1KNOTC(8)                           Knot DNS                           KNOTC(8)
2
3
4

NAME

6       knotc - Knot DNS control utility
7

SYNOPSIS

9       knotc [parameters] action [action_args]
10

DESCRIPTION

12       If no action is specified, the program is executed in interactive mode.
13
14   Parameters
15       -c, --config file
16              Use     a     textual    configuration    file    (default    is
17              /etc/knot/knot.conf).
18
19       -C, --confdb directory
20              Use  a  binary  configuration  database  directory  (default  is
21              /var/lib/knot/confdb).   The  default configuration database, if
22              exists, has a preference to the default configuration file.
23
24       -m, --max-conf-size MiB
25              Set maximum size of the configuration database (default  is  500
26              MiB, maximum 10000 MiB).
27
28       -s, --socket path
29              Use a control UNIX socket path (default is /run/knot/knot.sock).
30
31       -t, --timeout seconds
32              Use a control timeout in seconds. Set to 0 for infinity (default
33              is 10).  The control socket operations are also subject  to  the
34              timeout  parameter  set  on  the server side in server's Control
35              configuration section.
36
37       -b, --blocking
38              Zone event trigger commands wait until the event is finished.
39
40       -f, --force
41              Forced operation. Overrides some checks.
42
43       -v, --verbose
44              Enable debug output.
45
46       -h, --help
47              Print the program help.
48
49       -V, --version
50              Print the program version.
51
52   Actions
53       status [detail]
54              Check if the server is running. Details are version for the run‐
55              ning  server version, workers for the numbers of worker threads,
56              or configure for the configure summary.
57
58       stop   Stop the server if running.
59
60       reload Reload the server configuration and  modified  zone  files.  All
61              open zone transactions will be aborted!
62
63       stats [module[.counter]]
64              Show  global  statistics counter(s). To print also counters with
65              value 0, use force option.
66
67       zone-status zone [filter]
68              Show the zone status. Filters are +role, +serial,  +transaction,
69              +events, and +freeze.
70
71       zone-check [zone...]
72              Test  if  the server can load the zone. Semantic checks are exe‐
73              cuted if enabled in the configuration. When  invoked  with  flag
74              -f/--force  an  error  is  returned  when semantic check warning
75              appears. (*)
76
77       zone-reload [zone...]
78              Trigger a zone reload from a disk without checking its modifica‐
79              tion  time.  For slave zone, the refresh from a master server is
80              scheduled; for master zone, the notification of slave servers is
81              scheduled. An open zone transaction will be aborted! (#)
82
83       zone-refresh [zone...]
84              Trigger a check for the zone serial on the zone's master. If the
85              master has a newer zone, a transfer is scheduled.  This  command
86              is valid for slave zones. (#)
87
88       zone-retransfer [zone...]
89              Trigger  a  zone  transfer  from  the  zone's master. The server
90              doesn't check the serial of the master's zone. This  command  is
91              valid for slave zones. (#)
92
93       zone-notify [zone...]
94              Trigger  a  NOTIFY  message  to all configured remotes. This can
95              help in cases when previous NOTIFY had been lost or  the  slaves
96              offline. (#)
97
98       zone-flush [zone...] [+outdir directory]
99              Trigger  a zone journal flush to the configured zone file. If an
100              output directory is specified, the current zone  is  immediately
101              dumped  (in  the  blocking mode) to a zone file in the specified
102              directory. (#)
103
104       zone-sign [zone...]
105              Trigger a DNSSEC re-sign of the zone. Existing  signatures  will
106              be dropped.  This command is valid for zones with DNSSEC signing
107              enabled. (#)
108
109       zone-key-rollover zone key_type
110              Trigger immediate key rollover. Publish new key and start a  key
111              rollover,  even  when the key has a lifetime to go. Key type can
112              be ksk (also for CSK) or zsk. This command is  valid  for  zones
113              with  DNSSEC  signing and automatic key management enabled. Note
114              that complete key rollover consists of  several  steps  and  the
115              blocking mode relates to the initial one only! (#)
116
117       zone-ksk-submitted zone...
118              Use  when  the  zone's  KSK  rollover is in submission phase. By
119              calling this command the user confirms manually that the  parent
120              zone  contains DS record for the new KSK in submission phase and
121              the old KSK can be retired. (#)
122
123       zone-freeze [zone...]
124              Temporarily  postpone  zone-changing  events   (load,   refresh,
125              update, flush, and DNSSEC signing). (#)
126
127       zone-thaw [zone...]
128              Dismiss zone freeze. (#)
129
130       zone-read zone [owner [type]]
131              Get zone data that are currently being presented.
132
133       zone-begin zone...
134              Begin a zone transaction.
135
136       zone-commit zone...
137              Commit  the  zone  transaction.  All  changes are applied to the
138              zone.
139
140       zone-abort zone...
141              Abort the zone transaction. All changes are discarded.
142
143       zone-diff zone
144              Get zone changes within the transaction.
145
146       zone-get zone [owner [type]]
147              Get zone data within the transaction.
148
149       zone-set zone owner [ttl] type rdata
150              Add zone record within the transaction. The first  record  in  a
151              rrset requires a ttl value specified.
152
153       zone-unset zone owner [type [rdata]]
154              Remove zone data within the transaction.
155
156       zone-purge zone... [filter...]
157              Purge zone data, zone file, journal, timers, and/or KASP data of
158              specified zones.   Available  filters  are  +expire,  +zonefile,
159              +journal,  +timers,  and +kaspdb. If no filter is specified, all
160              filters are enabled.  If the zone is no longer  configured,  add
161              +orphan filter (zone file cannot be purged in this case). (#)
162
163       zone-stats zone [module[.counter]]
164              Show  zone  statistics  counter(s).  To print also counters with
165              value 0, use force option.
166
167       conf-init
168              Initialize the configuration database. (*)
169
170       conf-check
171              Check the server configuration. (*)
172
173       conf-import filename
174              Import a configuration file  into  the  configuration  database.
175              Ensure the server is not using the configuration database! (*)
176
177       conf-export [filename]
178              Export  the configuration database into a config file or stdout.
179              (*)
180
181       conf-list [item]
182              List the configuration database sections or section items.
183
184       conf-read [item]
185              Read the item from the active configuration database.
186
187       conf-begin
188              Begin a writing configuration  database  transaction.  Only  one
189              transaction can be opened at a time.
190
191       conf-commit
192              Commit the configuration database transaction.
193
194       conf-abort
195              Rollback the configuration database transaction.
196
197       conf-diff [item]
198              Get the item difference in the transaction.
199
200       conf-get [item]
201              Get the item data from the transaction.
202
203       conf-set item [data...]
204              Set the item data in the transaction.
205
206       conf-unset [item] [data...]
207              Unset the item data in the transaction.
208
209   Note
210       Empty or -- zone parameter means all zones or all zones with a transac‐
211       tion.
212
213       Use @ owner to denote the zone name.
214
215       Type item parameter in the form of section[[id]][.name].
216
217       (*) indicates a local operation which requires a configuration.
218
219       (#) indicates an optionally blocking operation.
220
221       The -b and -f options can be placed right after the command name.
222
223   Interactive mode
224       The utility provides interactive mode with basic line editing function‐
225       ality, command completion, and command history.
226
227       Interactive  mode  behavior  can  be  customized in ~/.editrc. Refer to
228       editrc(5) for details.
229
230       Command history is saved in ~/.knotc_history.
231

EXIT VALUES

233       Exit status of 0 means successful  operation.  Any  other  exit  status
234       indicates an error.
235

EXAMPLES

237   Reload the whole server configuration
238          $ knotc reload
239
240   Flush the example.com and example.org zones
241          $ knotc zone-flush example.com example.org
242
243   Get the current server configuration
244          $ knotc conf-read server
245
246   Get the list of the current zones
247          $ knotc conf-read zone.domain
248
249   Get the master remotes for the example.com zone
250          $ knotc conf-read 'zone[example.com].master'
251
252   Add example.org zone with a zonefile location
253          $ knotc conf-begin
254          $ knotc conf-set 'zone[example.org]'
255          $ knotc conf-set 'zone[example.org].file' '/var/zones/example.org.zone'
256          $ knotc conf-commit
257
258   Get the SOA record for each configured zone
259          $ knotc zone-read -- @ SOA
260

SEE ALSO

262       knotd(8), knot.conf(5), editrc(5).
263

AUTHOR

265       CZ.NIC Labs <https://www.knot-dns.cz>
266
268       Copyright 2010–2020, CZ.NIC, z.s.p.o.
269
270
271
272
2732.9.3                             2020-03-03                          KNOTC(8)
Impressum