Unix‎ > ‎Solaris‎ > ‎Solaris man pages‎ > ‎1m‎ > ‎

rndc


NAME
     rndc - name server control utility

SYNOPSIS
     rndc [-V] [-c config-file] [-k  key-file]  [-s  server]  [-p
     port] [-y key_id] command

DESCRIPTION
     The rndc utility controls the operation of a name server. It
     supersedes  the  ndc  utility  that was provided in previous
     BIND releases. If rndc  is  invoked  with  no  command  line
     options  or arguments, it prints a short summary of the sup-
     ported commands and the available options  and  their  argu-
     ments.

     The rndc utility communicates with the name  server  over  a
     TCP  connection, sending commands authenticated with digital
     signatures. The only supported authentication  algorithm  in
     the  current  versions  of  rndc  and named(1M) is HMAC-MD5,
     which uses a shared secret on each end  of  the  connection.
     This  algorithm  provides  TSIG-style authentication for the
     command request and the name server's response. All commands
     sent  over  the  channel must be signed by a key_id known to
     the server.

     The rndc utility reads a configuration file to determine how
     to contact the name server and decide what algorithm and key
     it should use.

OPTIONS
     The following options are supported:

     -c config-file  Use config-file as  the  configuration  file
                     instead of the default /etc/rndc.conf.



     -k key-file     Use key-file as the key file instead of  the
                     default,    /etc/rndc.key.    The   key   in
                     /etc/rndc.key is used to  authenticate  com-
                     mands  sent to the server if the config-file
                     does not exist.



     -s server       The server argument is the name  or  address
                     of  the  server that matches a server state-
                     ment in the configuration file for rndc.  If
                     no  server  is supplied on the command line,
                     the host named by the default-server  clause
                     in the option statement of the configuration
                     file is used.

     -p port         Send commands to TCP port  port  instead  of
                     BIND 9's default control channel port, 953.



     -V              Enable verbose logging.



     -y keyid        Use the key  keyid  from  the  configuration
                     file.  The  keyid  argument must be known by
                     named with the  same  algorithm  and  secret
                     string  for  control  message  validation to
                     succeed. If no keyid is specified, rndc will
                     first  look  for  a key clause in the server
                     statement of the server being used, or if no
                     server  statement  is present for that host,
                     then the default-key clause of  the  options
                     statement.  The  configuration file contains
                     shared secrets that are used to send authen-
                     ticated control commands to name servers. It
                     should therefore not have  general  read  or
                     write access.



     For the complete set of commands supported by rndc, see  the
     BIND  9  Administrator  Reference Manual or run rndc without
     arguments to see its help message.

LIMITATIONS
     The rndc utility does not support all the  commands  of  the
     BIND 8 ndc utility.

     There is no way to provide the shared secret  for  a  key_id
     without using the configuration file.

     Several error messages could be clearer.

ATTRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWbind9                   |
    | Interface Stability         | External                    |
    |_____________________________|_____________________________|


SEE ALSO

     named(1M), named.conf(4), rndc.conf(4), attributes(5)

     BIND 9 Administrator Reference Manual

NOTES
     Source for BIND9 is available in the SUNWbind9S package.










Man pages from Solaris 10 Update 8. See docs.sun.com and www.oracle.com for further documentation and Solaris information.
Comments