1NAMED-COMPILEZONE(1)                BIND 9                NAMED-COMPILEZONE(1)
2
3
4

NAME

6       named-compilezone - zone file validity checking or converting tool
7

SYNOPSIS

9       named-compilezone  [-d]  [-h] [-j] [-q] [-v] [-c class] [-f format] [-F
10       format] [-J filename] [-i mode] [-k mode] [-m mode] [-M mode] [-n mode]
11       [-l  ttl] [-L serial] [-r mode] [-s style] [-S mode] [-t directory] [-T
12       mode] [-w directory] [-D] [-W mode] {-o filename} {zonename} {filename}
13

DESCRIPTION

15       named-compilezone checks the syntax and integrity of a zone  file,  and
16       dumps  the zone contents to a specified file in a specified format.  It
17       applies strict check levels by default, since the dump output  is  used
18       as an actual zone file loaded by named.  When manually specified other‐
19       wise, the check levels must at least be as strict as those specified in
20       the named configuration file.
21

OPTIONS

23       -d     This option enables debugging.
24
25       -h     This option prints the usage summary and exits.
26
27       -q     This option sets quiet mode, which only sets an exit code to in‐
28              dicate successful or failed completion.
29
30       -v     This option prints the version of  the  named-checkzone  program
31              and exits.
32
33       -j     When  loading  a  zone file, this option tells named to read the
34              journal if it exists. The journal file name is assumed to be the
35              zone file name with the string .jnl appended.
36
37       -J filename
38              When  loading the zone file, this option tells named to read the
39              journal from the given file, if it exists. This implies -j.
40
41       -c class
42              This option specifies the class of the zone. If  not  specified,
43              IN is assumed.
44
45       -i mode
46              This  option  performs post-load zone integrity checks. Possible
47              modes are full (the default),  full-sibling,  local,  local-sib‐
48              ling, and none.
49
50              Mode  full  checks  that  MX  records refer to A or AAAA records
51              (both in-zone and out-of-zone hostnames). Mode local only checks
52              MX records which refer to in-zone hostnames.
53
54              Mode  full  checks  that  SRV records refer to A or AAAA records
55              (both in-zone and out-of-zone hostnames). Mode local only checks
56              SRV records which refer to in-zone hostnames.
57
58              Mode  full  checks that delegation NS records refer to A or AAAA
59              records (both in-zone and out-of-zone hostnames). It also checks
60              that  glue address records in the zone match those advertised by
61              the child.  Mode local only checks NS  records  which  refer  to
62              in-zone  hostnames  or  verifies that some required glue exists,
63              i.e., when the name server is in a child zone.
64
65              Modes  full-sibling  and  local-sibling  disable  sibling   glue
66              checks,  but  are  otherwise the same as full and local, respec‐
67              tively.
68
69              Mode none disables the checks.
70
71       -f format
72              This option specifies the format of the zone file. Possible for‐
73              mats are text (the default), and raw.
74
75       -F format
76              This  option  specifies the format of the output file specified.
77              For named-checkzone, this does not have  any  effect  unless  it
78              dumps the zone contents.
79
80              Possible  formats  are text (the default), which is the standard
81              textual representation of the zone, and  raw  and  raw=N,  which
82              store  the  zone  in a binary format for rapid loading by named.
83              raw=N specifies the format version of the raw zone file: if N is
84              0,  the raw file can be read by any version of named; if N is 1,
85              the file can only be read by release 9.9.0 or  higher.  The  de‐
86              fault is 1.
87
88       -k mode
89              This option performs check-names checks with the specified fail‐
90              ure mode.  Possible modes are fail (the default), warn, and  ig‐
91              nore.
92
93       -l ttl This  option  sets a maximum permissible TTL for the input file.
94              Any record with a TTL higher than this value causes the zone  to
95              be rejected. This is similar to using the max-zone-ttl option in
96              named.conf.
97
98       -L serial
99              When compiling a zone  to  raw  format,  this  option  sets  the
100              "source serial" value in the header to the specified serial num‐
101              ber. This is expected to be used primarily for testing purposes.
102
103       -m mode
104              This option specifies whether MX records should  be  checked  to
105              see  if  they  are addresses. Possible modes are fail, warn (the
106              default), and ignore.
107
108       -M mode
109              This option checks whether a MX record refers to a CNAME. Possi‐
110              ble modes are fail, warn (the default), and ignore.
111
112       -n mode
113              This  option  specifies  whether NS records should be checked to
114              see if they are addresses. Possible  modes  are  fail  (the  de‐
115              fault), warn,  and ignore.
116
117       -o filename
118              This  option  writes the zone output to filename. If filename is
119              -, then the zone output is written to standard output.  This  is
120              mandatory for named-compilezone.
121
122       -r mode
123              This  option checks for records that are treated as different by
124              DNSSEC but are semantically equal in plain DNS.  Possible  modes
125              are fail, warn (the default), and ignore.
126
127       -s style
128              This  option specifies the style of the dumped zone file. Possi‐
129              ble styles are full (the default) and relative. The full  format
130              is  most  suitable  for  processing  automatically by a separate
131              script.  The relative format is more human-readable and is  thus
132              suitable for editing by hand.
133
134       -S mode
135              This option checks whether an SRV record refers to a CNAME. Pos‐
136              sible modes are fail, warn (the default), and ignore.
137
138       -t directory
139              This option tells named to chroot to directory, so that  include
140              directives  in the configuration file are processed as if run by
141              a similarly chrooted named.
142
143       -T mode
144              This option checks whether Sender Policy Framework (SPF) records
145              exist and issues a warning if an SPF-formatted TXT record is not
146              also present. Possible modes are warn (the default) and ignore.
147
148       -w directory
149              This option instructs named to chdir to directory, so that rela‐
150              tive  filenames in master file $INCLUDE directives work. This is
151              similar to the directory clause in named.conf.
152
153       -D     This option dumps the zone file in canonical format. This is al‐
154              ways enabled for named-compilezone.
155
156       -W mode
157              This  option  specifies  whether to check for non-terminal wild‐
158              cards. Non-terminal wildcards are almost always the result of  a
159              failure  to  understand  the  wildcard  matching  algorithm (RFC
160              4592). Possible modes are warn (the default) and ignore.
161
162       zonename
163              This indicates the domain name of the zone being checked.
164
165       filename
166              This is the name of the zone file.
167

RETURN VALUES

169       named-compilezone returns an exit status of 1 if errors  were  detected
170       and 0 otherwise.
171

SEE ALSO

173       named(8),  named-checkconf(8),  named-checkzone(8),  :rfc:`1035, BIND 9
174       Administrator Reference Manual.
175

AUTHOR

177       Internet Systems Consortium
178
180       2023, Internet Systems Consortium
181
182
183
184
1859.18.11                                                   NAMED-COMPILEZONE(1)
Impressum