summaryrefslogtreecommitdiffstats
path: root/doc/man/named-checkzone.1in
diff options
context:
space:
mode:
Diffstat (limited to 'doc/man/named-checkzone.1in')
-rw-r--r--doc/man/named-checkzone.1in256
1 files changed, 256 insertions, 0 deletions
diff --git a/doc/man/named-checkzone.1in b/doc/man/named-checkzone.1in
new file mode 100644
index 0000000..b2f50d1
--- /dev/null
+++ b/doc/man/named-checkzone.1in
@@ -0,0 +1,256 @@
+.\" Man page generated from reStructuredText.
+.
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.TH "NAMED-CHECKZONE" "1" "@RELEASE_DATE@" "@PACKAGE_VERSION@" "BIND 9"
+.SH NAME
+named-checkzone \- zone file validity checking or converting tool
+.SH SYNOPSIS
+.sp
+\fBnamed\-checkzone\fP [\fB\-d\fP] [\fB\-h\fP] [\fB\-j\fP] [\fB\-q\fP] [\fB\-v\fP] [\fB\-c\fP class] [\fB\-f\fP format] [\fB\-F\fP format] [\fB\-J\fP filename] [\fB\-i\fP mode] [\fB\-k\fP mode] [\fB\-m\fP mode] [\fB\-M\fP mode] [\fB\-n\fP mode] [\fB\-l\fP ttl] [\fB\-L\fP serial] [\fB\-o\fP filename] [\fB\-r\fP mode] [\fB\-s\fP style] [\fB\-S\fP mode] [\fB\-t\fP directory] [\fB\-T\fP mode] [\fB\-w\fP directory] [\fB\-D\fP] [\fB\-W\fP mode] {zonename} {filename}
+.SH DESCRIPTION
+.sp
+\fBnamed\-checkzone\fP checks the syntax and integrity of a zone file. It
+performs the same checks as \fI\%named\fP does when loading a zone. This
+makes \fBnamed\-checkzone\fP useful for checking zone files before
+configuring them into a name server.
+.SH OPTIONS
+.INDENT 0.0
+.TP
+.B \-d
+This option enables debugging.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-h
+This option prints the usage summary and exits.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-q
+This option sets quiet mode, which only sets an exit code to indicate
+successful or failed completion.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-v
+This option prints the version of the \fBnamed\-checkzone\fP program and exits.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-j
+When loading a zone file, this option tells \fI\%named\fP to read the journal if it exists. The journal
+file name is assumed to be the zone file name with the
+string \fB\&.jnl\fP appended.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-J filename
+When loading the zone file, this option tells \fI\%named\fP to read the journal from the given file, if
+it exists. This implies \fI\%\-j\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-c class
+This option specifies the class of the zone. If not specified, \fBIN\fP is assumed.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-i mode
+This option performs post\-load zone integrity checks. Possible modes are
+\fBfull\fP (the default), \fBfull\-sibling\fP, \fBlocal\fP,
+\fBlocal\-sibling\fP, and \fBnone\fP\&.
+.sp
+Mode \fBfull\fP checks that MX records refer to A or AAAA records
+(both in\-zone and out\-of\-zone hostnames). Mode \fBlocal\fP only
+checks MX records which refer to in\-zone hostnames.
+.sp
+Mode \fBfull\fP checks that SRV records refer to A or AAAA records
+(both in\-zone and out\-of\-zone hostnames). Mode \fBlocal\fP only
+checks SRV records which refer to in\-zone hostnames.
+.sp
+Mode \fBfull\fP checks that delegation NS records refer to A or AAAA
+records (both in\-zone and out\-of\-zone hostnames). It also checks that
+glue address records in the zone match those advertised by the child.
+Mode \fBlocal\fP only checks NS records which refer to in\-zone
+hostnames or verifies that some required glue exists, i.e., when the
+name server is in a child zone.
+.sp
+Modes \fBfull\-sibling\fP and \fBlocal\-sibling\fP disable sibling glue
+checks, but are otherwise the same as \fBfull\fP and \fBlocal\fP,
+respectively.
+.sp
+Mode \fBnone\fP disables the checks.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-f format
+This option specifies the format of the zone file. Possible formats are
+\fBtext\fP (the default), and \fBraw\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-F format
+This option specifies the format of the output file specified. For
+\fBnamed\-checkzone\fP, this does not have any effect unless it dumps
+the zone contents.
+.sp
+Possible formats are \fBtext\fP (the default), which is the standard
+textual representation of the zone, and \fBraw\fP and \fBraw=N\fP, which
+store the zone in a binary format for rapid loading by \fI\%named\fP\&.
+\fBraw=N\fP specifies the format version of the raw zone file: if \fBN\fP is
+0, the raw file can be read by any version of \fI\%named\fP; if N is 1, the
+file can only be read by release 9.9.0 or higher. The default is 1.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-k mode
+This option performs \fBcheck\-names\fP checks with the specified failure mode.
+Possible modes are \fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-l ttl
+This option sets a maximum permissible TTL for the input file. Any record with a
+TTL higher than this value causes the zone to be rejected. This
+is similar to using the \fBmax\-zone\-ttl\fP option in \fI\%named.conf\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-L serial
+When compiling a zone to \fBraw\fP format, this option sets the \(dqsource
+serial\(dq value in the header to the specified serial number. This is
+expected to be used primarily for testing purposes.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-m mode
+This option specifies whether MX records should be checked to see if they are
+addresses. Possible modes are \fBfail\fP, \fBwarn\fP (the default), and
+\fBignore\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-M mode
+This option checks whether a MX record refers to a CNAME. Possible modes are
+\fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-n mode
+This option specifies whether NS records should be checked to see if they are
+addresses. Possible modes are \fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-o filename
+This option writes the zone output to \fBfilename\fP\&. If \fBfilename\fP is \fB\-\fP, then
+the zone output is written to standard output.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-r mode
+This option checks for records that are treated as different by DNSSEC but are
+semantically equal in plain DNS. Possible modes are \fBfail\fP,
+\fBwarn\fP (the default), and \fBignore\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-s style
+This option specifies the style of the dumped zone file. Possible styles are
+\fBfull\fP (the default) and \fBrelative\fP\&. The \fBfull\fP format is most
+suitable for processing automatically by a separate script.
+The relative format is more human\-readable and is thus
+suitable for editing by hand. This does not have any effect unless it dumps
+the zone contents. It also does not have any meaning if the output format
+is not text.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-S mode
+This option checks whether an SRV record refers to a CNAME. Possible modes are
+\fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-t directory
+This option tells \fI\%named\fP to chroot to \fBdirectory\fP, so that \fBinclude\fP directives in the
+configuration file are processed as if run by a similarly chrooted
+\fI\%named\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-T mode
+This option checks whether Sender Policy Framework (SPF) records exist and issues a
+warning if an SPF\-formatted TXT record is not also present. Possible
+modes are \fBwarn\fP (the default) and \fBignore\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-w directory
+This option instructs \fI\%named\fP to chdir to \fBdirectory\fP, so that relative filenames in master file
+\fB$INCLUDE\fP directives work. This is similar to the directory clause in
+\fI\%named.conf\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-D
+This option dumps the zone file in canonical format.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-W mode
+This option specifies whether to check for non\-terminal wildcards. Non\-terminal
+wildcards are almost always the result of a failure to understand the
+wildcard matching algorithm (\fI\%RFC 4592\fP). Possible modes are \fBwarn\fP
+(the default) and \fBignore\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B zonename
+This indicates the domain name of the zone being checked.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B filename
+This is the name of the zone file.
+.UNINDENT
+.SH RETURN VALUES
+.sp
+\fBnamed\-checkzone\fP returns an exit status of 1 if errors were detected
+and 0 otherwise.
+.SH SEE ALSO
+.sp
+\fI\%named(8)\fP, \fI\%named\-checkconf(8)\fP, \fI\%named\-compilezone(8)\fP, \fI\%RFC 1035\fP, BIND 9 Administrator Reference
+Manual.
+.SH AUTHOR
+Internet Systems Consortium
+.SH COPYRIGHT
+2023, Internet Systems Consortium
+.\" Generated by docutils manpage writer.
+.
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-03 15:36:33 +0000