1<!-- 2 - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC") 3 - Copyright (C) 2000-2003 Internet Software Consortium. 4 - 5 - Permission to use, copy, modify, and/or distribute this software for any 6 - purpose with or without fee is hereby granted, provided that the above 7 - copyright notice and this permission notice appear in all copies. 8 - 9 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 - PERFORMANCE OF THIS SOFTWARE. 16--> 17<html> 18<head> 19<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 20<title>named-checkzone</title> 21<meta name="generator" content="DocBook XSL Stylesheets V1.78.1"> 22<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> 23<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages"> 24<link rel="prev" href="man.named-checkconf.html" title="named-checkconf"> 25<link rel="next" href="man.named.html" title="named"> 26</head> 27<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> 28<div class="navheader"> 29<table width="100%" summary="Navigation header"> 30<tr><th colspan="3" align="center"><span class="application">named-checkzone</span></th></tr> 31<tr> 32<td width="20%" align="left"> 33<a accesskey="p" href="man.named-checkconf.html">Prev</a>�</td> 34<th width="60%" align="center">Manual pages</th> 35<td width="20%" align="right">�<a accesskey="n" href="man.named.html">Next</a> 36</td> 37</tr> 38</table> 39<hr> 40</div> 41<div class="refentry"> 42<a name="man.named-checkzone"></a><div class="titlepage"></div> 43<div class="refnamediv"> 44<h2>Name</h2> 45<p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> — zone file validity checking or converting tool</p> 46</div> 47<div class="refsynopsisdiv"> 48<h2>Synopsis</h2> 49<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-h</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-T <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div> 50<div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-T <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {<code class="option">-o <em class="replaceable"><code>filename</code></em></code>} {zonename} {filename}</p></div> 51</div> 52<div class="refsection"> 53<a name="id-1.14.15.7"></a><h2>DESCRIPTION</h2> 54<p><span class="command"><strong>named-checkzone</strong></span> 55 checks the syntax and integrity of a zone file. It performs the 56 same checks as <span class="command"><strong>named</strong></span> does when loading a 57 zone. This makes <span class="command"><strong>named-checkzone</strong></span> useful for 58 checking zone files before configuring them into a name server. 59 </p> 60<p> 61 <span class="command"><strong>named-compilezone</strong></span> is similar to 62 <span class="command"><strong>named-checkzone</strong></span>, but it always dumps the 63 zone contents to a specified file in a specified format. 64 Additionally, it applies stricter check levels by default, 65 since the dump output will be used as an actual zone file 66 loaded by <span class="command"><strong>named</strong></span>. 67 When manually specified otherwise, the check levels must at 68 least be as strict as those specified in the 69 <span class="command"><strong>named</strong></span> configuration file. 70 </p> 71</div> 72<div class="refsection"> 73<a name="id-1.14.15.8"></a><h2>OPTIONS</h2> 74<div class="variablelist"><dl class="variablelist"> 75<dt><span class="term">-d</span></dt> 76<dd><p> 77 Enable debugging. 78 </p></dd> 79<dt><span class="term">-h</span></dt> 80<dd><p> 81 Print the usage summary and exit. 82 </p></dd> 83<dt><span class="term">-q</span></dt> 84<dd><p> 85 Quiet mode - exit code only. 86 </p></dd> 87<dt><span class="term">-v</span></dt> 88<dd><p> 89 Print the version of the <span class="command"><strong>named-checkzone</strong></span> 90 program and exit. 91 </p></dd> 92<dt><span class="term">-j</span></dt> 93<dd><p> 94 When loading the zone file read the journal if it exists. 95 </p></dd> 96<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt> 97<dd><p> 98 Specify the class of the zone. If not specified, "IN" is assumed. 99 </p></dd> 100<dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt> 101<dd> 102<p> 103 Perform post-load zone integrity checks. Possible modes are 104 <span class="command"><strong>"full"</strong></span> (default), 105 <span class="command"><strong>"full-sibling"</strong></span>, 106 <span class="command"><strong>"local"</strong></span>, 107 <span class="command"><strong>"local-sibling"</strong></span> and 108 <span class="command"><strong>"none"</strong></span>. 109 </p> 110<p> 111 Mode <span class="command"><strong>"full"</strong></span> checks that MX records 112 refer to A or AAAA record (both in-zone and out-of-zone 113 hostnames). Mode <span class="command"><strong>"local"</strong></span> only 114 checks MX records which refer to in-zone hostnames. 115 </p> 116<p> 117 Mode <span class="command"><strong>"full"</strong></span> checks that SRV records 118 refer to A or AAAA record (both in-zone and out-of-zone 119 hostnames). Mode <span class="command"><strong>"local"</strong></span> only 120 checks SRV records which refer to in-zone hostnames. 121 </p> 122<p> 123 Mode <span class="command"><strong>"full"</strong></span> checks that delegation NS 124 records refer to A or AAAA record (both in-zone and out-of-zone 125 hostnames). It also checks that glue address records 126 in the zone match those advertised by the child. 127 Mode <span class="command"><strong>"local"</strong></span> only checks NS records which 128 refer to in-zone hostnames or that some required glue exists, 129 that is when the nameserver is in a child zone. 130 </p> 131<p> 132 Mode <span class="command"><strong>"full-sibling"</strong></span> and 133 <span class="command"><strong>"local-sibling"</strong></span> disable sibling glue 134 checks but are otherwise the same as <span class="command"><strong>"full"</strong></span> 135 and <span class="command"><strong>"local"</strong></span> respectively. 136 </p> 137<p> 138 Mode <span class="command"><strong>"none"</strong></span> disables the checks. 139 </p> 140</dd> 141<dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt> 142<dd><p> 143 Specify the format of the zone file. 144 Possible formats are <span class="command"><strong>"text"</strong></span> (default) 145 and <span class="command"><strong>"raw"</strong></span>. 146 </p></dd> 147<dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt> 148<dd> 149<p> 150 Specify the format of the output file specified. 151 For <span class="command"><strong>named-checkzone</strong></span>, 152 this does not cause any effects unless it dumps the zone 153 contents. 154 </p> 155<p> 156 Possible formats are <span class="command"><strong>"text"</strong></span> (default) 157 and <span class="command"><strong>"raw"</strong></span> or <span class="command"><strong>"raw=N"</strong></span>, 158 which store the zone in a binary format for rapid loading 159 by <span class="command"><strong>named</strong></span>. <span class="command"><strong>"raw=N"</strong></span> 160 specifies the format version of the raw zone file: if N 161 is 0, the raw file can be read by any version of 162 <span class="command"><strong>named</strong></span>; if N is 1, the file can be read 163 by release 9.9.0 or higher. The default is 1. 164 </p> 165</dd> 166<dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt> 167<dd><p> 168 Perform <span class="command"><strong>"check-names"</strong></span> checks with the 169 specified failure mode. 170 Possible modes are <span class="command"><strong>"fail"</strong></span> 171 (default for <span class="command"><strong>named-compilezone</strong></span>), 172 <span class="command"><strong>"warn"</strong></span> 173 (default for <span class="command"><strong>named-checkzone</strong></span>) and 174 <span class="command"><strong>"ignore"</strong></span>. 175 </p></dd> 176<dt><span class="term">-L <em class="replaceable"><code>serial</code></em></span></dt> 177<dd><p> 178 When compiling a zone to 'raw' format, set the "source serial" 179 value in the header to the specified serial number. (This is 180 expected to be used primarily for testing purposes.) 181 </p></dd> 182<dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt> 183<dd><p> 184 Specify whether MX records should be checked to see if they 185 are addresses. Possible modes are <span class="command"><strong>"fail"</strong></span>, 186 <span class="command"><strong>"warn"</strong></span> (default) and 187 <span class="command"><strong>"ignore"</strong></span>. 188 </p></dd> 189<dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt> 190<dd><p> 191 Check if a MX record refers to a CNAME. 192 Possible modes are <span class="command"><strong>"fail"</strong></span>, 193 <span class="command"><strong>"warn"</strong></span> (default) and 194 <span class="command"><strong>"ignore"</strong></span>. 195 </p></dd> 196<dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt> 197<dd><p> 198 Specify whether NS records should be checked to see if they 199 are addresses. 200 Possible modes are <span class="command"><strong>"fail"</strong></span> 201 (default for <span class="command"><strong>named-compilezone</strong></span>), 202 <span class="command"><strong>"warn"</strong></span> 203 (default for <span class="command"><strong>named-checkzone</strong></span>) and 204 <span class="command"><strong>"ignore"</strong></span>. 205 </p></dd> 206<dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt> 207<dd><p> 208 Write zone output to <code class="filename">filename</code>. 209 If <code class="filename">filename</code> is <code class="filename">-</code> then 210 write to standard out. 211 This is mandatory for <span class="command"><strong>named-compilezone</strong></span>. 212 </p></dd> 213<dt><span class="term">-r <em class="replaceable"><code>mode</code></em></span></dt> 214<dd><p> 215 Check for records that are treated as different by DNSSEC but 216 are semantically equal in plain DNS. 217 Possible modes are <span class="command"><strong>"fail"</strong></span>, 218 <span class="command"><strong>"warn"</strong></span> (default) and 219 <span class="command"><strong>"ignore"</strong></span>. 220 </p></dd> 221<dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt> 222<dd><p> 223 Specify the style of the dumped zone file. 224 Possible styles are <span class="command"><strong>"full"</strong></span> (default) 225 and <span class="command"><strong>"relative"</strong></span>. 226 The full format is most suitable for processing 227 automatically by a separate script. 228 On the other hand, the relative format is more 229 human-readable and is thus suitable for editing by hand. 230 For <span class="command"><strong>named-checkzone</strong></span> 231 this does not cause any effects unless it dumps the zone 232 contents. 233 It also does not have any meaning if the output format 234 is not text. 235 </p></dd> 236<dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt> 237<dd><p> 238 Check if a SRV record refers to a CNAME. 239 Possible modes are <span class="command"><strong>"fail"</strong></span>, 240 <span class="command"><strong>"warn"</strong></span> (default) and 241 <span class="command"><strong>"ignore"</strong></span>. 242 </p></dd> 243<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt> 244<dd><p> 245 Chroot to <code class="filename">directory</code> so that 246 include 247 directives in the configuration file are processed as if 248 run by a similarly chrooted named. 249 </p></dd> 250<dt><span class="term">-T <em class="replaceable"><code>mode</code></em></span></dt> 251<dd><p> 252 Check if Sender Policy Framework (SPF) records exist 253 and issues a warning if an SPF-formatted TXT record is 254 not also present. Possible modes are <span class="command"><strong>"warn"</strong></span> 255 (default), <span class="command"><strong>"ignore"</strong></span>. 256 </p></dd> 257<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt> 258<dd><p> 259 chdir to <code class="filename">directory</code> so that 260 relative 261 filenames in master file $INCLUDE directives work. This 262 is similar to the directory clause in 263 <code class="filename">named.conf</code>. 264 </p></dd> 265<dt><span class="term">-D</span></dt> 266<dd><p> 267 Dump zone file in canonical format. 268 This is always enabled for <span class="command"><strong>named-compilezone</strong></span>. 269 </p></dd> 270<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt> 271<dd><p> 272 Specify whether to check for non-terminal wildcards. 273 Non-terminal wildcards are almost always the result of a 274 failure to understand the wildcard matching algorithm (RFC 1034). 275 Possible modes are <span class="command"><strong>"warn"</strong></span> (default) 276 and 277 <span class="command"><strong>"ignore"</strong></span>. 278 </p></dd> 279<dt><span class="term">zonename</span></dt> 280<dd><p> 281 The domain name of the zone being checked. 282 </p></dd> 283<dt><span class="term">filename</span></dt> 284<dd><p> 285 The name of the zone file. 286 </p></dd> 287</dl></div> 288</div> 289<div class="refsection"> 290<a name="id-1.14.15.9"></a><h2>RETURN VALUES</h2> 291<p><span class="command"><strong>named-checkzone</strong></span> 292 returns an exit status of 1 if 293 errors were detected and 0 otherwise. 294 </p> 295</div> 296<div class="refsection"> 297<a name="id-1.14.15.10"></a><h2>SEE ALSO</h2> 298<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, 299 <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>, 300 <em class="citetitle">RFC 1035</em>, 301 <em class="citetitle">BIND 9 Administrator Reference Manual</em>. 302 </p> 303</div> 304</div> 305<div class="navfooter"> 306<hr> 307<table width="100%" summary="Navigation footer"> 308<tr> 309<td width="40%" align="left"> 310<a accesskey="p" href="man.named-checkconf.html">Prev</a>�</td> 311<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td> 312<td width="40%" align="right">�<a accesskey="n" href="man.named.html">Next</a> 313</td> 314</tr> 315<tr> 316<td width="40%" align="left" valign="top"> 317<span class="application">named-checkconf</span>�</td> 318<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> 319<td width="40%" align="right" valign="top">�<span class="application">named</span> 320</td> 321</tr> 322</table> 323</div> 324<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.9.9-P4 (Extended Support Version)</p> 325</body> 326</html> 327