diff options
Diffstat (limited to 'doc/man/named-checkzone.8in')
-rw-r--r-- | doc/man/named-checkzone.8in | 204 |
1 files changed, 204 insertions, 0 deletions
diff --git a/doc/man/named-checkzone.8in b/doc/man/named-checkzone.8in new file mode 100644 index 0000000..3eff3d8 --- /dev/null +++ b/doc/man/named-checkzone.8in @@ -0,0 +1,204 @@ +.\" Man page generated from reStructuredText. +. +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. +.TH "NAMED-CHECKZONE" "8" "@RELEASE_DATE@" "@BIND9_VERSION@" "BIND 9" +.SH NAME +named-checkzone \- zone file validity checking or converting tool +.SH SYNOPSIS +.sp +\fBnamed\-checkzone\fP [\fB\-d\fP] [\fB\-h\fP] [\fB\-j\fP] [\fB\-q\fP] [\fB\-v\fP] [\fB\-c\fP class] [\fB\-f\fP format] [\fB\-F\fP format] [\fB\-J\fP filename] [\fB\-i\fP mode] [\fB\-k\fP mode] [\fB\-m\fP mode] [\fB\-M\fP mode] [\fB\-n\fP mode] [\fB\-l\fP ttl] [\fB\-L\fP serial] [\fB\-o\fP filename] [\fB\-r\fP mode] [\fB\-s\fP style] [\fB\-S\fP mode] [\fB\-t\fP directory] [\fB\-T\fP mode] [\fB\-w\fP directory] [\fB\-D\fP] [\fB\-W\fP mode] {zonename} {filename} +.SH DESCRIPTION +.sp +\fBnamed\-checkzone\fP checks the syntax and integrity of a zone file. It +performs the same checks as \fBnamed\fP does when loading a zone. This +makes \fBnamed\-checkzone\fP useful for checking zone files before +configuring them into a name server. +.SH OPTIONS +.INDENT 0.0 +.TP +.B \fB\-d\fP +This option enables debugging. +.TP +.B \fB\-h\fP +This option prints the usage summary and exits. +.TP +.B \fB\-q\fP +This option sets quiet mode, which only sets an exit code to indicate +successful or failed completion. +.TP +.B \fB\-v\fP +This option prints the version of the \fBnamed\-checkzone\fP program and exits. +.TP +.B \fB\-j\fP +When loading a zone file, this option tells \fBnamed\fP to read the journal if it exists. The journal +file name is assumed to be the zone file name with the +string \fB\&.jnl\fP appended. +.TP +.B \fB\-J filename\fP +When loading the zone file, this option tells \fBnamed\fP to read the journal from the given file, if +it exists. This implies \fB\-j\fP\&. +.TP +.B \fB\-c class\fP +This option specifies the class of the zone. If not specified, \fBIN\fP is assumed. +.TP +.B \fB\-i mode\fP +This option performs post\-load zone integrity checks. Possible modes are +\fBfull\fP (the default), \fBfull\-sibling\fP, \fBlocal\fP, +\fBlocal\-sibling\fP, and \fBnone\fP\&. +.sp +Mode \fBfull\fP checks that MX records refer to A or AAAA records +(both in\-zone and out\-of\-zone hostnames). Mode \fBlocal\fP only +checks MX records which refer to in\-zone hostnames. +.sp +Mode \fBfull\fP checks that SRV records refer to A or AAAA records +(both in\-zone and out\-of\-zone hostnames). Mode \fBlocal\fP only +checks SRV records which refer to in\-zone hostnames. +.sp +Mode \fBfull\fP checks that delegation NS records refer to A or AAAA +records (both in\-zone and out\-of\-zone hostnames). It also checks that +glue address records in the zone match those advertised by the child. +Mode \fBlocal\fP only checks NS records which refer to in\-zone +hostnames or verifies that some required glue exists, i.e., when the +name server is in a child zone. +.sp +Modes \fBfull\-sibling\fP and \fBlocal\-sibling\fP disable sibling glue +checks, but are otherwise the same as \fBfull\fP and \fBlocal\fP, +respectively. +.sp +Mode \fBnone\fP disables the checks. +.TP +.B \fB\-f format\fP +This option specifies the format of the zone file. Possible formats are +\fBtext\fP (the default), \fBraw\fP, and \fBmap\fP\&. +.TP +.B \fB\-F format\fP +This option specifies the format of the output file specified. For +\fBnamed\-checkzone\fP, this does not have any effect unless it dumps +the zone contents. +.sp +Possible formats are \fBtext\fP (the default), which is the standard +textual representation of the zone, and \fBmap\fP, \fBraw\fP, and \fBraw=N\fP, which +store the zone in a binary format for rapid loading by \fBnamed\fP\&. +\fBraw=N\fP specifies the format version of the raw zone file: if \fBN\fP is +0, the raw file can be read by any version of \fBnamed\fP; if N is 1, the +file can only be read by release 9.9.0 or higher. The default is 1. +.TP +.B \fB\-k mode\fP +This option performs \fBcheck\-names\fP checks with the specified failure mode. +Possible modes are \fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&. +.TP +.B \fB\-l ttl\fP +This option sets a maximum permissible TTL for the input file. Any record with a +TTL higher than this value causes the zone to be rejected. This +is similar to using the \fBmax\-zone\-ttl\fP option in \fBnamed.conf\fP\&. +.TP +.B \fB\-L serial\fP +When compiling a zone to \fBraw\fP or \fBmap\fP format, this option sets the \(dqsource +serial\(dq value in the header to the specified serial number. This is +expected to be used primarily for testing purposes. +.TP +.B \fB\-m mode\fP +This option specifies whether MX records should be checked to see if they are +addresses. Possible modes are \fBfail\fP, \fBwarn\fP (the default), and +\fBignore\fP\&. +.TP +.B \fB\-M mode\fP +This option checks whether a MX record refers to a CNAME. Possible modes are +\fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&. +.TP +.B \fB\-n mode\fP +This option specifies whether NS records should be checked to see if they are +addresses. Possible modes are \fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&. +.TP +.B \fB\-o filename\fP +This option writes the zone output to \fBfilename\fP\&. If \fBfilename\fP is \fB\-\fP, then +the zone output is written to standard output. +.TP +.B \fB\-r mode\fP +This option checks for records that are treated as different by DNSSEC but are +semantically equal in plain DNS. Possible modes are \fBfail\fP, +\fBwarn\fP (the default), and \fBignore\fP\&. +.TP +.B \fB\-s style\fP +This option specifies the style of the dumped zone file. Possible styles are +\fBfull\fP (the default) and \fBrelative\fP\&. The \fBfull\fP format is most +suitable for processing automatically by a separate script. +The relative format is more human\-readable and is thus +suitable for editing by hand. This does not have any effect unless it dumps +the zone contents. It also does not have any meaning if the output format +is not text. +.TP +.B \fB\-S mode\fP +This option checks whether an SRV record refers to a CNAME. Possible modes are +\fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&. +.TP +.B \fB\-t directory\fP +This option tells \fBnamed\fP to chroot to \fBdirectory\fP, so that \fBinclude\fP directives in the +configuration file are processed as if run by a similarly chrooted +\fBnamed\fP\&. +.TP +.B \fB\-T mode\fP +This option checks whether Sender Policy Framework (SPF) records exist and issues a +warning if an SPF\-formatted TXT record is not also present. Possible +modes are \fBwarn\fP (the default) and \fBignore\fP\&. +.TP +.B \fB\-w directory\fP +This option instructs \fBnamed\fP to chdir to \fBdirectory\fP, so that relative filenames in master file +\fB$INCLUDE\fP directives work. This is similar to the directory clause in +\fBnamed.conf\fP\&. +.TP +.B \fB\-D\fP +This option dumps the zone file in canonical format. +.TP +.B \fB\-W mode\fP +This option specifies whether to check for non\-terminal wildcards. Non\-terminal +wildcards are almost always the result of a failure to understand the +wildcard matching algorithm (\fI\%RFC 4592\fP). Possible modes are \fBwarn\fP +(the default) and \fBignore\fP\&. +.TP +.B \fBzonename\fP +This indicates the domain name of the zone being checked. +.TP +.B \fBfilename\fP +This is the name of the zone file. +.UNINDENT +.SH RETURN VALUES +.sp +\fBnamed\-checkzone\fP returns an exit status of 1 if errors were detected +and 0 otherwise. +.SH SEE ALSO +.sp +\fBnamed(8)\fP, \fBnamed\-checkconf(8)\fP, \fBnamed\-compilezone(8)\fP, +\fI\%RFC 1035\fP, BIND 9 Administrator Reference Manual. +.SH AUTHOR +Internet Systems Consortium +.SH COPYRIGHT +2023, Internet Systems Consortium +.\" Generated by docutils manpage writer. +. |