Commit 2aca7f65 authored by Andreas Gustafsson's avatar Andreas Gustafsson

the rndc.conf port and default-port clauses are now implemented [RT #1419]

parent d748172f
......@@ -2,7 +2,7 @@
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN"
"http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd">
<!-- File: $Id: Bv9ARM-book.xml,v 1.140 2001/06/14 20:36:30 bwelling Exp $ -->
<!-- File: $Id: Bv9ARM-book.xml,v 1.141 2001/06/18 22:18:53 gson Exp $ -->
<book>
<title>BIND 9 Administrator Reference Manual</title>
......@@ -825,33 +825,42 @@ of a server.</para>
be shared. The order of statements is not
significant.</para>
<para>The <command>options</command> statement has two clauses: <command>default-server</command> and <command>default-key</command>. <command>default-server</command> takes a
<para>The <command>options</command> statement has three clauses:
<command>default-server</command>, <command>default-key</command>,
and <command>default-port</command>.
<command>default-server</command> takes a
host name or address argument and represents the server that will
be contacted if no <option>-s</option>
option is provided on the command line. <command>default-key</command> takes
option is provided on the command line.
<command>default-key</command> takes
the name of key as its argument, as defined by a <command>key</command> statement.
In the future a <command>default-port</command> clause will be
added to specify the port to which <command>rndc</command> should
connect.</para>
<command>default-port</command> specifies the port to which
<command>rndc</command> should connect if no
port is given on the command line or in a
<command>server</command> statement.</para>
<para>The <command>key</command> statement names a key with its
string argument. The string is required by the server to be a valid
domain name, though it need not actually be hierarchical; thus,
a string like "<userinput>rndc_key</userinput>" is a valid name.
The <command>key</command> statement has two clauses: <command>algorithm</command> and <command>secret</command>.
While the configuration parser will accept any string as the argument
The <command>key</command> statement has two clauses:
<command>algorithm</command> and <command>secret</command>.
While the configuration parser will accept any string as the argument
to algorithm, currently only the string "<userinput>hmac-md5</userinput>"
has any meaning. The secret is a base-64 encoded string, typically
generated with either <command>dnssec-keygen</command> or <command>mmencode</command>.</para>
<para>The <command>server</command> statement uses the key clause
to associate a <command>key</command>-defined key with a server.
The argument to the <command>server</command> statement is a
The argument to the <command>server</command> statement is a
host name or address (addresses must be double quoted). The argument
to the key clause is the name of the key as defined by the <command>key</command> statement.
A <command>port</command> clause will be added to a future release
to specify the port to which <command>rndc</command> should connect
The <command>port</command> clause can be used to
specify the port to which <command>rndc</command> should connect
on the given server.</para>
<para>A sample minimal configuration file is as follows:</para>
<programlisting>
<programlisting>
key rndc_key {
algorithm "hmac-md5";
secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
......@@ -861,6 +870,7 @@ options {
default-key rndc_key;
};
</programlisting>
<para>This file, if installed as <filename>/etc/rndc.conf</filename>,
would allow the command:</para>
<para><prompt>$ </prompt><userinput>rndc reload</userinput></para>
......
......@@ -1184,13 +1184,19 @@ CLASS="command"
>The <B
CLASS="command"
>options</B
> statement has two clauses: <B
> statement has three clauses:
<B
CLASS="command"
>default-server</B
> and <B
>, <B
CLASS="command"
>default-key</B
>. <B
>,
and <B
CLASS="command"
>default-port</B
>.
<B
CLASS="command"
>default-server</B
> takes a
......@@ -1199,7 +1205,8 @@ be contacted if no <TT
CLASS="option"
>-s</TT
>
option is provided on the command line. <B
option is provided on the command line.
<B
CLASS="command"
>default-key</B
> takes
......@@ -1207,15 +1214,19 @@ the name of key as its argument, as defined by a <B
CLASS="command"
>key</B
> statement.
In the future a <B
<B
CLASS="command"
>default-port</B
> clause will be
added to specify the port to which <B
> specifies the port to which
<B
CLASS="command"
>rndc</B
> should
connect.</P
> should connect if no
port is given on the command line or in a
<B
CLASS="command"
>server</B
> statement.</P
><P
>The <B
CLASS="command"
......@@ -1232,14 +1243,15 @@ CLASS="userinput"
The <B
CLASS="command"
>key</B
> statement has two clauses: <B
> statement has two clauses:
<B
CLASS="command"
>algorithm</B
> and <B
CLASS="command"
>secret</B
>.
While the configuration parser will accept any string as the argument
While the configuration parser will accept any string as the argument
to algorithm, currently only the string "<TT
CLASS="userinput"
><B
......@@ -1263,7 +1275,7 @@ to associate a <B
CLASS="command"
>key</B
>-defined key with a server.
The argument to the <B
The argument to the <B
CLASS="command"
>server</B
> statement is a
......@@ -1272,11 +1284,11 @@ to the key clause is the name of the key as defined by the <B
CLASS="command"
>key</B
> statement.
A <B
The <B
CLASS="command"
>port</B
> clause will be added to a future release
to specify the port to which <B
> clause can be used to
specify the port to which <B
CLASS="command"
>rndc</B
> should connect
......@@ -1336,7 +1348,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN648"
NAME="AEN650"
>3.4.2. Signals</A
></H2
><P
......@@ -1349,7 +1361,7 @@ CLASS="command"
><DIV
CLASS="informaltable"
><A
NAME="AEN652"
NAME="AEN654"
></A
><P
></P
......
......@@ -88,7 +88,7 @@ HREF="Bv9ARM.ch04.html#incremental_zone_transfers"
></DT
><DT
>4.3. <A
HREF="Bv9ARM.ch04.html#AEN712"
HREF="Bv9ARM.ch04.html#AEN714"
>Split DNS</A
></DT
><DT
......@@ -98,12 +98,12 @@ HREF="Bv9ARM.ch04.html#tsig"
></DT
><DT
>4.5. <A
HREF="Bv9ARM.ch04.html#AEN872"
HREF="Bv9ARM.ch04.html#AEN874"
>TKEY</A
></DT
><DT
>4.6. <A
HREF="Bv9ARM.ch04.html#AEN887"
HREF="Bv9ARM.ch04.html#AEN889"
>SIG(0)</A
></DT
><DT
......@@ -113,7 +113,7 @@ HREF="Bv9ARM.ch04.html#DNSSEC"
></DT
><DT
>4.8. <A
HREF="Bv9ARM.ch04.html#AEN972"
HREF="Bv9ARM.ch04.html#AEN974"
>IPv6 Support in <SPAN
CLASS="acronym"
>BIND</SPAN
......@@ -274,7 +274,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN712"
NAME="AEN714"
>4.3. Split DNS</A
></H1
><P
......@@ -672,7 +672,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN803"
NAME="AEN805"
>4.4.1. Generate Shared Keys for Each Pair of Hosts</A
></H2
><P
......@@ -690,7 +690,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN808"
NAME="AEN810"
>4.4.1.1. Automatic Generation</A
></H3
><P
......@@ -732,7 +732,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN819"
NAME="AEN821"
>4.4.1.2. Manual Generation</A
></H3
><P
......@@ -753,7 +753,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN824"
NAME="AEN826"
>4.4.2. Copying the Shared Secret to Both Machines</A
></H2
><P
......@@ -765,7 +765,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN827"
NAME="AEN829"
>4.4.3. Informing the Servers of the Key's Existence</A
></H2
><P
......@@ -813,7 +813,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN839"
NAME="AEN841"
>4.4.4. Instructing the Server to Use the Key</A
></H2
><P
......@@ -873,7 +873,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN855"
NAME="AEN857"
>4.4.5. TSIG Key Based Access Control</A
></H2
><P
......@@ -919,7 +919,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN868"
NAME="AEN870"
>4.4.6. Errors</A
></H2
><P
......@@ -948,7 +948,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN872"
NAME="AEN874"
>4.5. TKEY</A
></H1
><P
......@@ -1014,7 +1014,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN887"
NAME="AEN889"
>4.6. SIG(0)</A
></H1
><P
......@@ -1086,7 +1086,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN904"
NAME="AEN906"
>4.7.1. Generating Keys</A
></H2
><P
......@@ -1165,7 +1165,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN924"
NAME="AEN926"
>4.7.2. Creating a Keyset</A
></H2
><P
......@@ -1218,7 +1218,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN936"
NAME="AEN938"
>4.7.3. Signing the Child's Keyset</A
></H2
><P
......@@ -1268,7 +1268,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN949"
NAME="AEN951"
>4.7.4. Signing the Zone</A
></H2
><P
......@@ -1330,7 +1330,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN965"
NAME="AEN967"
>4.7.5. Configuring Servers</A
></H2
><P
......@@ -1357,7 +1357,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN972"
NAME="AEN974"
>4.8. IPv6 Support in <SPAN
CLASS="acronym"
>BIND</SPAN
......@@ -1417,7 +1417,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN988"
NAME="AEN990"
>4.8.1. Address Lookups Using AAAA Records</A
></H2
><P
......@@ -1439,7 +1439,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN993"
NAME="AEN995"
>4.8.2. Address Lookups Using A6 Records</A
></H2
><P
......@@ -1459,7 +1459,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN997"
NAME="AEN999"
>4.8.2.1. A6 Chains</A
></H3
><P
......@@ -1505,7 +1505,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1008"
NAME="AEN1010"
>4.8.2.2. A6 Records for DNS Servers</A
></H3
><P
......@@ -1535,7 +1535,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1014"
NAME="AEN1016"
>4.8.3. Address to Name Lookups Using Nibble Format</A
></H2
><P
......@@ -1566,7 +1566,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1021"
NAME="AEN1023"
>4.8.4. Address to Name Lookups Using Bitstring Format</A
></H2
><P
......@@ -1593,7 +1593,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1028"
NAME="AEN1030"
>4.8.5. Using DNAME for Delegation of IPv6 Reverse Addresses</A
></H2
><P
......
......@@ -81,7 +81,7 @@ CLASS="TOC"
></DT
><DT
>5.1. <A
HREF="Bv9ARM.ch05.html#AEN1048"
HREF="Bv9ARM.ch05.html#AEN1050"
>The Lightweight Resolver Library</A
></DT
><DT
......@@ -96,7 +96,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN1048"
NAME="AEN1050"
>5.1. The Lightweight Resolver Library</A
></H1
><P
......
......@@ -91,7 +91,7 @@ HREF="Bv9ARM.ch06.html#Configuration_File_Grammar"
></DT
><DT
>6.3. <A
HREF="Bv9ARM.ch06.html#AEN3459"
HREF="Bv9ARM.ch06.html#AEN3461"
>Zone File</A
></DT
></DL
......@@ -145,7 +145,7 @@ file documentation:</P
><DIV
CLASS="informaltable"
><A
NAME="AEN1090"
NAME="AEN1092"
></A
><P
></P
......@@ -740,7 +740,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1253"
NAME="AEN1255"
>6.1.1.1. Syntax</A
></H3
><PRE
......@@ -771,7 +771,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1261"
NAME="AEN1263"
>6.1.1.2. Definition and Usage</A
></H3
><P
......@@ -882,7 +882,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1290"
NAME="AEN1292"
>6.1.2. Comment Syntax</A
></H2
><P
......@@ -901,7 +901,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1295"
NAME="AEN1297"
>6.1.2.1. Syntax</A
></H3
><P
......@@ -933,7 +933,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1304"
NAME="AEN1306"
>6.1.2.2. Definition and Usage</A
></H3
><P
......@@ -1043,7 +1043,7 @@ CLASS="acronym"
><DIV
CLASS="informaltable"
><A
NAME="AEN1328"
NAME="AEN1330"
></A
><P
></P
......@@ -1271,7 +1271,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1397"
NAME="AEN1399"
>6.2.1. <B
CLASS="command"
>acl</B
......@@ -1318,7 +1318,7 @@ CLASS="command"
><DIV
CLASS="informaltable"
><A
NAME="AEN1410"
NAME="AEN1412"
></A
><P
></P
......@@ -1416,7 +1416,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1439"
NAME="AEN1441"
>6.2.3. <B
CLASS="command"
>controls</B
......@@ -1671,7 +1671,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1502"
NAME="AEN1504"
>6.2.5. <B
CLASS="command"
>include</B
......@@ -1691,7 +1691,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1507"
NAME="AEN1509"
>6.2.6. <B
CLASS="command"
>include</B
......@@ -1721,7 +1721,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1514"
NAME="AEN1516"
>6.2.7. <B
CLASS="command"
>key</B
......@@ -1755,7 +1755,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1521"
NAME="AEN1523"
>6.2.8. <B
CLASS="command"
>key</B
......@@ -1809,7 +1809,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1533"
NAME="AEN1535"
>6.2.9. <B
CLASS="command"
>logging</B
......@@ -1969,7 +1969,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1573"
NAME="AEN1575"
>6.2.10. <B
CLASS="command"
>logging</B
......@@ -2032,7 +2032,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1589"
NAME="AEN1591"
>6.2.10.1. The <B
CLASS="command"
>channel</B
......@@ -2474,7 +2474,7 @@ CLASS="acronym"
><DIV
CLASS="informaltable"
><A
NAME="AEN1693"
NAME="AEN1695"
></A
><P
></P
......@@ -2842,7 +2842,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1803"
NAME="AEN1805"
>6.2.11. <B
CLASS="command"
>lwres</B
......@@ -2939,7 +2939,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1827"
NAME="AEN1829"
>6.2.12. <B
CLASS="command"
>lwres</B
......@@ -3013,7 +3013,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1846"
NAME="AEN1848"
>6.2.13. <B
CLASS="command"
>options</B
......@@ -3954,7 +3954,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN2060"
NAME="AEN2062"
>6.2.14. <B
CLASS="command"
>options</B
......@@ -4873,7 +4873,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2340"
NAME="AEN2342"
>6.2.14.2. Forwarding</A
></H3
><P
......@@ -5077,7 +5077,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2405"
NAME="AEN2407"
>6.2.14.4. Interfaces</A
></H3
><P
......@@ -5172,7 +5172,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2431"
NAME="AEN2433"
>6.2.14.5. Query Address</A
></H3
><P
......@@ -5585,7 +5585,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2567"
NAME="AEN2569"
>6.2.14.7. Operating System Resource Limits</A
></H3
><P
......@@ -5705,7 +5705,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2604"
NAME="AEN2606"
>6.2.14.8. Server Resource Limits</A
></H3
><P
......@@ -5789,7 +5789,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2632"
NAME="AEN2634"
>6.2.14.9. Periodic Task Intervals</A
></H3
><P
......@@ -6156,7 +6156,7 @@ CLASS="command"
><DIV
CLASS="informaltable"