1<!--
2 - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
3 - Copyright (C) 2000-2003 Internet Software Consortium.
4 -
5 - Permission to use, copy, modify, and/or distribute this software for any
6 - purpose with or without fee is hereby granted, provided that the above
7 - copyright notice and this permission notice appear in all copies.
8 -
9 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 - PERFORMANCE OF THIS SOFTWARE.
16-->
17<html>
18<head>
19<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
20<title>named-checkzone</title>
21<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
22<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
23<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
24<link rel="prev" href="man.named-checkconf.html" title="named-checkconf">
25<link rel="next" href="man.named.html" title="named">
26</head>
27<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
28<div class="navheader">
29<table width="100%" summary="Navigation header">
30<tr><th colspan="3" align="center"><span class="application">named-checkzone</span></th></tr>
31<tr>
32<td width="20%" align="left">
33<a accesskey="p" href="man.named-checkconf.html">Prev</a>�</td>
34<th width="60%" align="center">Manual pages</th>
35<td width="20%" align="right">�<a accesskey="n" href="man.named.html">Next</a>
36</td>
37</tr>
38</table>
39<hr>
40</div>
41<div class="refentry">
42<a name="man.named-checkzone"></a><div class="titlepage"></div>
43<div class="refnamediv">
44<h2>Name</h2>
45<p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> &#8212; zone file validity checking or converting tool</p>
46</div>
47<div class="refsynopsisdiv">
48<h2>Synopsis</h2>
49<div class="cmdsynopsis"><p><code class="command">named-checkzone</code>  [<code class="option">-d</code>] [<code class="option">-h</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-T <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
50<div class="cmdsynopsis"><p><code class="command">named-compilezone</code>  [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-T <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {<code class="option">-o <em class="replaceable"><code>filename</code></em></code>} {zonename} {filename}</p></div>
51</div>
52<div class="refsection">
53<a name="id-1.14.15.7"></a><h2>DESCRIPTION</h2>
54<p><span class="command"><strong>named-checkzone</strong></span>
55      checks the syntax and integrity of a zone file.  It performs the
56      same checks as <span class="command"><strong>named</strong></span> does when loading a
57      zone.  This makes <span class="command"><strong>named-checkzone</strong></span> useful for
58      checking zone files before configuring them into a name server.
59    </p>
60<p>
61        <span class="command"><strong>named-compilezone</strong></span> is similar to
62	<span class="command"><strong>named-checkzone</strong></span>, but it always dumps the
63        zone contents to a specified file in a specified format.
64	Additionally, it applies stricter check levels by default,
65        since the dump output will be used as an actual zone file
66	loaded by <span class="command"><strong>named</strong></span>.
67	When manually specified otherwise, the check levels must at
68        least be as strict as those specified in the
69	<span class="command"><strong>named</strong></span> configuration file.
70     </p>
71</div>
72<div class="refsection">
73<a name="id-1.14.15.8"></a><h2>OPTIONS</h2>
74<div class="variablelist"><dl class="variablelist">
75<dt><span class="term">-d</span></dt>
76<dd><p>
77            Enable debugging.
78          </p></dd>
79<dt><span class="term">-h</span></dt>
80<dd><p>
81            Print the usage summary and exit.
82          </p></dd>
83<dt><span class="term">-q</span></dt>
84<dd><p>
85            Quiet mode - exit code only.
86          </p></dd>
87<dt><span class="term">-v</span></dt>
88<dd><p>
89            Print the version of the <span class="command"><strong>named-checkzone</strong></span>
90            program and exit.
91          </p></dd>
92<dt><span class="term">-j</span></dt>
93<dd><p>
94            When loading the zone file read the journal if it exists.
95          </p></dd>
96<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
97<dd><p>
98            Specify the class of the zone.  If not specified, "IN" is assumed.
99          </p></dd>
100<dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt>
101<dd>
102<p>
103	      Perform post-load zone integrity checks.  Possible modes are
104	      <span class="command"><strong>"full"</strong></span> (default),
105	      <span class="command"><strong>"full-sibling"</strong></span>,
106	      <span class="command"><strong>"local"</strong></span>,
107	      <span class="command"><strong>"local-sibling"</strong></span> and
108	      <span class="command"><strong>"none"</strong></span>.
109	  </p>
110<p>
111	      Mode <span class="command"><strong>"full"</strong></span> checks that MX records
112	      refer to A or AAAA record (both in-zone and out-of-zone
113	      hostnames).  Mode <span class="command"><strong>"local"</strong></span> only
114	      checks MX records which refer to in-zone hostnames.
115	  </p>
116<p>
117	      Mode <span class="command"><strong>"full"</strong></span> checks that SRV records
118	      refer to A or AAAA record (both in-zone and out-of-zone
119	      hostnames).  Mode <span class="command"><strong>"local"</strong></span> only
120	      checks SRV records which refer to in-zone hostnames.
121	  </p>
122<p>
123	      Mode <span class="command"><strong>"full"</strong></span> checks that delegation NS
124	      records refer to A or AAAA record (both in-zone and out-of-zone
125	      hostnames).  It also checks that glue address records
126	      in the zone match those advertised by the child.
127	      Mode <span class="command"><strong>"local"</strong></span> only checks NS records which
128	      refer to in-zone hostnames or that some required glue exists,
129	      that is when the nameserver is in a child zone.
130	  </p>
131<p>
132	      Mode <span class="command"><strong>"full-sibling"</strong></span> and
133	      <span class="command"><strong>"local-sibling"</strong></span> disable sibling glue
134	      checks but are otherwise the same as <span class="command"><strong>"full"</strong></span>
135	      and <span class="command"><strong>"local"</strong></span> respectively.
136	  </p>
137<p>
138	      Mode <span class="command"><strong>"none"</strong></span> disables the checks.
139	  </p>
140</dd>
141<dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt>
142<dd><p>
143	    Specify the format of the zone file.
144	    Possible formats are <span class="command"><strong>"text"</strong></span> (default)
145	    and <span class="command"><strong>"raw"</strong></span>.
146	  </p></dd>
147<dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt>
148<dd>
149<p>
150	    Specify the format of the output file specified.
151	    For <span class="command"><strong>named-checkzone</strong></span>,
152	    this does not cause any effects unless it dumps the zone
153	    contents.
154	  </p>
155<p>
156	    Possible formats are <span class="command"><strong>"text"</strong></span> (default)
157	    and <span class="command"><strong>"raw"</strong></span> or <span class="command"><strong>"raw=N"</strong></span>,
158            which store the zone in a binary format for rapid loading
159            by <span class="command"><strong>named</strong></span>.  <span class="command"><strong>"raw=N"</strong></span>
160            specifies the format version of the raw zone file: if N
161            is 0, the raw file can be read by any version of
162            <span class="command"><strong>named</strong></span>; if N is 1, the file can be read
163            by release 9.9.0 or higher.  The default is 1.
164	  </p>
165</dd>
166<dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt>
167<dd><p>
168            Perform <span class="command"><strong>"check-names"</strong></span> checks with the
169	    specified failure mode.
170            Possible modes are <span class="command"><strong>"fail"</strong></span>
171	    (default for <span class="command"><strong>named-compilezone</strong></span>),
172            <span class="command"><strong>"warn"</strong></span>
173	    (default for <span class="command"><strong>named-checkzone</strong></span>) and
174            <span class="command"><strong>"ignore"</strong></span>.
175          </p></dd>
176<dt><span class="term">-L <em class="replaceable"><code>serial</code></em></span></dt>
177<dd><p>
178            When compiling a zone to 'raw' format, set the "source serial"
179            value in the header to the specified serial number.  (This is
180            expected to be used primarily for testing purposes.)
181          </p></dd>
182<dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt>
183<dd><p>
184            Specify whether MX records should be checked to see if they
185            are addresses.  Possible modes are <span class="command"><strong>"fail"</strong></span>,
186            <span class="command"><strong>"warn"</strong></span> (default) and
187            <span class="command"><strong>"ignore"</strong></span>.
188          </p></dd>
189<dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt>
190<dd><p>
191	    Check if a MX record refers to a CNAME.
192            Possible modes are <span class="command"><strong>"fail"</strong></span>,
193            <span class="command"><strong>"warn"</strong></span> (default) and
194            <span class="command"><strong>"ignore"</strong></span>.
195	  </p></dd>
196<dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt>
197<dd><p>
198            Specify whether NS records should be checked to see if they
199            are addresses.
200	    Possible modes are <span class="command"><strong>"fail"</strong></span>
201	    (default for <span class="command"><strong>named-compilezone</strong></span>),
202            <span class="command"><strong>"warn"</strong></span>
203	    (default for <span class="command"><strong>named-checkzone</strong></span>) and
204            <span class="command"><strong>"ignore"</strong></span>.
205          </p></dd>
206<dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt>
207<dd><p>
208            Write zone output to <code class="filename">filename</code>.
209	    If <code class="filename">filename</code> is <code class="filename">-</code> then
210	    write to standard out.
211	    This is mandatory for <span class="command"><strong>named-compilezone</strong></span>.
212          </p></dd>
213<dt><span class="term">-r <em class="replaceable"><code>mode</code></em></span></dt>
214<dd><p>
215            Check for records that are treated as different by DNSSEC but
216	    are semantically equal in plain DNS.
217            Possible modes are <span class="command"><strong>"fail"</strong></span>,
218            <span class="command"><strong>"warn"</strong></span> (default) and
219            <span class="command"><strong>"ignore"</strong></span>.
220	  </p></dd>
221<dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt>
222<dd><p>
223	    Specify the style of the dumped zone file.
224	    Possible styles are <span class="command"><strong>"full"</strong></span> (default)
225	    and <span class="command"><strong>"relative"</strong></span>.
226	    The full format is most suitable for processing
227	    automatically by a separate script.
228	    On the other hand, the relative format is more
229	    human-readable and is thus suitable for editing by hand.
230	    For <span class="command"><strong>named-checkzone</strong></span>
231	    this does not cause any effects unless it dumps the zone
232	    contents.
233	    It also does not have any meaning if the output format
234	    is not text.
235	  </p></dd>
236<dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt>
237<dd><p>
238	    Check if a SRV record refers to a CNAME.
239            Possible modes are <span class="command"><strong>"fail"</strong></span>,
240            <span class="command"><strong>"warn"</strong></span> (default) and
241            <span class="command"><strong>"ignore"</strong></span>.
242	  </p></dd>
243<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
244<dd><p>
245            Chroot to <code class="filename">directory</code> so that
246            include
247            directives in the configuration file are processed as if
248            run by a similarly chrooted named.
249          </p></dd>
250<dt><span class="term">-T <em class="replaceable"><code>mode</code></em></span></dt>
251<dd><p>
252	    Check if Sender Policy Framework (SPF) records exist
253	    and issues a warning if an SPF-formatted TXT record is
254	    not also present.  Possible modes are <span class="command"><strong>"warn"</strong></span>
255	    (default), <span class="command"><strong>"ignore"</strong></span>.
256	  </p></dd>
257<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt>
258<dd><p>
259            chdir to <code class="filename">directory</code> so that
260            relative
261            filenames in master file $INCLUDE directives work.  This
262            is similar to the directory clause in
263            <code class="filename">named.conf</code>.
264          </p></dd>
265<dt><span class="term">-D</span></dt>
266<dd><p>
267            Dump zone file in canonical format.
268	    This is always enabled for <span class="command"><strong>named-compilezone</strong></span>.
269          </p></dd>
270<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt>
271<dd><p>
272            Specify whether to check for non-terminal wildcards.
273            Non-terminal wildcards are almost always the result of a
274            failure to understand the wildcard matching algorithm (RFC 1034).
275            Possible modes are <span class="command"><strong>"warn"</strong></span> (default)
276            and
277            <span class="command"><strong>"ignore"</strong></span>.
278          </p></dd>
279<dt><span class="term">zonename</span></dt>
280<dd><p>
281            The domain name of the zone being checked.
282          </p></dd>
283<dt><span class="term">filename</span></dt>
284<dd><p>
285            The name of the zone file.
286          </p></dd>
287</dl></div>
288</div>
289<div class="refsection">
290<a name="id-1.14.15.9"></a><h2>RETURN VALUES</h2>
291<p><span class="command"><strong>named-checkzone</strong></span>
292      returns an exit status of 1 if
293      errors were detected and 0 otherwise.
294    </p>
295</div>
296<div class="refsection">
297<a name="id-1.14.15.10"></a><h2>SEE ALSO</h2>
298<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
299      <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
300      <em class="citetitle">RFC 1035</em>,
301      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
302    </p>
303</div>
304</div>
305<div class="navfooter">
306<hr>
307<table width="100%" summary="Navigation footer">
308<tr>
309<td width="40%" align="left">
310<a accesskey="p" href="man.named-checkconf.html">Prev</a>�</td>
311<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
312<td width="40%" align="right">�<a accesskey="n" href="man.named.html">Next</a>
313</td>
314</tr>
315<tr>
316<td width="40%" align="left" valign="top">
317<span class="application">named-checkconf</span>�</td>
318<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
319<td width="40%" align="right" valign="top">�<span class="application">named</span>
320</td>
321</tr>
322</table>
323</div>
324<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.9.9-P4 (Extended Support Version)</p>
325</body>
326</html>
327