1NAMED-CHECKZONE(8) BIND9 NAMED-CHECKZONE(8)
2
6 named-checkzone, named-compilezone - zone file validity checking or
7 converting tool
8
10 named-checkzone [-d] [-j] [-q] [-v] [-c class] [-f format] [-F format]
11 [-i mode] [-k mode] [-m mode] [-M mode] [-n mode]
12 [-o filename] [-s style] [-S mode] [-t directory]
13 [-w directory] [-D] [-W mode] {zonename} {filename}
14 named-compilezone [-d] [-j] [-q] [-v] [-c class] [-C mode] [-f format]
16 [-F format] [-i mode] [-k mode] [-m mode] [-n mode]
17 [-o filename] [-s style] [-t directory]
18 [-w directory] [-D] [-W mode] {zonename} {filename}
19
21 named-checkzone checks the syntax and integrity of a zone file. It
22 performs the same checks as named does when loading a zone. This makes
23 named-checkzone useful for checking zone files before configuring them
24 into a name server.
25 named-compilezone is similar to named-checkzone, but it always dumps
27 the zone contents to a specified file in a specified format.
28 Additionally, it applies stricter check levels by default, since the
29 dump output will be used as an actual zone file loaded by named. When
30 manually specified otherwise, the check levels must at least be as
31 strict as those specified in the named configuration file.
32
34 -d
35 Enable debugging.
36 -q
38 Quiet mode - exit code only.
39 -v
41 Print the version of the named-checkzone program and exit.
42 -j
44 When loading the zone file read the journal if it exists.
45 -c class
47 Specify the class of the zone. If not specified "IN" is assumed.
48 -i mode
50 Perform post-load zone integrity checks. Possible modes are "full"
51 (default), "full-sibling", "local", "local-sibling" and "none".
52 Mode "full" checks that MX records refer to A or AAAA record (both
54 in-zone and out-of-zone hostnames). Mode "local" only checks MX
55 records which refer to in-zone hostnames.
56 Mode "full" checks that SRV records refer to A or AAAA record (both
58 in-zone and out-of-zone hostnames). Mode "local" only checks SRV
59 records which refer to in-zone hostnames.
60 Mode "full" checks that delegation NS records refer to A or AAAA
62 record (both in-zone and out-of-zone hostnames). It also checks
63 that glue address records in the zone match those advertised by the
64 child. Mode "local" only checks NS records which refer to in-zone
65 hostnames or that some required glue exists, that is when the
66 nameserver is in a child zone.
67 Mode "full-sibling" and "local-sibling" disable sibling glue checks
69 but are otherwise the same as "full" and "local" respectively.
70 Mode "none" disables the checks.
72 -f format
74 Specify the format of the zone file. Possible formats are "text"
75 (default) and "raw".
76 -F format
78 Specify the format of the output file specified. Possible formats
79 are "text" (default) and "raw". For named-checkzone, this does not
80 cause any effects unless it dumps the zone contents.
81 -k mode
83 Perform "check-names" checks with the specified failure mode.
84 Possible modes are "fail" (default for named-compilezone), "warn"
85 (default for named-checkzone) and "ignore".
86 -m mode
88 Specify whether MX records should be checked to see if they are
89 addresses. Possible modes are "fail", "warn" (default) and
90 "ignore".
91 -M mode
93 Check if a MX record refers to a CNAME. Possible modes are "fail",
94 "warn" (default) and "ignore".
95 -n mode
97 Specify whether NS records should be checked to see if they are
98 addresses. Possible modes are "fail" (default for
99 named-compilezone), "warn" (default for named-checkzone) and
100 "ignore".
101 -o filename
103 Write zone output to filename. This is mandatory for
104 named-compilezone.
105 -s style
107 Specify the style of the dumped zone file. Possible styles are
108 "full" (default) and "relative". The full format is most suitable
109 for processing automatically by a separate script. On the other
110 hand, the relative format is more human-readable and is thus
111 suitable for editing by hand. For named-checkzone this does not
112 cause any effects unless it dumps the zone contents. It also does
113 not have any meaning if the output format is not text.
114 -S mode
116 Check if a SRV record refers to a CNAME. Possible modes are "fail",
117 "warn" (default) and "ignore".
118 -t directory
120 Chroot to directory so that include directives in the configuration
121 file are processed as if run by a similarly chrooted named.
122 -w directory
124 chdir to directory so that relative filenames in master file
125 $INCLUDE directives work. This is similar to the directory clause
126 in named.conf.
127 -D
129 Dump zone file in canonical format. This is always enabled for
130 named-compilezone.
131 -W mode
133 Specify whether to check for non-terminal wildcards. Non-terminal
134 wildcards are almost always the result of a failure to understand
135 the wildcard matching algorithm (RFC 1034). Possible modes are
136 "warn" (default) and "ignore".
137 zonename
139 The domain name of the zone being checked.
140 filename
142 The name of the zone file.
143
145 named-checkzone returns an exit status of 1 if errors were detected and
146 0 otherwise.
147
149 named(8), named-checkconf(8), RFC 1035, BIND 9 Administrator Reference
150 Manual.
151
153 Internet Systems Consortium
154
156 Copyright © 2004-2007 Internet Systems Consortium, Inc. ("ISC")
157 Copyright © 2000-2002 Internet Software Consortium.
158BIND9 June 13, 2000 NAMED-CHECKZONE(8)