summaryrefslogtreecommitdiff
path: root/bin/nsupdate/nsupdate.html
diff options
context:
space:
mode:
Diffstat (limited to 'bin/nsupdate/nsupdate.html')
-rw-r--r--bin/nsupdate/nsupdate.html125
1 files changed, 62 insertions, 63 deletions
diff --git a/bin/nsupdate/nsupdate.html b/bin/nsupdate/nsupdate.html
index 76c54db290d5e..7f1c8c229410c 100644
--- a/bin/nsupdate/nsupdate.html
+++ b/bin/nsupdate/nsupdate.html
@@ -14,14 +14,13 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>nsupdate</title>
-<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
+<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
</head>
-<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
+<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
<a name="man.nsupdate"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
@@ -31,9 +30,9 @@
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">nsupdate</code> [<code class="option">-d</code>] [<code class="option">-D</code>] [<code class="option">-L <em class="replaceable"><code>level</code></em></code>] [[<code class="option">-g</code>] | [<code class="option">-o</code>] | [<code class="option">-l</code>] | [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]keyname:secret</code></em></code>] | [<code class="option">-k <em class="replaceable"><code>keyfile</code></em></code>]] [<code class="option">-t <em class="replaceable"><code>timeout</code></em></code>] [<code class="option">-u <em class="replaceable"><code>udptimeout</code></em></code>] [<code class="option">-r <em class="replaceable"><code>udpretries</code></em></code>] [<code class="option">-R <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-v</code>] [<code class="option">-V</code>] [filename]</p></div>
</div>
-<div class="refsect1" lang="en">
-<a name="id2543491"></a><h2>DESCRIPTION</h2>
-<p><span><strong class="command">nsupdate</strong></span>
+<div class="refsection">
+<a name="id-1.7"></a><h2>DESCRIPTION</h2>
+<p><span class="command"><strong>nsupdate</strong></span>
is used to submit Dynamic DNS Update requests as defined in RFC 2136
to a name server.
This allows resource records to be added or removed from a zone
@@ -44,14 +43,14 @@
</p>
<p>
Zones that are under dynamic control via
- <span><strong class="command">nsupdate</strong></span>
+ <span class="command"><strong>nsupdate</strong></span>
or a DHCP server should not be edited by hand.
Manual edits could
conflict with dynamic updates and cause data to be lost.
</p>
<p>
The resource records that are dynamically added or removed with
- <span><strong class="command">nsupdate</strong></span>
+ <span class="command"><strong>nsupdate</strong></span>
have to be in the same zone.
Requests are sent to the zone's master server.
This is identified by the MNAME field of the zone's SOA record.
@@ -65,15 +64,15 @@
<p>
TSIG relies on
a shared secret that should only be known to
- <span><strong class="command">nsupdate</strong></span> and the name server.
+ <span class="command"><strong>nsupdate</strong></span> and the name server.
For instance, suitable <span class="type">key</span> and
<span class="type">server</span> statements would be added to
<code class="filename">/etc/named.conf</code> so that the name server
can associate the appropriate secret key and algorithm with
the IP address of the client application that will be using
- TSIG authentication. You can use <span><strong class="command">ddns-confgen</strong></span>
+ TSIG authentication. You can use <span class="command"><strong>ddns-confgen</strong></span>
to generate suitable configuration fragments.
- <span><strong class="command">nsupdate</strong></span>
+ <span class="command"><strong>nsupdate</strong></span>
uses the <code class="option">-y</code> or <code class="option">-k</code> options
to provide the TSIG shared secret. These options are mutually exclusive.
</p>
@@ -89,9 +88,9 @@
2000 can be switched on with the <code class="option">-o</code> flag.
</p>
</div>
-<div class="refsect1" lang="en">
-<a name="id2543564"></a><h2>OPTIONS</h2>
-<div class="variablelist"><dl>
+<div class="refsection">
+<a name="id-1.8"></a><h2>OPTIONS</h2>
+<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-d</span></dt>
<dd><p>
Debug mode. This provides tracing information about the
@@ -106,12 +105,12 @@
<dd><p>
The file containing the TSIG authentication key.
Keyfiles may be in two formats: a single file containing
- a <code class="filename">named.conf</code>-format <span><strong class="command">key</strong></span>
+ a <code class="filename">named.conf</code>-format <span class="command"><strong>key</strong></span>
statement, which may be generated automatically by
- <span><strong class="command">ddns-confgen</strong></span>, or a pair of files whose names are
+ <span class="command"><strong>ddns-confgen</strong></span>, or a pair of files whose names are
of the format <code class="filename">K{name}.+157.+{random}.key</code> and
<code class="filename">K{name}.+157.+{random}.private</code>, which can be
- generated by <span><strong class="command">dnssec-keygen</strong></span>.
+ generated by <span class="command"><strong>dnssec-keygen</strong></span>.
The <code class="option">-k</code> may also be used to specify a SIG(0) key used
to authenticate Dynamic DNS update requests. In this case, the key
specified is not an HMAC-MD5 key.
@@ -119,12 +118,12 @@
<dt><span class="term">-l</span></dt>
<dd><p>
Local-host only mode. This sets the server address to
- localhost (disabling the <span><strong class="command">server</strong></span> so that the server
+ localhost (disabling the <span class="command"><strong>server</strong></span> so that the server
address cannot be overridden). Connections to the local server will
use a TSIG key found in <code class="filename">/var/run/named/session.key</code>,
- which is automatically generated by <span><strong class="command">named</strong></span> if any
- local master zone has set <span><strong class="command">update-policy</strong></span> to
- <span><strong class="command">local</strong></span>. The location of this key file can be
+ which is automatically generated by <span class="command"><strong>named</strong></span> if any
+ local master zone has set <span class="command"><strong>update-policy</strong></span> to
+ <span class="command"><strong>local</strong></span>. The location of this key file can be
overridden with the <code class="option">-k</code> option.
</p></dd>
<dt><span class="term">-L <em class="replaceable"><code>level</code></em></span></dt>
@@ -167,7 +166,7 @@
<dt><span class="term">-v</span></dt>
<dd><p>
Use TCP even for small update requests.
- By default, <span><strong class="command">nsupdate</strong></span>
+ By default, <span class="command"><strong>nsupdate</strong></span>
uses UDP to send update requests to the name server unless they are too
large to fit in a UDP request in which case TCP will be used.
TCP may be preferable when a batch of update requests is made.
@@ -199,9 +198,9 @@
</dd>
</dl></div>
</div>
-<div class="refsect1" lang="en">
-<a name="id2543963"></a><h2>INPUT FORMAT</h2>
-<p><span><strong class="command">nsupdate</strong></span>
+<div class="refsection">
+<a name="id-1.9"></a><h2>INPUT FORMAT</h2>
+<p><span class="command"><strong>nsupdate</strong></span>
reads input from
<em class="parameter"><code>filename</code></em>
or standard input.
@@ -220,7 +219,7 @@
and zero or more updates.
This allows a suitably authenticated update request to proceed if some
specified resource records are present or missing from the zone.
- A blank input line (or the <span><strong class="command">send</strong></span> command)
+ A blank input line (or the <span class="command"><strong>send</strong></span> command)
causes the
accumulated commands to be sent as one Dynamic DNS update request to the
name server.
@@ -228,9 +227,9 @@
<p>
The command formats and their meaning are as follows:
</p>
-<div class="variablelist"><dl>
+<div class="variablelist"><dl class="variablelist">
<dt><span class="term">
- <span><strong class="command">server</strong></span>
+ <span class="command"><strong>server</strong></span>
{servername}
[port]
</span></dt>
@@ -238,7 +237,7 @@
Sends all dynamic update requests to the name server
<em class="parameter"><code>servername</code></em>.
When no server statement is provided,
- <span><strong class="command">nsupdate</strong></span>
+ <span class="command"><strong>nsupdate</strong></span>
will send updates to the master server of the correct zone.
The MNAME field of that zone's SOA record will identify the
master
@@ -252,7 +251,7 @@
used.
</p></dd>
<dt><span class="term">
- <span><strong class="command">local</strong></span>
+ <span class="command"><strong>local</strong></span>
{address}
[port]
</span></dt>
@@ -261,7 +260,7 @@
<em class="parameter"><code>address</code></em>.
When no local statement is provided,
- <span><strong class="command">nsupdate</strong></span>
+ <span class="command"><strong>nsupdate</strong></span>
will send updates using an address and port chosen by the
system.
<em class="parameter"><code>port</code></em>
@@ -270,7 +269,7 @@
If no port number is specified, the system will assign one.
</p></dd>
<dt><span class="term">
- <span><strong class="command">zone</strong></span>
+ <span class="command"><strong>zone</strong></span>
{zonename}
</span></dt>
<dd><p>
@@ -279,12 +278,12 @@
If no
<em class="parameter"><code>zone</code></em>
statement is provided,
- <span><strong class="command">nsupdate</strong></span>
+ <span class="command"><strong>nsupdate</strong></span>
will attempt determine the correct zone to update based on the
rest of the input.
</p></dd>
<dt><span class="term">
- <span><strong class="command">class</strong></span>
+ <span class="command"><strong>class</strong></span>
{classname}
</span></dt>
<dd><p>
@@ -294,7 +293,7 @@
<em class="parameter"><code>IN</code></em>.
</p></dd>
<dt><span class="term">
- <span><strong class="command">ttl</strong></span>
+ <span class="command"><strong>ttl</strong></span>
{seconds}
</span></dt>
<dd><p>
@@ -303,7 +302,7 @@
ttl.
</p></dd>
<dt><span class="term">
- <span><strong class="command">key</strong></span>
+ <span class="command"><strong>key</strong></span>
[hmac:] {keyname}
{secret}
</span></dt>
@@ -312,19 +311,19 @@
<em class="parameter"><code>keyname</code></em> <em class="parameter"><code>secret</code></em> pair.
If <em class="parameter"><code>hmac</code></em> is specified, then it sets the
signing algorithm in use; the default is
- <code class="literal">hmac-md5</code>. The <span><strong class="command">key</strong></span>
+ <code class="literal">hmac-md5</code>. The <span class="command"><strong>key</strong></span>
command overrides any key specified on the command line via
<code class="option">-y</code> or <code class="option">-k</code>.
</p></dd>
<dt><span class="term">
- <span><strong class="command">gsstsig</strong></span>
+ <span class="command"><strong>gsstsig</strong></span>
</span></dt>
<dd><p>
Use GSS-TSIG to sign the updated. This is equivalent to
specifying <code class="option">-g</code> on the commandline.
</p></dd>
<dt><span class="term">
- <span><strong class="command">oldgsstsig</strong></span>
+ <span class="command"><strong>oldgsstsig</strong></span>
</span></dt>
<dd><p>
Use the Windows 2000 version of GSS-TSIG to sign the updated.
@@ -332,7 +331,7 @@
commandline.
</p></dd>
<dt><span class="term">
- <span><strong class="command">realm</strong></span>
+ <span class="command"><strong>realm</strong></span>
{[<span class="optional">realm_name</span>]}
</span></dt>
<dd><p>
@@ -341,7 +340,7 @@
realm is specified the saved realm is cleared.
</p></dd>
<dt><span class="term">
- <span><strong class="command">[<span class="optional">prereq</span>] nxdomain</strong></span>
+ <span class="command"><strong>[<span class="optional">prereq</span>] nxdomain</strong></span>
{domain-name}
</span></dt>
<dd><p>
@@ -349,7 +348,7 @@
<em class="parameter"><code>domain-name</code></em>.
</p></dd>
<dt><span class="term">
- <span><strong class="command">[<span class="optional">prereq</span>] yxdomain</strong></span>
+ <span class="command"><strong>[<span class="optional">prereq</span>] yxdomain</strong></span>
{domain-name}
</span></dt>
<dd><p>
@@ -358,7 +357,7 @@
exists (has as at least one resource record, of any type).
</p></dd>
<dt><span class="term">
- <span><strong class="command">[<span class="optional">prereq</span>] nxrrset</strong></span>
+ <span class="command"><strong>[<span class="optional">prereq</span>] nxrrset</strong></span>
{domain-name}
[class]
{type}
@@ -374,7 +373,7 @@
is omitted, IN (internet) is assumed.
</p></dd>
<dt><span class="term">
- <span><strong class="command">[<span class="optional">prereq</span>] yxrrset</strong></span>
+ <span class="command"><strong>[<span class="optional">prereq</span>] yxrrset</strong></span>
{domain-name}
[class]
{type}
@@ -391,7 +390,7 @@
is omitted, IN (internet) is assumed.
</p></dd>
<dt><span class="term">
- <span><strong class="command">[<span class="optional">prereq</span>] yxrrset</strong></span>
+ <span class="command"><strong>[<span class="optional">prereq</span>] yxrrset</strong></span>
{domain-name}
[class]
{type}
@@ -420,7 +419,7 @@
RDATA.
</p></dd>
<dt><span class="term">
- <span><strong class="command">[<span class="optional">update</span>] del[<span class="optional">ete</span>]</strong></span>
+ <span class="command"><strong>[<span class="optional">update</span>] del[<span class="optional">ete</span>]</strong></span>
{domain-name}
[ttl]
[class]
@@ -441,7 +440,7 @@
is ignored, and is only allowed for compatibility.
</p></dd>
<dt><span class="term">
- <span><strong class="command">[<span class="optional">update</span>] add</strong></span>
+ <span class="command"><strong>[<span class="optional">update</span>] add</strong></span>
{domain-name}
{ttl}
[class]
@@ -456,7 +455,7 @@
<em class="parameter"><code>data</code></em>.
</p></dd>
<dt><span class="term">
- <span><strong class="command">show</strong></span>
+ <span class="command"><strong>show</strong></span>
</span></dt>
<dd><p>
Displays the current message, containing all of the
@@ -464,32 +463,32 @@
updates specified since the last send.
</p></dd>
<dt><span class="term">
- <span><strong class="command">send</strong></span>
+ <span class="command"><strong>send</strong></span>
</span></dt>
<dd><p>
Sends the current message. This is equivalent to entering a
blank line.
</p></dd>
<dt><span class="term">
- <span><strong class="command">answer</strong></span>
+ <span class="command"><strong>answer</strong></span>
</span></dt>
<dd><p>
Displays the answer.
</p></dd>
<dt><span class="term">
- <span><strong class="command">debug</strong></span>
+ <span class="command"><strong>debug</strong></span>
</span></dt>
<dd><p>
Turn on debugging.
</p></dd>
<dt><span class="term">
- <span><strong class="command">version</strong></span>
+ <span class="command"><strong>version</strong></span>
</span></dt>
<dd><p>
Print version number.
</p></dd>
<dt><span class="term">
- <span><strong class="command">help</strong></span>
+ <span class="command"><strong>help</strong></span>
</span></dt>
<dd><p>
Print a list of commands.
@@ -501,11 +500,11 @@
Lines beginning with a semicolon are comments and are ignored.
</p>
</div>
-<div class="refsect1" lang="en">
-<a name="id2545067"></a><h2>EXAMPLES</h2>
+<div class="refsection">
+<a name="id-1.10"></a><h2>EXAMPLES</h2>
<p>
The examples below show how
- <span><strong class="command">nsupdate</strong></span>
+ <span class="command"><strong>nsupdate</strong></span>
could be used to insert and delete resource records from the
<span class="type">example.com</span>
zone.
@@ -555,9 +554,9 @@
RRSIG, DNSKEY and NSEC records.)
</p>
</div>
-<div class="refsect1" lang="en">
-<a name="id2545111"></a><h2>FILES</h2>
-<div class="variablelist"><dl>
+<div class="refsection">
+<a name="id-1.11"></a><h2>FILES</h2>
+<div class="variablelist"><dl class="variablelist">
<dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>
<dd><p>
used to identify default name server
@@ -578,8 +577,8 @@
</p></dd>
</dl></div>
</div>
-<div class="refsect1" lang="en">
-<a name="id2545197"></a><h2>SEE ALSO</h2>
+<div class="refsection">
+<a name="id-1.12"></a><h2>SEE ALSO</h2>
<p>
<em class="citetitle">RFC 2136</em>,
<em class="citetitle">RFC 3007</em>,
@@ -593,8 +592,8 @@
<span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.
</p>
</div>
-<div class="refsect1" lang="en">
-<a name="id2545255"></a><h2>BUGS</h2>
+<div class="refsection">
+<a name="id-1.13"></a><h2>BUGS</h2>
<p>
The TSIG key is redundantly stored in two separate files.
This is a consequence of nsupdate using the DST library