only [ exclude { ; ... } ]; disable-algorithms { ; ... }; + enable-dnssec ; allow-query { ; ... }; allow-transfer { ; ... }; allow-update-forwarding { ; ... }; @@ -321,7 +323,7 @@ zone { wildcard | self ) ; ... }; database ; delegation-only ; - check-names ; // not implemented + check-names ( fail | warn | ignore ); allow-query { ; ... }; allow-transfer { ; ... }; allow-update-forwarding { ; ... };