1KNOTC(8)                           Knot DNS                           KNOTC(8)
2
3
4

NAME

6       knotc - Knot DNS control utility
7

SYNOPSIS

9       knotc [parameters] action [action_args]
10

DESCRIPTION

12       If no action is specified, the program is executed in interactive mode.
13
14   Parameters
15       -c, --config file
16              Use     a     textual    configuration    file    (default    is
17              /etc/knot/knot.conf).
18
19       -C, --confdb directory
20              Use  a  binary  configuration  database  directory  (default  is
21              /var/lib/knot/confdb).   The  default configuration database, if
22              exists, has a preference to the default configuration file.
23
24       -m, --max-conf-size MiB
25              Set maximum configuration size  (default  is  500  MiB,  maximum
26              10000 MiB).
27
28       -s, --socket path
29              Use a control UNIX socket path (default is /run/knot/knot.sock).
30
31       -t, --timeout seconds
32              Use a control timeout in seconds. Set 0 for infinity (default is
33              10).
34
35       -f, --force
36              Forced operation. Overrides some checks.
37
38       -v, --verbose
39              Enable debug output.
40
41       -h, --help
42              Print the program help.
43
44       -V, --version
45              Print the program version.
46
47   Actions
48       status [detail]
49              Check if the server is running. Details are version for the run‐
50              ning  server version, workers for the numbers of worker threads,
51              or configure for the configure summary.
52
53       stop   Stop the server if running.
54
55       reload Reload the server configuration and  modified  zone  files.  All
56              open zone transactions will be aborted!
57
58       stats [module[.counter]]
59              Show  global  statistics counter(s). To print also counters with
60              value 0, use force option.
61
62       zone-status zone [filter]
63              Show the zone status. Filters are +role, +serial,  +transaction,
64              +events, and +freeze.
65
66       zone-check [zone...]
67              Test  if  the server can load the zone. Semantic checks are exe‐
68              cuted if enabled in the configuration. (*)
69
70       zone-memstats [zone...]
71              Estimate memory use for the zone. (*)
72
73       zone-reload [zone...]
74              Trigger a zone reload from a disk without checking its modifica‐
75              tion  time.  For slave zone, the refresh from a master server is
76              scheduled; for master zone, the notification of slave servers is
77              scheduled. An open zone transaction will be aborted!
78
79       zone-refresh [zone...]
80              Trigger a check for the zone serial on the zone's master. If the
81              master has a newer zone, a transfer is scheduled.  This  command
82              is valid for slave zones.
83
84       zone-retransfer [zone...]
85              Trigger  a  zone  transfer  from  the  zone's master. The server
86              doesn't check the serial of the master's zone. This  command  is
87              valid for slave zones.
88
89       zone-notify [zone...]
90              Trigger  a  NOTIFY  message  to all configured remotes. This can
91              help in cases when previous NOTIFY had been lost or  the  slaves
92              offline.
93
94       zone-flush [zone...] [+outdir directory]
95              Trigger  a  zone journal flush into the zone file. If output dir
96              is specified, instead of flushing  the  zonefile,  the  zone  is
97              dumped to a file in the specified directory.
98
99       zone-sign [zone...]
100              Trigger  a  DNSSEC re-sign of the zone. Existing signatures will
101              be dropped.  This command is valid for zones with DNSSEC signing
102              enabled.
103
104       zone-ksk-submitted zone...
105              Use  when  the  zone's  KSK  rollover is in submittion phase. By
106              calling this command the user confirms manually that the  parent
107              zone  contains DS record for the new KSK in submission phase and
108              the old KSK can be retired.
109
110       zone-freeze [zone...]
111              Temporarily  postpone  zone-changing  events   (load,   refresh,
112              update, flush, and DNSSEC signing).
113
114       zone-thaw [zone...]
115              Dismiss zone freeze.
116
117       zone-read zone [owner [type]]
118              Get zone data that are currently being presented.
119
120       zone-begin zone...
121              Begin a zone transaction.
122
123       zone-commit zone...
124              Commit  the  zone  transaction.  All  changes are applied to the
125              zone.
126
127       zone-abort zone...
128              Abort the zone transaction. All changes are discarded.
129
130       zone-diff zone
131              Get zone changes within the transaction.
132
133       zone-get zone [owner [type]]
134              Get zone data within the transaction.
135
136       zone-set zone owner [ttl] type rdata
137              Add zone record within the transaction. The first  record  in  a
138              rrset requires a ttl value specified.
139
140       zone-unset zone owner [type [rdata]]
141              Remove zone data within the transaction.
142
143       zone-purge zone... [filter...]
144              Purge zone data, zone file, journal, timers, and/or KASP data of
145              specified zones.   Available  filters  are  +expire,  +zonefile,
146              +journal,  +timers,  and +kaspdb. If no filter is specified, all
147              filters are enabled.  If the zone is no longer  configured,  add
148              +orphan filter (zone file cannot be purged in this case).
149
150       zone-stats zone [module[.counter]]
151              Show  zone  statistics  counter(s).  To print also counters with
152              value 0, use force option.
153
154       conf-init
155              Initialize the configuration database. (*)
156
157       conf-check
158              Check the server configuration. (*)
159
160       conf-import filename
161              Import a configuration file  into  the  configuration  database.
162              Ensure the server is not using the configuration database! (*)
163
164       conf-export [filename]
165              Export  the configuration database into a config file or stdout.
166              (*)
167
168       conf-list [item]
169              List the configuration database sections or section items.
170
171       conf-read [item]
172              Read the item from the active configuration database.
173
174       conf-begin
175              Begin a writing configuration  database  transaction.  Only  one
176              transaction can be opened at a time.
177
178       conf-commit
179              Commit the configuration database transaction.
180
181       conf-abort
182              Rollback the configuration database transaction.
183
184       conf-diff [item]
185              Get the item difference in the transaction.
186
187       conf-get [item]
188              Get the item data from the transaction.
189
190       conf-set item [data...]
191              Set the item data in the transaction.
192
193       conf-unset [item] [data...]
194              Unset the item data in the transaction.
195
196   Note
197       Empty or -- zone parameter means all zones or all zones with a transac‐
198       tion.
199
200       Use @ owner to denote the zone name.
201
202       Type item parameter in the form of section[[id]][.name].
203
204       (*) indicates a local operation which requires a configuration.
205
206   Interactive mode
207       The utility provides interactive mode with basic line editing function‐
208       ality, command completion, and command history.
209
210       Interactive  mode  behavior  can  be  customized in ~/.editrc. Refer to
211       editrc(5) for details.
212
213       Command history is saved in ~/.knotc_history.
214

EXAMPLES

216   Reload the whole server configuration
217          $ knotc reload
218
219   Flush the example.com and example.org zones
220          $ knotc zone-flush example.com example.org
221
222   Get the current server configuration
223          $ knotc conf-read server
224
225   Get the list of the current zones
226          $ knotc conf-read zone.domain
227
228   Get the master remotes for the example.com zone
229          $ knotc conf-read 'zone[example.com].master'
230
231   Add example.org zone with a zonefile location
232          $ knotc conf-begin
233          $ knotc conf-set 'zone[example.org]'
234          $ knotc conf-set 'zone[example.org].file' '/var/zones/example.org.zone'
235          $ knotc conf-commit
236
237   Get the SOA record for each configured zone
238          $ knotc zone-read -- @ SOA
239

SEE ALSO

241       knotd(8), knot.conf(5), editrc(5).
242

AUTHOR

244       CZ.NIC Labs <https://www.knot-dns.cz>
245

COPYRIGHT

247       Copyright 2010–2019, CZ.NIC, z.s.p.o.
248
249
250
251
2522.7.6                             2019-01-23                          KNOTC(8)