Commit ff5760e2 authored by Andreas Gustafsson's avatar Andreas Gustafsson

random reformatting

parent cca68b1f
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN"
"http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd"> "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd">
<!-- File: $Id: Bv9ARM-book.xml,v 1.151 2001/07/26 22:46:44 bwelling Exp $ --> <!-- File: $Id: Bv9ARM-book.xml,v 1.152 2001/07/30 22:55:23 gson Exp $ -->
<book> <book>
<title>BIND 9 Administrator Reference Manual</title> <title>BIND 9 Administrator Reference Manual</title>
...@@ -798,37 +798,37 @@ of a server.</para> ...@@ -798,37 +798,37 @@ of a server.</para>
</variablelist> </variablelist>
<para>In <acronym>BIND</acronym> 9.2, <command>rndc</command> <para>In <acronym>BIND</acronym> 9.2, <command>rndc</command>
supports all the commands of the BIND 8 <command>ndc</command> supports all the commands of the BIND 8 <command>ndc</command>
utility except <command>ndc start</command>, which was also utility except <command>ndc start</command>, which was also
not supported in <command>ndc</command>'s channel mode.</para> not supported in <command>ndc</command>'s channel mode.</para>
<para>A configuration file is required, since all <para>A configuration file is required, since all
communication with the server is authenticated with communication with the server is authenticated with
digital signatures that rely on a shared secret, and digital signatures that rely on a shared secret, and
there is no way to provide that secret other than with a there is no way to provide that secret other than with a
configuration file. The default location for the configuration file. The default location for the
<command>rndc</command> configuration file is <command>rndc</command> configuration file is
<filename>/etc/rndc.conf</filename>, but an alternate <filename>/etc/rndc.conf</filename>, but an alternate
location can be specified with the <option>-c</option> location can be specified with the <option>-c</option>
option. If the configuration file is not found, option. If the configuration file is not found,
<command>rndc</command> will also look in <command>rndc</command> will also look in
<filename>/var/run/named.key</filename> (or wherever <filename>/var/run/named.key</filename> (or wherever
<varname>localstatedir</varname> was defined when <varname>localstatedir</varname> was defined when
the <acronym>BIND</acronym> build was configured). the <acronym>BIND</acronym> build was configured).
The <filename>named.key</filename> file is generated by The <filename>named.key</filename> file is generated by
<command>named</command> as described in <command>named</command> as described in
<xref linkend="controls_statement_definition_and_usage"/>.</para> <xref linkend="controls_statement_definition_and_usage"/>.</para>
<para>The format of the configuration file is similar to <para>The format of the configuration file is similar to
that of <filename>named.conf</filename>, but limited to that of <filename>named.conf</filename>, but limited to
only four statements, the <command>options</command>, only four statements, the <command>options</command>,
<command>key</command>, <command>server</command> and <command>key</command>, <command>server</command> and
<command>include</command> <command>include</command>
statements. These statements are what associate the statements. These statements are what associate the
secret keys to the servers with which they are meant to secret keys to the servers with which they are meant to
be shared. The order of statements is not be shared. The order of statements is not
significant.</para> significant.</para>
<para>The <command>options</command> statement has three clauses: <para>The <command>options</command> statement has three clauses:
<command>default-server</command>, <command>default-key</command>, <command>default-server</command>, <command>default-key</command>,
...@@ -878,11 +878,13 @@ options { ...@@ -878,11 +878,13 @@ options {
<para>This file, if installed as <filename>/etc/rndc.conf</filename>, <para>This file, if installed as <filename>/etc/rndc.conf</filename>,
would allow the command:</para> would allow the command:</para>
<para><prompt>$ </prompt><userinput>rndc reload</userinput></para>
<para><prompt>$ </prompt><userinput>rndc reload</userinput></para>
<para>to connect to 127.0.0.1 port 953 and cause the nameserver <para>to connect to 127.0.0.1 port 953 and cause the nameserver
to reload, if a nameserver on the local machine were running with to reload, if a nameserver on the local machine were running with
following controls statements:</para> following controls statements:</para>
<programlisting> <programlisting>
controls { controls {
inet 127.0.0.1 allow { localhost; } keys { rndc_key; }; inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
}; };
...@@ -895,8 +897,9 @@ controls { ...@@ -895,8 +897,9 @@ controls {
</sect3> </sect3>
</sect2> </sect2>
<sect2> <sect2>
<title>Signals</title>
<title>Signals</title>
<para>Certain UNIX signals cause the name server to take specific <para>Certain UNIX signals cause the name server to take specific
actions, as described in the following table. These signals can actions, as described in the following table. These signals can
be sent using the <command>kill</command> command.</para> be sent using the <command>kill</command> command.</para>
...@@ -1529,18 +1532,21 @@ allow-update { key host1-host2. ;}; ...@@ -1529,18 +1532,21 @@ allow-update { key host1-host2. ;};
input file for the zone.</para> input file for the zone.</para>
</sect2> </sect2>
<sect2><title>Configuring Servers</title>
<para>Unlike in <acronym>BIND</acronym> 8, data is not verified on load in <acronym>BIND</acronym> 9, <sect2><title>Configuring Servers</title>
so zone keys for authoritative zones do not need to be specified
in the configuration file.</para>
<para>The public key for any security root must be present in <para>Unlike in <acronym>BIND</acronym> 8,
the configuration file's <command>trusted-keys</command> data is not verified on load in <acronym>BIND</acronym> 9,
statement, as described later in this document. </para> so zone keys for authoritative zones do not need to be specified
in the configuration file.</para>
</sect2> <para>The public key for any security root must be present in
</sect1> the configuration file's <command>trusted-keys</command>
statement, as described later in this document. </para>
</sect2>
</sect1>
<sect1> <sect1>
<title>IPv6 Support in <acronym>BIND</acronym> 9</title> <title>IPv6 Support in <acronym>BIND</acronym> 9</title>
......
...@@ -1096,90 +1096,90 @@ CLASS="acronym" ...@@ -1096,90 +1096,90 @@ CLASS="acronym"
CLASS="command" CLASS="command"
>rndc</B >rndc</B
> >
supports all the commands of the BIND 8 <B supports all the commands of the BIND 8 <B
CLASS="command" CLASS="command"
>ndc</B >ndc</B
> >
utility except <B utility except <B
CLASS="command" CLASS="command"
>ndc start</B >ndc start</B
>, which was also >, which was also
not supported in <B not supported in <B
CLASS="command" CLASS="command"
>ndc</B >ndc</B
>'s channel mode.</P >'s channel mode.</P
><P ><P
>A configuration file is required, since all >A configuration file is required, since all
communication with the server is authenticated with communication with the server is authenticated with
digital signatures that rely on a shared secret, and digital signatures that rely on a shared secret, and
there is no way to provide that secret other than with a there is no way to provide that secret other than with a
configuration file. The default location for the configuration file. The default location for the
<B <B
CLASS="command" CLASS="command"
>rndc</B >rndc</B
> configuration file is > configuration file is
<TT <TT
CLASS="filename" CLASS="filename"
>/etc/rndc.conf</TT >/etc/rndc.conf</TT
>, but an alternate >, but an alternate
location can be specified with the <TT location can be specified with the <TT
CLASS="option" CLASS="option"
>-c</TT >-c</TT
> >
option. If the configuration file is not found, option. If the configuration file is not found,
<B <B
CLASS="command" CLASS="command"
>rndc</B >rndc</B
> will also look in > will also look in
<TT <TT
CLASS="filename" CLASS="filename"
>/var/run/named.key</TT >/var/run/named.key</TT
> (or wherever > (or wherever
<TT <TT
CLASS="varname" CLASS="varname"
>localstatedir</TT >localstatedir</TT
> was defined when > was defined when
the <SPAN the <SPAN
CLASS="acronym" CLASS="acronym"
>BIND</SPAN >BIND</SPAN
> build was configured). > build was configured).
The <TT The <TT
CLASS="filename" CLASS="filename"
>named.key</TT >named.key</TT
> file is generated by > file is generated by
<B <B
CLASS="command" CLASS="command"
>named</B >named</B
> as described in > as described in
<A <A
HREF="Bv9ARM.ch06.html#controls_statement_definition_and_usage" HREF="Bv9ARM.ch06.html#controls_statement_definition_and_usage"
>Section 6.2.4</A >Section 6.2.4</A
>.</P >.</P
><P ><P
>The format of the configuration file is similar to >The format of the configuration file is similar to
that of <TT that of <TT
CLASS="filename" CLASS="filename"
>named.conf</TT >named.conf</TT
>, but limited to >, but limited to
only four statements, the <B only four statements, the <B
CLASS="command" CLASS="command"
>options</B >options</B
>, >,
<B <B
CLASS="command" CLASS="command"
>key</B >key</B
>, <B >, <B
CLASS="command" CLASS="command"
>server</B >server</B
> and > and
<B <B
CLASS="command" CLASS="command"
>include</B >include</B
> >
statements. These statements are what associate the statements. These statements are what associate the
secret keys to the servers with which they are meant to secret keys to the servers with which they are meant to
be shared. The order of statements is not be shared. The order of statements is not
significant.</P significant.</P
><P ><P
>The <B >The <B
CLASS="command" CLASS="command"
......
...@@ -1337,19 +1337,20 @@ NAME="AEN967" ...@@ -1337,19 +1337,20 @@ NAME="AEN967"
>Unlike in <SPAN >Unlike in <SPAN
CLASS="acronym" CLASS="acronym"
>BIND</SPAN >BIND</SPAN
> 8, data is not verified on load in <SPAN > 8,
data is not verified on load in <SPAN
CLASS="acronym" CLASS="acronym"
>BIND</SPAN >BIND</SPAN
> 9, > 9,
so zone keys for authoritative zones do not need to be specified so zone keys for authoritative zones do not need to be specified
in the configuration file.</P in the configuration file.</P
><P ><P
>The public key for any security root must be present in >The public key for any security root must be present in
the configuration file's <B the configuration file's <B
CLASS="command" CLASS="command"
>trusted-keys</B >trusted-keys</B
> >
statement, as described later in this document. </P statement, as described later in this document. </P
></DIV ></DIV
></DIV ></DIV
><DIV ><DIV
......
...@@ -7292,12 +7292,12 @@ as <B ...@@ -7292,12 +7292,12 @@ as <B
CLASS="command" CLASS="command"
>match-recursive-only</B >match-recursive-only</B
>, which means that only recursive >, which means that only recursive
queries from matching clients will match that view. requests from matching clients will match that view.
The order of the <B The order of the <B
CLASS="command" CLASS="command"
>view</B >view</B
> statements is significant &#8212; > statements is significant &#8212;
a client query will be resolved in the context of the first a client request will be resolved in the context of the first
<B <B
CLASS="command" CLASS="command"
>view</B >view</B
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment