rndc.conf.4 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

rndc.conf(4) rndc.conf(4)

(BIND 9.3)

NAME

rndc.conf - rndc conﬁguration ﬁle

DESCRIPTION

rndc.conf is the conﬁguration ﬁle for

rndc, the BIND 9 name server control utility. This ﬁle has a

structure and syntax similar to the

named

conﬁguration ﬁle, named.conf.

The standard (default)

rndc conﬁguration ﬁle is located at

/etc/rndc.conf

. The standard (default)

named conﬁguration ﬁle is located at

/etc/named.conf

Syntax

The syntax of the

rndc.conf ﬁle is much simpler than that of the

named.conf conﬁguration ﬁle. It

includes three statements and optional comments. Statement blocks are enclosed in braces and ter-

minated with a semicolon. Clauses in the statements are also semicolon-terminated.

options {

default-server

defserver ;

default-key defkey ;

};

server servername {

key keyname ;

};

key keyname {

algorithm algoname ;

secret "secretvalue ";

};

A servername or keyname must be quoted using double quotes if it matches a keyword, such as having a

key named "key".

The options Statement

The

options statement speciﬁes the default server and key deﬁnition for the conﬁguration.

The

default-server clause speciﬁes the default server on which

rndc runs, if the server is not

speciﬁed with the

-s option in the rndc command. defserver is the name or IP address of a name server

that is speciﬁed in a server statement.

The

default-key clause speciﬁes the default key that will authenticate the server’s commands and

responses if a key is not speciﬁed with the -y option in the

rndc command. defkey is the name of a key

that is speciﬁed in a

key statement.

The server Statement

The

server statement speciﬁes the servername of a name server, as a host name or an IP address.

The

key clause speciﬁes a keyname that matches a keyname in a key statement.

Multiple

server statements are permitted.

The key Statement

The

key statement speciﬁes the name, keyname , and deﬁnition of a key.

The

algorithm clause identiﬁes the encryption algorithm, algoname . Currently only HMAC-MD5 is

supported.

The

secret clause contains the random key, secretvalue , that will be used for authentication. It is

base-64-encoded, using the algorithm speciﬁed in the algorithm clause. secretvalue is enclosed in dou-

ble quotes.

The BIND 9 program

dnssec-keygen can be used to generate the secretvalue .

Multiple

key statements are permitted.

Comments

The following comment styles are supported:

C: /* comment */

HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1

Summary of content (2 pages)

PAGE 1
rndc.conf(4) rndc.conf(4) (BIND 9.3) NAME rndc.conf - rndc configuration file DESCRIPTION rndc.conf is the configuration file for rndc, the BIND 9 name server control utility. This file has a structure and syntax similar to the named configuration file, named.conf. The standard (default) rndc configuration file is located at /etc/rndc.conf. The standard (default) named configuration file is located at /etc/named.conf. Syntax The syntax of the rndc.conf file is much simpler than that of the named.
PAGE 2
rndc.conf(4) rndc.conf(4) (BIND 9.3) C++: // to end of line UNIX: # to end of line Name Server Configuration The name server must be configured to accept rndc connections and to recognize the key specified in the rndc.conf file, using the controls statement in named.conf. WARNINGS Currently, there is no way to specify the port on which rndc must run. EXAMPLES Example 1 Here is a sample rndc.