summaryrefslogtreecommitdiffstats
path: root/doc/man_kzonecheck.rst
blob: 3a108631b1d86a267adc64224f202d7e5c2cc46b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
.. highlight:: none

``kzonecheck`` – Knot DNS zone file checking tool
=================================================

Synopsis
--------

:program:`kzonecheck` [*options*] *filename*

Description
-----------

The utility checks zone file syntax and runs semantic checks on the zone
content. The executed checks are the same as the checks run by the Knot
DNS server.

Please, refer to the ``semantic-checks`` configuration option in
:manpage:`knot.conf(5)` for the full list of available semantic checks.

Parameters
..........

*filename*
  Path to the zone file to be checked. For reading from **stdin** use **/dev/stdin**
  or just **-**.

Options
.......

**-o**, **--origin** *origin*
  Zone origin. If not specified, the origin is determined from the file name
  (possibly removing the ``.zone`` suffix).

**-d**, **--dnssec** **on**\|\ **off**
  Also check DNSSEC-related records. The default is to decide based on the
  existence of a RRSIG for SOA.

**-z**, **--zonemd**
  Also check the zone hash against a ZONEMD record, which is required to exist.

**-t**, **--time** *time*
  Current time specification. Use UNIX timestamp, YYYYMMDDHHmmSS
  format, or [+/-]\ *time*\ [unit] format, where unit can be **Y**, **M**,
  **D**, **h**, **m**, or **s**. Default is current UNIX timestamp.

**-p**, **--print**
  Print the zone on stdout.

**-v**, **--verbose**
  Enable debug output.

**-h**, **--help**
  Print the program help.

**-V**, **--version**
  Print the program version.

Exit values
-----------

Exit status of 0 means successful operation. Any other exit status indicates
an error.

See Also
--------

:manpage:`knotd(8)`, :manpage:`knot.conf(5)`.