diff --git a/bin/dig/dig.1 b/bin/dig/dig.1 index 6b413b12228db227640068e4f7bb078da37a9048..58ead793de32c696985c727ae06514bf0354de86 100644 --- a/bin/dig/dig.1 +++ b/bin/dig/dig.1 @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: dig.1,v 1.44 2007/05/09 13:35:57 marka Exp $ +.\" $Id: dig.1,v 1.45 2007/05/16 06:12:00 marka Exp $ .\" .hy 0 .ad l @@ -128,7 +128,7 @@ The default query class (IN for internet) is overridden by the \fB\-c\fR option. \fIclass\fR -is any valid class, such as HS for Hesiod records or CH for CHAOSNET records. +is any valid class, such as HS for Hesiod records or CH for Chaosnet records. .PP The \fB\-f\fR @@ -330,7 +330,7 @@ makes iterative queries to resolve the name being looked up. It will follow refe .PP \fB+[no]cmd\fR .RS 4 -toggles the printing of the initial comment in the output identifying the version of +Toggles the printing of the initial comment in the output identifying the version of \fBdig\fR and the query options that have been applied. This comment is printed by default. .RE diff --git a/bin/dig/dig.html b/bin/dig/dig.html index f345dc78462f60a31e65a1771e9814e6480322f4..962e68090228ddfc882509cda705a48575405375 100644 --- a/bin/dig/dig.html +++ b/bin/dig/dig.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -139,7 +139,7 @@ The default query class (IN for internet) is overridden by the -c option. class is any valid - class, such as HS for Hesiod records or CH for CHAOSNET records. + class, such as HS for Hesiod records or CH for Chaosnet records.

The -f option makes dig @@ -362,7 +362,7 @@

+[no]cmd

- toggles the printing of the initial comment in the output + Toggles the printing of the initial comment in the output identifying the version of dig and the query options that have diff --git a/bin/dig/nslookup.1 b/bin/dig/nslookup.1 index 8f743ad4dd9bff2eb3dc6718356106ee72636ab2..2d195345e6f2297a0e6adce528bb4fe59ad190f7 100644 --- a/bin/dig/nslookup.1 +++ b/bin/dig/nslookup.1 @@ -12,7 +12,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: nslookup.1,v 1.13 2007/05/09 03:33:50 marka Exp $ +.\" $Id: nslookup.1,v 1.14 2007/05/16 06:12:01 marka Exp $ .\" .hy 0 .ad l @@ -166,7 +166,7 @@ Turn on or off the display of the full response packet and any intermediate resp .PP \fB \fR\fB\fI[no]\fR\fR\fBd2\fR .RS 4 -Turn debugging mode on or off. This displays more about about what nslookup is doing. +Turn debugging mode on or off. This displays more about what nslookup is doing. .sp (Default = nod2) .RE diff --git a/bin/dig/nslookup.html b/bin/dig/nslookup.html index 4071768761f2346130f891ebd0ad8bd4035d550d..0f3817653c01939a4e6f638fe717f03e9ea6790e 100644 --- a/bin/dig/nslookup.html +++ b/bin/dig/nslookup.html @@ -13,7 +13,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -192,7 +192,7 @@ nslookup -query=hinfo -timeout=10

Turn debugging mode on or off. This displays more about - about what nslookup is doing. + what nslookup is doing.

(Default = nod2) diff --git a/bin/named/lwresd.8 b/bin/named/lwresd.8 index f0c38937a4822bc12f5c56b7bf7d785a706f43e2..77d647d16f2148b788079eddcbf50c97cfe24ede 100644 --- a/bin/named/lwresd.8 +++ b/bin/named/lwresd.8 @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwresd.8,v 1.26 2007/05/09 03:33:51 marka Exp $ +.\" $Id: lwresd.8,v 1.27 2007/05/16 06:12:01 marka Exp $ .\" .hy 0 .ad l @@ -33,7 +33,7 @@ lwresd \- lightweight resolver daemon .SH "SYNOPSIS" .HP 7 -\fBlwresd\fR [\fB\-C\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-i\ \fR\fB\fIpid\-file\fR\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-P\ \fR\fB\fIport\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] +\fBlwresd\fR [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-C\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-i\ \fR\fB\fIpid\-file\fR\fR] [\fB\-m\ \fR\fB\fIflag\fR\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-P\ \fR\fB\fIport\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-4\fR] [\fB\-6\fR] .SH "DESCRIPTION" .PP \fBlwresd\fR @@ -61,12 +61,44 @@ entries are present, or if forwarding fails, resolves the queries autonomously starting at the root name servers, using a built\-in list of root server hints. .SH "OPTIONS" .PP +\-4 +.RS 4 +Use IPv4 only even if the host machine is capable of IPv6. +\fB\-4\fR +and +\fB\-6\fR +are mutually exclusive. +.RE +.PP +\-6 +.RS 4 +Use IPv6 only even if the host machine is capable of IPv4. +\fB\-4\fR +and +\fB\-6\fR +are mutually exclusive. +.RE +.PP +\-c \fIconfig\-file\fR +.RS 4 +Use +\fIconfig\-file\fR +as the configuration file instead of the default, +\fI/etc/lwresd.conf\fR. +\-c +can not be used with +\-C. +.RE +.PP \-C \fIconfig\-file\fR .RS 4 Use \fIconfig\-file\fR as the configuration file instead of the default, \fI/etc/resolv.conf\fR. +\-C +can not be used with +\-c. .RE .PP \-d \fIdebug\-level\fR @@ -88,6 +120,25 @@ Run the server in the foreground and force all logging to \fIstderr\fR. .RE .PP +\-i \fIpid\-file\fR +.RS 4 +Use +\fIpid\-file\fR +as the PID file instead of the default, +\fI/var/run/lwresd.pid\fR. +.RE +.PP +\-m \fIflag\fR +.RS 4 +Turn on memory usage debugging flags. Possible flags are +\fIusage\fR, +\fItrace\fR, +\fIrecord\fR, +\fIsize\fR, and +\fImctx\fR. These correspond to the ISC_MEM_DEBUGXXXX flags described in +\fI\fR. +.RE +.PP \-n \fI#cpus\fR .RS 4 Create diff --git a/bin/named/lwresd.html b/bin/named/lwresd.html index 84cf53249b5b129376aade4c5fdf7857557701ae..c5fae295b0e0ca71ec32387366dc2a9bbcad1a6f 100644 --- a/bin/named/lwresd.html +++ b/bin/named/lwresd.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -29,10 +29,10 @@

Synopsis

-

lwresd [-C config-file] [-d debug-level] [-f] [-g] [-i pid-file] [-n #cpus] [-P port] [-p port] [-s] [-t directory] [-u user] [-v]

+

lwresd [-c config-file] [-C config-file] [-d debug-level] [-f] [-g] [-i pid-file] [-m flag] [-n #cpus] [-P port] [-p port] [-s] [-t directory] [-u user] [-v] [-4] [-6]

-

DESCRIPTION

+

DESCRIPTION

lwresd is the daemon providing name lookup services to clients that use the BIND 9 lightweight resolver @@ -67,13 +67,34 @@

-

OPTIONS

+

OPTIONS

+
-4
+

+ Use IPv4 only even if the host machine is capable of IPv6. + -4 and -6 are mutually + exclusive. +

+
-6
+

+ Use IPv6 only even if the host machine is capable of IPv4. + -4 and -6 are mutually + exclusive. +

+
-c config-file
+

+ Use config-file as the + configuration file instead of the default, + /etc/lwresd.conf. + + <term>-c</term> can not be used with <term>-C</term>. +

-C config-file

Use config-file as the configuration file instead of the default, /etc/resolv.conf. + <term>-C</term> can not be used with <term>-c</term>.

-d debug-level

@@ -90,6 +111,23 @@ Run the server in the foreground and force all logging to stderr.

+
-i pid-file
+

+ Use pid-file as the + PID file instead of the default, + /var/run/lwresd.pid. +

+
-m flag
+

+ Turn on memory usage debugging flags. Possible flags are + usage, + trace, + record, + size, and + mctx. + These correspond to the ISC_MEM_DEBUGXXXX flags described in + <isc/mem.h>. +

-n #cpus

Create #cpus worker threads @@ -159,7 +197,7 @@

-

FILES

+

FILES

/etc/resolv.conf

@@ -172,14 +210,14 @@

-

SEE ALSO

+

SEE ALSO

named(8), lwres(3), resolver(5).

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/bin/named/named.8 b/bin/named/named.8 index 3d8509c4c3365a9e8a5829f93794504a2f6cb7cb..a0ebabfe6c3bf1096c4539830bbc38294d460bf1 100644 --- a/bin/named/named.8 +++ b/bin/named/named.8 @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: named.8,v 1.32 2007/05/09 03:33:51 marka Exp $ +.\" $Id: named.8,v 1.33 2007/05/16 06:12:01 marka Exp $ .\" .hy 0 .ad l @@ -33,7 +33,7 @@ named \- Internet domain name server .SH "SYNOPSIS" .HP 6 -\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] +\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-m\ \fR\fB\fIflag\fR\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] .SH "DESCRIPTION" .PP \fBnamed\fR @@ -94,6 +94,17 @@ Run the server in the foreground and force all logging to \fIstderr\fR. .RE .PP +\-m \fIflag\fR +.RS 4 +Turn on memory usage debugging flags. Possible flags are +\fIusage\fR, +\fItrace\fR, +\fIrecord\fR, +\fIsize\fR, and +\fImctx\fR. These correspond to the ISC_MEM_DEBUGXXXX flags described in +\fI\fR. +.RE +.PP \-n \fI#cpus\fR .RS 4 Create diff --git a/bin/named/named.html b/bin/named/named.html index 43b204ede9f02f29e8f4aeb56bb13cccd512ebbb..b6cfd59a5ff6a9b93ceeae6733a809c0111dbbc4 100644 --- a/bin/named/named.html +++ b/bin/named/named.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -29,10 +29,10 @@

Synopsis

-

named [-4] [-6] [-c config-file] [-d debug-level] [-f] [-g] [-n #cpus] [-p port] [-s] [-t directory] [-u user] [-v] [-x cache-file]

+

named [-4] [-6] [-c config-file] [-d debug-level] [-f] [-g] [-m flag] [-n #cpus] [-p port] [-s] [-t directory] [-u user] [-v] [-x cache-file]

-

DESCRIPTION

+

DESCRIPTION

named is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more @@ -47,7 +47,7 @@

-

OPTIONS

+

OPTIONS

-4

@@ -88,6 +88,17 @@ Run the server in the foreground and force all logging to stderr.

+
-m flag
+

+ Turn on memory usage debugging flags. Possible flags are + usage, + trace, + record, + size, and + mctx. + These correspond to the ISC_MEM_DEBUGXXXX flags described in + <isc/mem.h>. +

-n #cpus

Create #cpus worker threads @@ -180,7 +191,7 @@

-

SIGNALS

+

SIGNALS

In routine operation, signals should not be used to control the nameserver; rndc should be used @@ -201,7 +212,7 @@

-

CONFIGURATION

+

CONFIGURATION

The named configuration file is too complex to describe in detail here. A complete description is provided @@ -210,7 +221,7 @@

-

FILES

+

FILES

/etc/named.conf

@@ -223,7 +234,7 @@

-

SEE ALSO

+

SEE ALSO

RFC 1033, RFC 1034, RFC 1035, @@ -234,7 +245,7 @@

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/Bv9ARM.ch03.html b/doc/arm/Bv9ARM.ch03.html index cffccbfdf18c1106e6a142b6918717d50509deba..ab7f106ab2834035a38875c746a81d448ddb84f5 100644 --- a/doc/arm/Bv9ARM.ch03.html +++ b/doc/arm/Bv9ARM.ch03.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -54,7 +54,7 @@
Name Server Operations
Tools for Use With the Name Server Daemon
-
Signals
+
Signals
@@ -336,7 +336,7 @@ zone "eng.example.com" { functionality can be extended with the use of options.

-

host [-aCdlrTwv] [-c class] [-N ndots] [-t type] [-W timeout] [-R retries] hostname [server]

+

host [-aCdlnrsTwv] [-c class] [-N ndots] [-t type] [-W timeout] [-R retries] [-m flag] [-4] [-6] hostname [server]

For more information and a list of available commands and options, see the host man @@ -739,7 +739,7 @@ controls {

-Signals

+Signals

Certain UNIX signals cause the name server to take specific actions, as described in the following table. These signals can diff --git a/doc/arm/Bv9ARM.ch04.html b/doc/arm/Bv9ARM.ch04.html index 2ed093ad04ec9e4d11ee21a5b4e68ed75c2bf934..663648f72a6c6c21e9ba31b1f6cf67de8e008aa5 100644 --- a/doc/arm/Bv9ARM.ch04.html +++ b/doc/arm/Bv9ARM.ch04.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -49,29 +49,29 @@

Dynamic Update
The journal file
Incremental Zone Transfers (IXFR)
-
Split DNS
-
Example split DNS setup
+
Split DNS
+
Example split DNS setup
TSIG
-
Generate Shared Keys for Each Pair of Hosts
-
Copying the Shared Secret to Both Machines
-
Informing the Servers of the Key's Existence
-
Instructing the Server to Use the Key
-
TSIG Key Based Access Control
-
Errors
+
Generate Shared Keys for Each Pair of Hosts
+
Copying the Shared Secret to Both Machines
+
Informing the Servers of the Key's Existence
+
Instructing the Server to Use the Key
+
TSIG Key Based Access Control
+
Errors
-
TKEY
-
SIG(0)
+
TKEY
+
SIG(0)
DNSSEC
-
Generating Keys
-
Signing the Zone
-
Configuring Servers
+
Generating Keys
+
Signing the Zone
+
Configuring Servers
-
IPv6 Support in BIND 9
+
IPv6 Support in BIND 9
-
Address Lookups Using AAAA Records
-
Address to Name Lookups Using Nibble Format
+
Address Lookups Using AAAA Records
+
Address to Name Lookups Using Nibble Format
@@ -210,7 +210,7 @@

-Split DNS

+Split DNS

Setting up different views, or visibility, of the DNS space to internal and external resolvers is usually referred to as a @@ -228,7 +228,7 @@ However, since listing addresses of internal servers that external clients cannot possibly reach can result in connection delays and other annoyances, an organization may - choose to use a Split DNS to present a consistant view of itself + choose to use a Split DNS to present a consistent view of itself to the outside world.

@@ -240,7 +240,7 @@

-Example split DNS setup

+Example split DNS setup

Let's say a company named Example, Inc. (example.com) @@ -486,7 +486,7 @@ nameserver 172.16.72.4

-Generate Shared Keys for Each Pair of Hosts

+Generate Shared Keys for Each Pair of Hosts

A shared secret is generated to be shared between host1 and host2. An arbitrary key name is chosen: "host1-host2.". The key name must @@ -494,7 +494,7 @@ nameserver 172.16.72.4

-Automatic Generation

+Automatic Generation

The following command will generate a 128-bit (16 byte) HMAC-MD5 key as described above. Longer keys are better, but shorter keys @@ -519,7 +519,7 @@ nameserver 172.16.72.4

-Manual Generation

+Manual Generation

The shared secret is simply a random sequence of bits, encoded in base-64. Most ASCII strings are valid base-64 strings (assuming @@ -534,7 +534,7 @@ nameserver 172.16.72.4

-Copying the Shared Secret to Both Machines

+Copying the Shared Secret to Both Machines

This is beyond the scope of DNS. A secure transport mechanism should be used. This could be secure FTP, ssh, telephone, etc. @@ -542,7 +542,7 @@ nameserver 172.16.72.4

-Informing the Servers of the Key's Existence

+Informing the Servers of the Key's Existence

Imagine host1 and host 2 are @@ -571,7 +571,7 @@ key host1-host2. {

-Instructing the Server to Use the Key

+Instructing the Server to Use the Key

Since keys are shared between two hosts only, the server must be told when keys are to be used. The following is added to the named.conf file @@ -603,7 +603,7 @@ server 10.1.2.3 {

-TSIG Key Based Access Control

+TSIG Key Based Access Control

BIND allows IP addresses and ranges to be specified in ACL @@ -631,7 +631,7 @@ allow-update { key host1-host2. ;};

-Errors

+Errors

The processing of TSIG signed messages can result in several errors. If a signed message is sent to a non-TSIG aware @@ -657,7 +657,7 @@ allow-update { key host1-host2. ;};

-TKEY

+TKEY

TKEY is a mechanism for automatically generating a shared secret between two hosts. There are several "modes" of @@ -693,7 +693,7 @@ allow-update { key host1-host2. ;};

-SIG(0)

+SIG(0)

BIND 9 partially supports DNSSEC SIG(0) transaction signatures as specified in RFC 2535 and RFC2931. @@ -754,7 +754,7 @@ allow-update { key host1-host2. ;};

-Generating Keys

+Generating Keys

The dnssec-keygen program is used to generate keys. @@ -805,7 +805,7 @@ allow-update { key host1-host2. ;};

-Signing the Zone

+Signing the Zone

The dnssec-signzone program is used to @@ -842,14 +842,14 @@ allow-update { key host1-host2. ;};

dnssec-signzone will also produce a keyset and dsset files and optionally a dlvset file. These are used to provide the parent zone - administators with the DNSKEYs (or their + administrators with the DNSKEYs (or their corresponding DS records) that are the secure entry point to the zone.

-Configuring Servers

+Configuring Servers

To enable named to respond appropriately to DNS requests from DNSSEC aware clients, @@ -937,7 +937,7 @@ options {

-IPv6 Support in BIND 9

+IPv6 Support in BIND 9

BIND 9 fully supports all currently defined forms of IPv6 @@ -976,7 +976,7 @@ options {

-Address Lookups Using AAAA Records

+Address Lookups Using AAAA Records

The IPv6 AAAA record is a parallel to the IPv4 A record, and, unlike the deprecated A6 record, specifies the entire @@ -995,7 +995,7 @@ host 3600 IN AAAA 2001:db8::1

-Address to Name Lookups Using Nibble Format

+Address to Name Lookups Using Nibble Format

When looking up an address in nibble format, the address components are simply reversed, just as in IPv4, and diff --git a/doc/arm/Bv9ARM.ch05.html b/doc/arm/Bv9ARM.ch05.html index 1689619623a967380807ddf049626aa09686e189..758f9d7804da9eab72ac3f7e0c48a1d7747d86d8 100644 --- a/doc/arm/Bv9ARM.ch05.html +++ b/doc/arm/Bv9ARM.ch05.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -45,13 +45,13 @@

Table of Contents

-
The Lightweight Resolver Library
+
The Lightweight Resolver Library
Running a Resolver Daemon

-The Lightweight Resolver Library

+The Lightweight Resolver Library

Traditionally applications have been linked with a stub resolver library that sends recursive DNS queries to a local caching name diff --git a/doc/arm/Bv9ARM.ch06.html b/doc/arm/Bv9ARM.ch06.html index 5a2399a8b2ab005c47d298e0da17094d8c565fb1..4c2b1464199b5f6674102537df453271d12e1d6e 100644 --- a/doc/arm/Bv9ARM.ch06.html +++ b/doc/arm/Bv9ARM.ch06.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -48,52 +48,52 @@

Configuration File Elements
Address Match Lists
-
Comment Syntax
+
Comment Syntax
Configuration File Grammar
-
acl Statement Grammar
+
acl Statement Grammar
acl Statement Definition and Usage
-
controls Statement Grammar
+
controls Statement Grammar
controls Statement Definition and Usage
-
include Statement Grammar
-
include Statement Definition and +
include Statement Grammar
+
include Statement Definition and Usage
-
key Statement Grammar
-
key Statement Definition and Usage
-
logging Statement Grammar
-
logging Statement Definition and +
key Statement Grammar
+
key Statement Definition and Usage
+
logging Statement Grammar
+
logging Statement Definition and Usage
-
lwres Statement Grammar
-
lwres Statement Definition and Usage
-
masters Statement Grammar
-
masters Statement Definition and +
lwres Statement Grammar
+
lwres Statement Definition and Usage
+
masters Statement Grammar
+
masters Statement Definition and Usage
-
options Statement Grammar
+
options Statement Grammar
options Statement Definition and Usage
server Statement Grammar
server Statement Definition and Usage
-
trusted-keys Statement Grammar
-
trusted-keys Statement Definition +
trusted-keys Statement Grammar
+
trusted-keys Statement Definition and Usage
view Statement Grammar
-
view Statement Definition and Usage
+
view Statement Definition and Usage
zone Statement Grammar
-
zone Statement Definition and Usage
+
zone Statement Definition and Usage
-
Zone File
+
Zone File
Types of Resource Records and When to Use Them
-
Discussion of MX Records
+
Discussion of MX Records
Setting TTLs
-
Inverse Mapping in IPv4
-
Other Zone File Directives
-
BIND Master File Extension: the $GENERATE Directive
+
Inverse Mapping in IPv4
+
Other Zone File Directives
+
BIND Master File Extension: the $GENERATE Directive
Additional File Formats
@@ -429,7 +429,7 @@ Address Match Lists

-Syntax

+Syntax
address_match_list = address_match_list_element ;
   [ address_match_list_element; ... ]
 address_match_list_element = [ ! ] (ip_address [/length] |
@@ -438,7 +438,7 @@
 
 

-Definition and Usage

+Definition and Usage

Address match lists are primarily used to determine access control for various server operations. They are also used in @@ -520,7 +520,7 @@

-Comment Syntax

+Comment Syntax

The BIND 9 comment syntax allows for comments to appear @@ -530,7 +530,7 @@

-Syntax

+Syntax

/* This is a BIND comment as in C */
@@ -545,7 +545,7 @@

-Definition and Usage

+Definition and Usage

Comments may appear anywhere that whitespace may appear in a BIND configuration file. @@ -779,7 +779,7 @@

-acl Statement Grammar

+acl Statement Grammar
acl acl-name {
     address_match_list
 };
@@ -862,7 +862,7 @@
 
 

-controls Statement Grammar

+controls Statement Grammar
controls {
    [ inet ( ip_addr | * ) [ port ip_port ] allow {  address_match_list  }
                 keys { key_list }; ]
@@ -984,12 +984,12 @@
 
 

-include Statement Grammar

+include Statement Grammar
include filename;

-include Statement Definition and +include Statement Definition and Usage

The include statement inserts the @@ -1004,7 +1004,7 @@

-key Statement Grammar

+key Statement Grammar
key key_id {
     algorithm string;
     secret string;
@@ -1013,7 +1013,7 @@
 
 

-key Statement Definition and Usage

+key Statement Definition and Usage

The key statement defines a shared secret key for use with TSIG (see the section called “TSIG”) @@ -1051,7 +1051,7 @@ hmac-sha256, hmac-sha384 and hmac-sha512 TSIG authentication. Truncated hashes are supported by appending the minimum - number of required bits preceeded by a dash, e.g. + number of required bits preceded by a dash, e.g. hmac-sha1-80. The secret_string is the secret to be used by the algorithm, and is treated as a base-64 @@ -1060,7 +1060,7 @@

-logging Statement Grammar

+logging Statement Grammar
logging {
    [ channel channel_name {
      ( file path name
@@ -1084,7 +1084,7 @@
 
 

-logging Statement Definition and +logging Statement Definition and Usage

The logging statement configures a @@ -1118,7 +1118,7 @@

-The channel Phrase

+The channel Phrase

All log output goes to one or more channels; you can make as many of them as you want. @@ -1640,7 +1640,7 @@ category notify { null; };

-lwres Statement Grammar

+lwres Statement Grammar

This is the grammar of the lwres statement in the named.conf file: @@ -1655,7 +1655,7 @@ category notify { null; };

-lwres Statement Definition and Usage

+lwres Statement Definition and Usage

The lwres statement configures the name @@ -1706,14 +1706,14 @@ category notify { null; };

-masters Statement Grammar

+masters Statement Grammar
 masters name [port ip_port] { ( masters_list | ip_addr [port ip_port] [key key] ) ; [...] };
 

-masters Statement Definition and +masters Statement Definition and Usage

masters lists allow for a common set of masters to be easily used by @@ -1722,7 +1722,7 @@ category notify { null; };

-options Statement Grammar

+options Statement Grammar

This is the grammar of the options statement in the named.conf file: @@ -1935,7 +1935,7 @@ category notify { null; }; authenticate keys requested by the GSS-TSIG protocol. Currently only Kerberos 5 authentication is available and the credential is a Kerberos principal which - the server can aquire through the default system + the server can acquire through the default system key file, normally /etc/krb5.keytab. Normally this principal is of the form "dns/server.domain". @@ -2755,7 +2755,7 @@ options { MX and SRV records only in-zone hostnames are checked (for out-of-zone hostnames use named-checkzone). For NS records only names below top of zone are - checked (for out-of-zone names and glue consistancy + checked (for out-of-zone names and glue consistency checks use named-checkzone). The default is yes.

@@ -2809,7 +2809,7 @@ options {

-Forwarding

+Forwarding

The forwarding facility can be used to create a large site-wide cache on a few servers, reducing traffic over links to external @@ -2853,7 +2853,7 @@ options {

-Dual-stack Servers

+Dual-stack Servers

Dual-stack servers are used as servers of last resort to work around @@ -2952,6 +2952,8 @@ options { from the cache. The default is the builtin acls localnets and localhost. + +

The way to set query access to the cache is now via @@ -3054,7 +3056,7 @@ options {

-Interfaces

+Interfaces

The interfaces and ports that the server will answer queries from may be specified using the listen-on option. listen-on takes @@ -3438,7 +3440,7 @@ query-source-v6 address * port *;

-Bad UDP Port Lists

+Bad UDP Port Lists

avoid-v4-udp-ports and avoid-v6-udp-ports specify a list of IPv4 and IPv6 UDP ports that will not be used as system @@ -3452,7 +3454,7 @@ query-source-v6 address * port *;

-Operating System Resource Limits

+Operating System Resource Limits

The server's usage of many system resources can be limited. Scaled values are allowed when specifying resource limits. For @@ -3511,7 +3513,7 @@ query-source-v6 address * port *;

-Server Resource Limits

+Server Resource Limits

The following options set limits on the server's resource consumption that are enforced internally by the @@ -3589,7 +3591,7 @@ query-source-v6 address * port *;

-Periodic Task Intervals

+Periodic Task Intervals
cleaning-interval

@@ -4128,7 +4130,7 @@ query-source-v6 address * port *; Named has some built-in empty zones (SOA and NS records only). These are for zones that should normally be answered locally and which queries should not be sent to the Internet's root - servers. The offical servers which cover these namespaces + servers. The official servers which cover these namespaces return NXDOMAIN responses to these queries. In particular, these cover the reverse namespace for addresses from RFC 1918 and RFC 3330. They also include the reverse namespace for IPv6 local @@ -4646,7 +4648,7 @@ query-source-v6 address * port *;

-trusted-keys Statement Grammar

+trusted-keys Statement Grammar
trusted-keys {
     string number number number string ;
     [ string number number number string ; [...]]
@@ -4655,7 +4657,7 @@ query-source-v6 address * port *;
 
 

-trusted-keys Statement Definition +trusted-keys Statement Definition and Usage

The trusted-keys statement defines @@ -4698,7 +4700,7 @@ query-source-v6 address * port *;

-view Statement Definition and Usage

+view Statement Definition and Usage

The view statement is a powerful feature @@ -4954,10 +4956,10 @@ zone zone_name [

-zone Statement Definition and Usage

+zone Statement Definition and Usage

-Zone Types

+Zone Types
@@ -5166,7 +5168,7 @@ zone zone_name [

-Class

+Class

The zone's name may optionally be followed by a class. If a class is not specified, class IN (for Internet), @@ -5182,13 +5184,13 @@ zone zone_name [

- Another MIT development is CHAOSnet, a LAN protocol created + Another MIT development is Chaosnet, a LAN protocol created in the mid-1970s. Zone data for it can be specified with the CHAOS class.

-Zone Options

+Zone Options
allow-notify

@@ -5390,6 +5392,11 @@ zone zone_name [notify in the section called “Boolean Options”.

+
notify-delay
+

+ See the description of + notify-delay in the section called “Tuning”. +

pubkey

In BIND 8, this option was @@ -5678,7 +5685,7 @@ zone zone_name [

-Zone File

+Zone File

Types of Resource Records and When to Use Them

@@ -5691,7 +5698,7 @@ zone zone_name [

-Resource Records

+Resource Records

A domain name identifies a node. Each node has a set of resource information, which may be empty. The set of resource @@ -6274,7 +6281,7 @@ zone zone_name [

- CHAOSnet, a LAN protocol created at MIT in the + Chaosnet, a LAN protocol created at MIT in the mid-1970s. Rarely used for its historical purpose, but reused for BIND's @@ -6342,7 +6349,7 @@ zone zone_name [

-Textual expression of RRs

+Textual expression of RRs

RRs are represented in binary form in the packets of the DNS protocol, and are usually represented in highly encoded form @@ -6545,7 +6552,7 @@ zone zone_name [

-Discussion of MX Records

+Discussion of MX Records

As described above, domain servers store information as a series of resource records, each of which contains a particular @@ -6803,7 +6810,7 @@ zone zone_name [

-Inverse Mapping in IPv4

+Inverse Mapping in IPv4

Reverse name resolution (that is, translation from IP address to name) is achieved by means of the in-addr.arpa domain @@ -6855,7 +6862,7 @@ zone zone_name [Note

The $ORIGIN lines in the examples - are for providing context to the examples only-they do not + are for providing context to the examples only — they do not necessarily appear in the actual usage. They are only used here to indicate that the example is relative to the listed origin. @@ -6864,7 +6871,7 @@ zone zone_name [

-Other Zone File Directives

+Other Zone File Directives

The Master File Format was initially defined in RFC 1035 and has subsequently been extended. While the Master File Format @@ -6879,7 +6886,7 @@ zone zone_name [

-The $ORIGIN Directive

+The $ORIGIN Directive

Syntax: $ORIGIN domain-name @@ -6907,7 +6914,7 @@ WWW.EXAMPLE.COM. CNAME MAIN-SERVER.EXAMPLE.COM.

-The $INCLUDE Directive

+The $INCLUDE Directive

Syntax: $INCLUDE filename @@ -6943,7 +6950,7 @@ WWW.EXAMPLE.COM. CNAME MAIN-SERVER.EXAMPLE.COM.

-The $TTL Directive

+The $TTL Directive

Syntax: $TTL default-ttl @@ -6962,7 +6969,7 @@ WWW.EXAMPLE.COM. CNAME MAIN-SERVER.EXAMPLE.COM.

-BIND Master File Extension: the $GENERATE Directive

+BIND Master File Extension: the $GENERATE Directive

Syntax: $GENERATE range diff --git a/doc/arm/Bv9ARM.ch07.html b/doc/arm/Bv9ARM.ch07.html index a7a02f8a8155428505627c5eaa23bd39462c9d98..dce80c857214a4f03c07367dd2e153b72033ca2a 100644 --- a/doc/arm/Bv9ARM.ch07.html +++ b/doc/arm/Bv9ARM.ch07.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -46,10 +46,10 @@

Table of Contents

Access Control Lists
-
Chroot and Setuid
+
Chroot and Setuid
-
The chroot Environment
-
Using the setuid Function
+
The chroot Environment
+
Using the setuid Function
Dynamic Update Security
@@ -119,7 +119,7 @@ zone "example.com" {

-Chroot and Setuid +Chroot and Setuid

On UNIX servers, it is possible to run BIND in a chrooted environment @@ -143,7 +143,7 @@ zone "example.com" {

-The chroot Environment

+The chroot Environment

In order for a chroot environment to @@ -171,7 +171,7 @@ zone "example.com" {

-Using the setuid Function

+Using the setuid Function

Prior to running the named daemon, use diff --git a/doc/arm/Bv9ARM.ch08.html b/doc/arm/Bv9ARM.ch08.html index 285c75a93dc3ab558f284cfad24dee77dd6a990e..b2c855141ebea92221767c86f92d181a4a21ebb2 100644 --- a/doc/arm/Bv9ARM.ch08.html +++ b/doc/arm/Bv9ARM.ch08.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -45,18 +45,18 @@

-Common Problems

+Common Problems

-It's not working; how can I figure out what's wrong?

+It's not working; how can I figure out what's wrong?

The best solution to solving installation and configuration issues is to take preventative measures by setting @@ -68,7 +68,7 @@

-Incrementing and Changing the Serial Number

+Incrementing and Changing the Serial Number

Zone serial numbers are just numbers — they aren't date related. A lot of people set them to a number that represents a @@ -95,7 +95,7 @@

-Where Can I Get Help?

+Where Can I Get Help?

The Internet Systems Consortium (ISC) offers a wide range diff --git a/doc/arm/Bv9ARM.ch09.html b/doc/arm/Bv9ARM.ch09.html index 5c28f07fb924aa94e279eb7b84a7167b8f15dddf..6d2a3b7b8e809bd21a5a91b985c294c338fbc729 100644 --- a/doc/arm/Bv9ARM.ch09.html +++ b/doc/arm/Bv9ARM.ch09.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -45,21 +45,21 @@

-Acknowledgments

+Acknowledgments

A Brief History of the DNS and BIND @@ -110,7 +110,7 @@ during that time: Doug Kingston, Craig Partridge, Smoot Carl-Mitchell, Mike Muuss, Jim Bloom and Mike Schwartz. BIND maintenance was subsequently - handled by Mike Karels and O. Kure. + handled by Mike Karels and Řivind Kure.

BIND versions 4.9 and 4.9.1 were @@ -135,10 +135,25 @@ have been developed and maintained by the Internet Systems Consortium and its predecessor, the Internet Software Consortium, with support being provided - by ISC's sponsors. As co-architects/programmers, Bob Halley and + by ISC's sponsors. +

+

+ As co-architects/programmers, Bob Halley and Paul Vixie released the first production-ready version of BIND version 8 in May 1997.

+

+ BIND version 9 was released in September 2000 and is a + major rewrite of nearly all aspects of the underlying + BIND architecture. +

+

+ BIND version 4 is officially deprecated and BIND version + 8 development is considered maintenance-only in favor + of BIND version 9. No additional development is done + on BIND version 4 or BIND version 8 other than for + security-related patches. +

BIND development work is made possible today by the sponsorship @@ -149,7 +164,7 @@

-General DNS Reference Information

+General DNS Reference Information

IPv6 addresses (AAAA)

@@ -237,17 +252,17 @@

-Bibliography

+Bibliography

Standards

-

[RFC974] C. Partridge. Mail Routing and the Domain System. January 1986.

+

[RFC974] C. Partridge. Mail Routing and the Domain System. January 1986.

-

[RFC1034] P.V. Mockapetris. Domain Names — Concepts and Facilities. November 1987.

+

[RFC1034] P.V. Mockapetris. Domain Names — Concepts and Facilities. November 1987.

-

[RFC1035] P. V. Mockapetris. Domain Names — Implementation and +

[RFC1035] P. V. Mockapetris. Domain Names — Implementation and Specification. November 1987.

@@ -255,42 +270,42 @@

Proposed Standards

-

[RFC2181] R., R. Bush Elz. Clarifications to the DNS +

[RFC2181] R., R. Bush Elz. Clarifications to the DNS Specification. July 1997.

-

[RFC2308] M. Andrews. Negative Caching of DNS +

[RFC2308] M. Andrews. Negative Caching of DNS Queries. March 1998.

-

[RFC1995] M. Ohta. Incremental Zone Transfer in DNS. August 1996.

+

[RFC1995] M. Ohta. Incremental Zone Transfer in DNS. August 1996.

-

[RFC1996] P. Vixie. A Mechanism for Prompt Notification of Zone Changes. August 1996.

+

[RFC1996] P. Vixie. A Mechanism for Prompt Notification of Zone Changes. August 1996.

-

[RFC2136] P. Vixie, S. Thomson, Y. Rekhter, and J. Bound. Dynamic Updates in the Domain Name System. April 1997.

+

[RFC2136] P. Vixie, S. Thomson, Y. Rekhter, and J. Bound. Dynamic Updates in the Domain Name System. April 1997.

-

[RFC2671] P. Vixie. Extension Mechanisms for DNS (EDNS0). August 1997.

+

[RFC2671] P. Vixie. Extension Mechanisms for DNS (EDNS0). August 1997.

-

[RFC2672] M. Crawford. Non-Terminal DNS Name Redirection. August 1999.

+

[RFC2672] M. Crawford. Non-Terminal DNS Name Redirection. August 1999.

-

[RFC2845] P. Vixie, O. Gudmundsson, D. Eastlake, 3rd, and B. Wellington. Secret Key Transaction Authentication for DNS (TSIG). May 2000.

+

[RFC2845] P. Vixie, O. Gudmundsson, D. Eastlake, 3rd, and B. Wellington. Secret Key Transaction Authentication for DNS (TSIG). May 2000.

-

[RFC2930] D. Eastlake, 3rd. Secret Key Establishment for DNS (TKEY RR). September 2000.

+

[RFC2930] D. Eastlake, 3rd. Secret Key Establishment for DNS (TKEY RR). September 2000.

-

[RFC2931] D. Eastlake, 3rd. DNS Request and Transaction Signatures (SIG(0)s). September 2000.

+

[RFC2931] D. Eastlake, 3rd. DNS Request and Transaction Signatures (SIG(0)s). September 2000.

-

[RFC3007] B. Wellington. Secure Domain Name System (DNS) Dynamic Update. November 2000.

+

[RFC3007] B. Wellington. Secure Domain Name System (DNS) Dynamic Update. November 2000.

-

[RFC3645] S. Kwan, P. Garg, J. Gilroy, L. Esibov, J. Westhead, and R. Hall. Generic Security Service Algorithm for Secret +

[RFC3645] S. Kwan, P. Garg, J. Gilroy, L. Esibov, J. Westhead, and R. Hall. Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG). October 2003.

@@ -299,19 +314,19 @@

DNS Security Proposed Standards

-

[RFC3225] D. Conrad. Indicating Resolver Support of DNSSEC. December 2001.

+

[RFC3225] D. Conrad. Indicating Resolver Support of DNSSEC. December 2001.

-

[RFC3833] D. Atkins and R. Austein. Threat Analysis of the Domain Name System (DNS). August 2004.

+

[RFC3833] D. Atkins and R. Austein. Threat Analysis of the Domain Name System (DNS). August 2004.

-

[RFC4033] R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. DNS Security Introduction and Requirements. March 2005.

+

[RFC4033] R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. DNS Security Introduction and Requirements. March 2005.

-

[RFC4044] R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. Resource Records for the DNS Security Extensions. March 2005.

+

[RFC4044] R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. Resource Records for the DNS Security Extensions. March 2005.

-

[RFC4035] R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. Protocol Modifications for the DNS +

[RFC4035] R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. Protocol Modifications for the DNS Security Extensions. March 2005.

@@ -319,146 +334,146 @@

Other Important RFCs About DNS Implementation

-

[RFC1535] E. Gavron. A Security Problem and Proposed Correction With Widely +

[RFC1535] E. Gavron. A Security Problem and Proposed Correction With Widely Deployed DNS Software.. October 1993.

-

[RFC1536] A. Kumar, J. Postel, C. Neuman, P. Danzig, and S. Miller. Common DNS Implementation +

[RFC1536] A. Kumar, J. Postel, C. Neuman, P. Danzig, and S. Miller. Common DNS Implementation Errors and Suggested Fixes. October 1993.

-

[RFC1982] R. Elz and R. Bush. Serial Number Arithmetic. August 1996.

+

[RFC1982] R. Elz and R. Bush. Serial Number Arithmetic. August 1996.

-

[RFC4074] Y. Morishita and T. Jinmei. Common Misbehaviour Against DNS +

[RFC4074] Y. Morishita and T. Jinmei. Common Misbehaviour Against DNS Queries for IPv6 Addresses. May 2005.

Resource Record Types

-

[RFC1183] C.F. Everhart, L. A. Mamakos, R. Ullmann, and P. Mockapetris. New DNS RR Definitions. October 1990.

+

[RFC1183] C.F. Everhart, L. A. Mamakos, R. Ullmann, and P. Mockapetris. New DNS RR Definitions. October 1990.

-

[RFC1706] B. Manning and R. Colella. DNS NSAP Resource Records. October 1994.

+

[RFC1706] B. Manning and R. Colella. DNS NSAP Resource Records. October 1994.

-

[RFC2168] R. Daniel and M. Mealling. Resolution of Uniform Resource Identifiers using +

[RFC2168] R. Daniel and M. Mealling. Resolution of Uniform Resource Identifiers using the Domain Name System. June 1997.

-

[RFC1876] C. Davis, P. Vixie, T., and I. Dickinson. A Means for Expressing Location Information in the +

[RFC1876] C. Davis, P. Vixie, T., and I. Dickinson. A Means for Expressing Location Information in the Domain Name System. January 1996.

-

[RFC2052] A. Gulbrandsen and P. Vixie. A DNS RR for Specifying the +

[RFC2052] A. Gulbrandsen and P. Vixie. A DNS RR for Specifying the Location of Services.. October 1996.

-

[RFC2163] A. Allocchio. Using the Internet DNS to +

[RFC2163] A. Allocchio. Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping. January 1998.

-

[RFC2230] R. Atkinson. Key Exchange Delegation Record for the DNS. October 1997.

+

[RFC2230] R. Atkinson. Key Exchange Delegation Record for the DNS. October 1997.

-

[RFC2536] D. Eastlake, 3rd. DSA KEYs and SIGs in the Domain Name System (DNS). March 1999.

+

[RFC2536] D. Eastlake, 3rd. DSA KEYs and SIGs in the Domain Name System (DNS). March 1999.

-

[RFC2537] D. Eastlake, 3rd. RSA/MD5 KEYs and SIGs in the Domain Name System (DNS). March 1999.

+

[RFC2537] D. Eastlake, 3rd. RSA/MD5 KEYs and SIGs in the Domain Name System (DNS). March 1999.

-

[RFC2538] D. Eastlake, 3rd and O. Gudmundsson. Storing Certificates in the Domain Name System (DNS). March 1999.

+

[RFC2538] D. Eastlake, 3rd and O. Gudmundsson. Storing Certificates in the Domain Name System (DNS). March 1999.

-

[RFC2539] D. Eastlake, 3rd. Storage of Diffie-Hellman Keys in the Domain Name System (DNS). March 1999.

+

[RFC2539] D. Eastlake, 3rd. Storage of Diffie-Hellman Keys in the Domain Name System (DNS). March 1999.

-

[RFC2540] D. Eastlake, 3rd. Detached Domain Name System (DNS) Information. March 1999.

+

[RFC2540] D. Eastlake, 3rd. Detached Domain Name System (DNS) Information. March 1999.

-

[RFC2782] A. Gulbrandsen. P. Vixie. L. Esibov. A DNS RR for specifying the location of services (DNS SRV). February 2000.

+

[RFC2782] A. Gulbrandsen. P. Vixie. L. Esibov. A DNS RR for specifying the location of services (DNS SRV). February 2000.

-

[RFC2915] M. Mealling. R. Daniel. The Naming Authority Pointer (NAPTR) DNS Resource Record. September 2000.

+

[RFC2915] M. Mealling. R. Daniel. The Naming Authority Pointer (NAPTR) DNS Resource Record. September 2000.

-

[RFC3110] D. Eastlake, 3rd. RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS). May 2001.

+

[RFC3110] D. Eastlake, 3rd. RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS). May 2001.

-

[RFC3123] P. Koch. A DNS RR Type for Lists of Address Prefixes (APL RR). June 2001.

+

[RFC3123] P. Koch. A DNS RR Type for Lists of Address Prefixes (APL RR). June 2001.

-

[RFC3596] S. Thomson, C. Huitema, V. Ksinant, and M. Souissi. DNS Extensions to support IP +

[RFC3596] S. Thomson, C. Huitema, V. Ksinant, and M. Souissi. DNS Extensions to support IP version 6. October 2003.

-

[RFC3597] A. Gustafsson. Handling of Unknown DNS Resource Record (RR) Types. September 2003.

+

[RFC3597] A. Gustafsson. Handling of Unknown DNS Resource Record (RR) Types. September 2003.

DNS and the Internet

-

[RFC1101] P. V. Mockapetris. DNS Encoding of Network Names +

[RFC1101] P. V. Mockapetris. DNS Encoding of Network Names and Other Types. April 1989.

-

[RFC1123] Braden. Requirements for Internet Hosts - Application and +

[RFC1123] Braden. Requirements for Internet Hosts - Application and Support. October 1989.

-

[RFC1591] J. Postel. Domain Name System Structure and Delegation. March 1994.

+

[RFC1591] J. Postel. Domain Name System Structure and Delegation. March 1994.

-

[RFC2317] H. Eidnes, G. de Groot, and P. Vixie. Classless IN-ADDR.ARPA Delegation. March 1998.

+

[RFC2317] H. Eidnes, G. de Groot, and P. Vixie. Classless IN-ADDR.ARPA Delegation. March 1998.

-

[RFC2826] Internet Architecture Board. IAB Technical Comment on the Unique DNS Root. May 2000.

+

[RFC2826] Internet Architecture Board. IAB Technical Comment on the Unique DNS Root. May 2000.

-

[RFC2929] D. Eastlake, 3rd, E. Brunner-Williams, and B. Manning. Domain Name System (DNS) IANA Considerations. September 2000.

+

[RFC2929] D. Eastlake, 3rd, E. Brunner-Williams, and B. Manning. Domain Name System (DNS) IANA Considerations. September 2000.

DNS Operations

-

[RFC1033] M. Lottor. Domain administrators operations guide.. November 1987.

+

[RFC1033] M. Lottor. Domain administrators operations guide.. November 1987.

-

[RFC1537] P. Beertema. Common DNS Data File +

[RFC1537] P. Beertema. Common DNS Data File Configuration Errors. October 1993.

-

[RFC1912] D. Barr. Common DNS Operational and +

[RFC1912] D. Barr. Common DNS Operational and Configuration Errors. February 1996.

-

[RFC2010] B. Manning and P. Vixie. Operational Criteria for Root Name Servers.. October 1996.

+

[RFC2010] B. Manning and P. Vixie. Operational Criteria for Root Name Servers.. October 1996.

-

[RFC2219] M. Hamilton and R. Wright. Use of DNS Aliases for +

[RFC2219] M. Hamilton and R. Wright. Use of DNS Aliases for Network Services.. October 1997.

Internationalized Domain Names

-

[RFC2825] IAB and R. Daigle. A Tangled Web: Issues of I18N, Domain Names, +

[RFC2825] IAB and R. Daigle. A Tangled Web: Issues of I18N, Domain Names, and the Other Internet protocols. May 2000.

-

[RFC3490] P. Faltstrom, P. Hoffman, and A. Costello. Internationalizing Domain Names in Applications (IDNA). March 2003.

+

[RFC3490] P. Faltstrom, P. Hoffman, and A. Costello. Internationalizing Domain Names in Applications (IDNA). March 2003.

-

[RFC3491] P. Hoffman and M. Blanchet. Nameprep: A Stringprep Profile for Internationalized Domain Names. March 2003.

+

[RFC3491] P. Hoffman and M. Blanchet. Nameprep: A Stringprep Profile for Internationalized Domain Names. March 2003.

-

[RFC3492] A. Costello. Punycode: A Bootstring encoding of Unicode +

[RFC3492] A. Costello. Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA). March 2003.

@@ -474,50 +489,50 @@

-

[RFC1464] R. Rosenbaum. Using the Domain Name System To Store Arbitrary String +

[RFC1464] R. Rosenbaum. Using the Domain Name System To Store Arbitrary String Attributes. May 1993.

-

[RFC1713] A. Romao. Tools for DNS Debugging. November 1994.

+

[RFC1713] A. Romao. Tools for DNS Debugging. November 1994.

-

[RFC1794] T. Brisco. DNS Support for Load +

[RFC1794] T. Brisco. DNS Support for Load Balancing. April 1995.

-

[RFC2240] O. Vaughan. A Legal Basis for Domain Name Allocation. November 1997.

+

[RFC2240] O. Vaughan. A Legal Basis for Domain Name Allocation. November 1997.

-

[RFC2345] J. Klensin, T. Wolf, and G. Oglesby. Domain Names and Company Name Retrieval. May 1998.

+

[RFC2345] J. Klensin, T. Wolf, and G. Oglesby. Domain Names and Company Name Retrieval. May 1998.

-

[RFC2352] O. Vaughan. A Convention For Using Legal Names as Domain Names. May 1998.

+

[RFC2352] O. Vaughan. A Convention For Using Legal Names as Domain Names. May 1998.

-

[RFC3071] J. Klensin. Reflections on the DNS, RFC 1591, and Categories of Domains. February 2001.

+

[RFC3071] J. Klensin. Reflections on the DNS, RFC 1591, and Categories of Domains. February 2001.

-

[RFC3258] T. Hardie. Distributing Authoritative Name Servers via +

[RFC3258] T. Hardie. Distributing Authoritative Name Servers via Shared Unicast Addresses. April 2002.

-

[RFC3901] A. Durand and J. Ihren. DNS IPv6 Transport Operational Guidelines. September 2004.

+

[RFC3901] A. Durand and J. Ihren. DNS IPv6 Transport Operational Guidelines. September 2004.

-

[RFC2352] O. Vaughan. A Convention For Using Legal Names as Domain Names. May 1998.

+

[RFC2352] O. Vaughan. A Convention For Using Legal Names as Domain Names. May 1998.

Obsolete and Unimplemented Experimental RFC

-

[RFC1712] C. Farrell, M. Schulze, S. Pleitner, and D. Baldoni. DNS Encoding of Geographical +

[RFC1712] C. Farrell, M. Schulze, S. Pleitner, and D. Baldoni. DNS Encoding of Geographical Location. November 1994.

-

[RFC2673] M. Crawford. Binary Labels in the Domain Name System. August 1999.

+

[RFC2673] M. Crawford. Binary Labels in the Domain Name System. August 1999.

-

[RFC2874] M. Crawford and C. Huitema. DNS Extensions to Support IPv6 Address Aggregation +

[RFC2874] M. Crawford and C. Huitema. DNS Extensions to Support IPv6 Address Aggregation and Renumbering. July 2000.

@@ -531,39 +546,39 @@

-

[RFC2065] D. Eastlake, 3rd and C. Kaufman. Domain Name System Security Extensions. January 1997.

+

[RFC2065] D. Eastlake, 3rd and C. Kaufman. Domain Name System Security Extensions. January 1997.

-

[RFC2137] D. Eastlake, 3rd. Secure Domain Name System Dynamic Update. April 1997.

+

[RFC2137] D. Eastlake, 3rd. Secure Domain Name System Dynamic Update. April 1997.

-

[RFC2535] D. Eastlake, 3rd. Domain Name System Security Extensions. March 1999.

+

[RFC2535] D. Eastlake, 3rd. Domain Name System Security Extensions. March 1999.

-

[RFC3008] B. Wellington. Domain Name System Security (DNSSEC) +

[RFC3008] B. Wellington. Domain Name System Security (DNSSEC) Signing Authority. November 2000.

-

[RFC3090] E. Lewis. DNS Security Extension Clarification on Zone Status. March 2001.

+

[RFC3090] E. Lewis. DNS Security Extension Clarification on Zone Status. March 2001.

-

[RFC3445] D. Massey and S. Rose. Limiting the Scope of the KEY Resource Record (RR). December 2002.

+

[RFC3445] D. Massey and S. Rose. Limiting the Scope of the KEY Resource Record (RR). December 2002.

-

[RFC3655] B. Wellington and O. Gudmundsson. Redefinition of DNS Authenticated Data (AD) bit. November 2003.

+

[RFC3655] B. Wellington and O. Gudmundsson. Redefinition of DNS Authenticated Data (AD) bit. November 2003.

-

[RFC3658] O. Gudmundsson. Delegation Signer (DS) Resource Record (RR). December 2003.

+

[RFC3658] O. Gudmundsson. Delegation Signer (DS) Resource Record (RR). December 2003.

-

[RFC3755] S. Weiler. Legacy Resolver Compatibility for Delegation Signer (DS). May 2004.

+

[RFC3755] S. Weiler. Legacy Resolver Compatibility for Delegation Signer (DS). May 2004.

-

[RFC3757] O. Kolkman, J. Schlyter, and E. Lewis. Domain Name System KEY (DNSKEY) Resource Record +

[RFC3757] O. Kolkman, J. Schlyter, and E. Lewis. Domain Name System KEY (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag. April 2004.

-

[RFC3845] J. Schlyter. DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format. August 2004.

+

[RFC3845] J. Schlyter. DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format. August 2004.

@@ -584,14 +599,14 @@

-Other Documents About BIND +Other Documents About BIND

-Bibliography

+Bibliography
-

Paul Albitz and Cricket Liu. DNS and BIND. Copyright © 1998 Sebastopol, CA: O'Reilly and Associates.

+

Paul Albitz and Cricket Liu. DNS and BIND. Copyright © 1998 Sebastopol, CA: O'Reilly and Associates.

diff --git a/doc/arm/Bv9ARM.html b/doc/arm/Bv9ARM.html index 6d5a0459e9957f4ec6306df88db3e157c699226e..1c84bd54453c2aaf843fc2d10631e4e44edec76d 100644 --- a/doc/arm/Bv9ARM.html +++ b/doc/arm/Bv9ARM.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -83,7 +83,7 @@
Name Server Operations
Tools for Use With the Name Server Daemon
-
Signals
+
Signals
4. Advanced DNS Features
@@ -92,34 +92,34 @@
Dynamic Update
The journal file
Incremental Zone Transfers (IXFR)
-
Split DNS
-
Example split DNS setup
+
Split DNS
+
Example split DNS setup
TSIG
-
Generate Shared Keys for Each Pair of Hosts
-
Copying the Shared Secret to Both Machines
-
Informing the Servers of the Key's Existence
-
Instructing the Server to Use the Key
-
TSIG Key Based Access Control
-
Errors
+
Generate Shared Keys for Each Pair of Hosts
+
Copying the Shared Secret to Both Machines
+
Informing the Servers of the Key's Existence
+
Instructing the Server to Use the Key
+
TSIG Key Based Access Control
+
Errors
-
TKEY
-
SIG(0)
+
TKEY
+
SIG(0)
DNSSEC
-
Generating Keys
-
Signing the Zone
-
Configuring Servers
+
Generating Keys
+
Signing the Zone
+
Configuring Servers
-
IPv6 Support in BIND 9
+
IPv6 Support in BIND 9
-
Address Lookups Using AAAA Records
-
Address to Name Lookups Using Nibble Format
+
Address Lookups Using AAAA Records
+
Address to Name Lookups Using Nibble Format
5. The BIND 9 Lightweight Resolver
-
The Lightweight Resolver Library
+
The Lightweight Resolver Library
Running a Resolver Daemon
6. BIND 9 Configuration Reference
@@ -127,83 +127,83 @@
Configuration File Elements
Address Match Lists
-
Comment Syntax
+
Comment Syntax
Configuration File Grammar
-
acl Statement Grammar
+
acl Statement Grammar
acl Statement Definition and Usage
-
controls Statement Grammar
+
controls Statement Grammar
controls Statement Definition and Usage
-
include Statement Grammar
-
include Statement Definition and +
include Statement Grammar
+
include Statement Definition and Usage
-
key Statement Grammar
-
key Statement Definition and Usage
-
logging Statement Grammar
-
logging Statement Definition and +
key Statement Grammar
+
key Statement Definition and Usage
+
logging Statement Grammar
+
logging Statement Definition and Usage
-
lwres Statement Grammar
-
lwres Statement Definition and Usage
-
masters Statement Grammar
-
masters Statement Definition and +
lwres Statement Grammar
+
lwres Statement Definition and Usage
+
masters Statement Grammar
+
masters Statement Definition and Usage
-
options Statement Grammar
+
options Statement Grammar
options Statement Definition and Usage
server Statement Grammar
server Statement Definition and Usage
-
trusted-keys Statement Grammar
-
trusted-keys Statement Definition +
trusted-keys Statement Grammar
+
trusted-keys Statement Definition and Usage
view Statement Grammar
-
view Statement Definition and Usage
+
view Statement Definition and Usage
zone Statement Grammar
-
zone Statement Definition and Usage
+
zone Statement Definition and Usage
-
Zone File
+
Zone File
Types of Resource Records and When to Use Them
-
Discussion of MX Records
+
Discussion of MX Records
Setting TTLs
-
Inverse Mapping in IPv4
-
Other Zone File Directives
-
BIND Master File Extension: the $GENERATE Directive
+
Inverse Mapping in IPv4
+
Other Zone File Directives
+
BIND Master File Extension: the $GENERATE Directive
Additional File Formats
7. BIND 9 Security Considerations
Access Control Lists
-
Chroot and Setuid
+
Chroot and Setuid
-
The chroot Environment
-
Using the setuid Function
+
The chroot Environment
+
Using the setuid Function
Dynamic Update Security
8. Troubleshooting
-
Common Problems
-
It's not working; how can I figure out what's wrong?
-
Incrementing and Changing the Serial Number
-
Where Can I Get Help?
+
Common Problems
+
It's not working; how can I figure out what's wrong?
+
Incrementing and Changing the Serial Number
+
Where Can I Get Help?
A. Appendices
-
Acknowledgments
+
Acknowledgments
A Brief History of the DNS and BIND
-
General DNS Reference Information
+
General DNS Reference Information
IPv6 addresses (AAAA)
Bibliography (and Suggested Reading)
Request for Comments (RFCs)
Internet Drafts
-
Other Documents About BIND
+
Other Documents About BIND
I. Manual pages
diff --git a/doc/arm/man.dig.html b/doc/arm/man.dig.html index bddfe02534744c55883ef1e74370e0ede05ced95..fb596f4861b2c7deed1f718c403a85ce8dc3580a 100644 --- a/doc/arm/man.dig.html +++ b/doc/arm/man.dig.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -52,7 +52,7 @@

dig [global-queryopt...] [query...]

-

DESCRIPTION

+

DESCRIPTION

dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and @@ -98,7 +98,7 @@

-

SIMPLE USAGE

+

SIMPLE USAGE

A typical invocation of dig looks like:

@@ -144,7 +144,7 @@

-

OPTIONS

+

OPTIONS

The -b option sets the source IP address of the query to address. This must be a valid @@ -157,7 +157,7 @@ The default query class (IN for internet) is overridden by the -c option. class is any valid - class, such as HS for Hesiod records or CH for CHAOSNET records. + class, such as HS for Hesiod records or CH for Chaosnet records.

The -f option makes dig @@ -244,7 +244,7 @@

-

QUERY OPTIONS

+

QUERY OPTIONS

dig provides a number of query options which affect the way in which lookups are made and the results displayed. Some of @@ -380,7 +380,7 @@

+[no]cmd

- toggles the printing of the initial comment in the output + Toggles the printing of the initial comment in the output identifying the version of dig and the query options that have @@ -563,7 +563,7 @@

-

MULTIPLE QUERIES

+

MULTIPLE QUERIES

The BIND 9 implementation of dig supports @@ -609,7 +609,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr

-

IDN SUPPORT

+

IDN SUPPORT

If dig has been built with IDN (internationalized domain name) support, it can accept and display non-ASCII domain names. @@ -623,14 +623,14 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr

-

FILES

+

FILES

/etc/resolv.conf

${HOME}/.digrc

-

SEE ALSO

+

SEE ALSO

host(1), named(8), dnssec-keygen(8), @@ -638,7 +638,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr

-

BUGS

+

BUGS

There are probably too many query options.

diff --git a/doc/arm/man.dnssec-keygen.html b/doc/arm/man.dnssec-keygen.html index c4ee026e3e2305274f3d79f688bf8a15d6d2d550..16abf2a59dc2477818c239b5da839e34a0d9a03b 100644 --- a/doc/arm/man.dnssec-keygen.html +++ b/doc/arm/man.dnssec-keygen.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

dnssec-keygen {-a algorithm} {-b keysize} {-n nametype} [-c class] [-e] [-f flag] [-g generator] [-h] [-k] [-p protocol] [-r randomdev] [-s strength] [-t type] [-v level] {name}

-

DESCRIPTION

+

DESCRIPTION

dnssec-keygen generates keys for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC 4034. It can also generate keys for use with @@ -58,7 +58,7 @@

-

OPTIONS

+

OPTIONS

-a algorithm
@@ -166,7 +166,7 @@
-

GENERATED KEYS

+

GENERATED KEYS

When dnssec-keygen completes successfully, @@ -212,7 +212,7 @@

-

EXAMPLE

+

EXAMPLE

To generate a 768-bit DSA key for the domain example.com, the following command would be @@ -233,7 +233,7 @@

-

SEE ALSO

+

SEE ALSO

dnssec-signzone(8), BIND 9 Administrator Reference Manual, RFC 2535, @@ -242,7 +242,7 @@

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/man.dnssec-signzone.html b/doc/arm/man.dnssec-signzone.html index b1deaa3b00af75bda25f80157c5c80d7834dd65f..639a3dac55f8fcfdad68de2ea68b72727d1c4886 100644 --- a/doc/arm/man.dnssec-signzone.html +++ b/doc/arm/man.dnssec-signzone.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

dnssec-signzone [-a] [-c class] [-d directory] [-e end-time] [-f output-file] [-g] [-h] [-k key] [-l domain] [-i interval] [-I input-format] [-j jitter] [-N soa-serial-format] [-o origin] [-O output-format] [-p] [-r randomdev] [-s start-time] [-t] [-v level] [-z] {zonefile} [key...]

-

DESCRIPTION

+

DESCRIPTION

dnssec-signzone signs a zone. It generates NSEC and RRSIG records and produces a signed version of the @@ -61,7 +61,7 @@

-

OPTIONS

+

OPTIONS

-a

@@ -259,7 +259,7 @@

-

EXAMPLE

+

EXAMPLE

The following command signs the example.com zone with the DSA key generated by dnssec-keygen @@ -288,14 +288,14 @@ db.example.com.signed %

-

SEE ALSO

+

SEE ALSO

dnssec-keygen(8), BIND 9 Administrator Reference Manual, RFC 2535.

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/man.host.html b/doc/arm/man.host.html index 7817d685e70f3ee4a0f4af6e8875e9b4a6bfe965..a07630276bae397a70ea3b98eb512ceb93965e02 100644 --- a/doc/arm/man.host.html +++ b/doc/arm/man.host.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

host [-aCdlnrsTwv] [-c class] [-N ndots] [-R number] [-t type] [-W wait] [-m flag] [-4] [-6] {name} [server]

-

DESCRIPTION

+

DESCRIPTION

host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa. @@ -202,7 +202,7 @@

-

IDN SUPPORT

+

IDN SUPPORT

If host has been built with IDN (internationalized domain name) support, it can accept and display non-ASCII domain names. @@ -216,12 +216,12 @@

-

FILES

+

FILES

/etc/resolv.conf

-

SEE ALSO

+

SEE ALSO

dig(1), named(8).

diff --git a/doc/arm/man.named-checkconf.html b/doc/arm/man.named-checkconf.html index 92f09873349429651f1aadce2fbfa8e3c68a32a9..ea96b411f48ea3ab15880fc4a0cf9d988a424c83 100644 --- a/doc/arm/man.named-checkconf.html +++ b/doc/arm/man.named-checkconf.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,14 +50,14 @@

named-checkconf [-v] [-j] [-t directory] {filename} [-z]

-

DESCRIPTION

+

DESCRIPTION

named-checkconf checks the syntax, but not the semantics, of a named configuration file.

-

OPTIONS

+

OPTIONS

-t directory

@@ -88,20 +88,20 @@

-

RETURN VALUES

+

RETURN VALUES

named-checkconf returns an exit status of 1 if errors were detected and 0 otherwise.

-

SEE ALSO

+

SEE ALSO

named(8), BIND 9 Administrator Reference Manual.

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/man.named-checkzone.html b/doc/arm/man.named-checkzone.html index 0cd701edfc10c90c4c0dcd9377621d9cbe4fa103..42a83b938b3714bb3e974ccdf8533d7d7e934571 100644 --- a/doc/arm/man.named-checkzone.html +++ b/doc/arm/man.named-checkzone.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -51,7 +51,7 @@

named-compilezone [-d] [-j] [-q] [-v] [-c class] [-C mode] [-f format] [-F format] [-i mode] [-k mode] [-m mode] [-n mode] [-o filename] [-s style] [-t directory] [-w directory] [-D] [-W mode] {zonename} {filename}

-

DESCRIPTION

+

DESCRIPTION

named-checkzone checks the syntax and integrity of a zone file. It performs the same checks as named does when loading a @@ -71,7 +71,7 @@

-

OPTIONS

+

OPTIONS

-d

@@ -251,21 +251,21 @@

-

RETURN VALUES

+

RETURN VALUES

named-checkzone returns an exit status of 1 if errors were detected and 0 otherwise.

-

SEE ALSO

+

SEE ALSO

named(8), RFC 1035, BIND 9 Administrator Reference Manual.

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/man.named.html b/doc/arm/man.named.html index cb454f9cc1be6501df3b86f335d2f69f72a66179..b725e586fdec40ea23957a5f43165113f2702c5a 100644 --- a/doc/arm/man.named.html +++ b/doc/arm/man.named.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -47,10 +47,10 @@

Synopsis

-

named [-4] [-6] [-c config-file] [-d debug-level] [-f] [-g] [-n #cpus] [-p port] [-s] [-t directory] [-u user] [-v] [-x cache-file]

+

named [-4] [-6] [-c config-file] [-d debug-level] [-f] [-g] [-m flag] [-n #cpus] [-p port] [-s] [-t directory] [-u user] [-v] [-x cache-file]

-

DESCRIPTION

+

DESCRIPTION

named is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more @@ -65,7 +65,7 @@

-

OPTIONS

+

OPTIONS

-4

@@ -106,6 +106,17 @@ Run the server in the foreground and force all logging to stderr.

+
-m flag
+

+ Turn on memory usage debugging flags. Possible flags are + usage, + trace, + record, + size, and + mctx. + These correspond to the ISC_MEM_DEBUGXXXX flags described in + <isc/mem.h>. +

-n #cpus

Create #cpus worker threads @@ -198,7 +209,7 @@

-

SIGNALS

+

SIGNALS

In routine operation, signals should not be used to control the nameserver; rndc should be used @@ -219,7 +230,7 @@

-

CONFIGURATION

+

CONFIGURATION

The named configuration file is too complex to describe in detail here. A complete description is provided @@ -228,7 +239,7 @@

-

FILES

+

FILES

/etc/named.conf

@@ -241,7 +252,7 @@

-

SEE ALSO

+

SEE ALSO

RFC 1033, RFC 1034, RFC 1035, @@ -252,7 +263,7 @@

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/man.rndc-confgen.html b/doc/arm/man.rndc-confgen.html index 0ac0da1fb8078c58be27ab64b88feff3117de947..d86c076c9b7a2a4ea918c1937322bf346729d139 100644 --- a/doc/arm/man.rndc-confgen.html +++ b/doc/arm/man.rndc-confgen.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -48,7 +48,7 @@

rndc-confgen [-a] [-b keysize] [-c keyfile] [-h] [-k keyname] [-p port] [-r randomfile] [-s address] [-t chrootdir] [-u user]

-

DESCRIPTION

+

DESCRIPTION

rndc-confgen generates configuration files for rndc. It can be used as a @@ -64,7 +64,7 @@

-

OPTIONS

+

OPTIONS

-a
@@ -171,7 +171,7 @@
-

EXAMPLES

+

EXAMPLES

To allow rndc to be used with no manual configuration, run @@ -188,7 +188,7 @@

-

SEE ALSO

+

SEE ALSO

rndc(8), rndc.conf(5), named(8), @@ -196,7 +196,7 @@

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/man.rndc.conf.html b/doc/arm/man.rndc.conf.html index d960b6055daa913e457a4de1dcacc2485772d0a8..a8ada49cacecfeb0ac08bbce6ad7e4e853659123 100644 --- a/doc/arm/man.rndc.conf.html +++ b/doc/arm/man.rndc.conf.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

rndc.conf

-

DESCRIPTION

+

DESCRIPTION

rndc.conf is the configuration file for rndc, the BIND 9 name server control utility. This file has a similar structure and syntax to @@ -135,7 +135,7 @@

-

EXAMPLE

+

EXAMPLE

       options {
         default-server  localhost;
@@ -209,7 +209,7 @@
     

-

NAME SERVER CONFIGURATION

+

NAME SERVER CONFIGURATION

The name server must be configured to accept rndc connections and to recognize the key specified in the rndc.conf @@ -219,7 +219,7 @@

-

SEE ALSO

+

SEE ALSO

rndc(8), rndc-confgen(8), mmencode(1), @@ -227,7 +227,7 @@

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/doc/arm/man.rndc.html b/doc/arm/man.rndc.html index 2d8ea8b8cc69b3fb083a8762e531a5a02da131b0..af8d203fb0a3a82843294f25578b4873580fe299 100644 --- a/doc/arm/man.rndc.html +++ b/doc/arm/man.rndc.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

rndc [-b source-address] [-c config-file] [-k key-file] [-s server] [-p port] [-V] [-y key_id] {command}

-

DESCRIPTION

+

DESCRIPTION

rndc controls the operation of a name server. It supersedes the ndc utility @@ -79,7 +79,7 @@

-

OPTIONS

+

OPTIONS

-b source-address

@@ -152,7 +152,7 @@

-

LIMITATIONS

+

LIMITATIONS

rndc does not yet support all the commands of the BIND 8 ndc utility. @@ -166,7 +166,7 @@

-

SEE ALSO

+

SEE ALSO

rndc.conf(5), named(8), named.conf(5), @@ -175,7 +175,7 @@

-

AUTHOR

+

AUTHOR

Internet Systems Consortium