1rndc(1M)                System Administration Commands                rndc(1M)
2
3
4

NAME

6       rndc - name server control utility
7

SYNOPSIS

9       rndc [-V] [-c config-file] [-k key-file] [-s server]
10            [-p port] [-y key_id] command
11
12

DESCRIPTION

14       The rndc utility controls the operation of a name server. It supersedes
15       the ndc utility that was provided in previous BIND releases. If rndc is
16       invoked  with  no  command line options or arguments, it prints a short
17       summary of the supported commands and the available options  and  their
18       arguments.
19
20
21       The  rndc  utility communicates with the name server over a TCP connec‐
22       tion, sending commands authenticated with digital signatures. The  only
23       supported  authentication algorithm in the current versions of rndc and
24       named(1M) is HMAC-MD5, which uses a shared secret on each  end  of  the
25       connection.  This  algorithm provides TSIG-style authentication for the
26       command request and the name server's response. All commands sent  over
27       the channel must be signed by a key_id known to the server.
28
29
30       The rndc utility reads a configuration file to determine how to contact
31       the name server and decide what algorithm and key it should use.
32

OPTIONS

34       The following options are supported:
35
36       -c config-file    Use config-file as the configuration file instead  of
37                         the default /etc/rndc.conf.
38
39
40       -k key-file       Use  key-file as the key file instead of the default,
41                         /etc/rndc.key. The key in /etc/rndc.key  is  used  to
42                         authenticate  commands sent to the server if the con‐
43                         fig-file does not exist.
44
45
46       -s server         The server argument is the name  or  address  of  the
47                         server that matches a server statement in the config‐
48                         uration file for rndc. If no server  is  supplied  on
49                         the  command  line,  the  host  named by the default-
50                         server clause in the options statement  of  the  rndc
51                         configuration file is used.
52
53
54       -p port           Send  commands  to  TCP port port instead of BIND 9's
55                         default control channel port, 953.
56
57
58       -V                Enable verbose logging.
59
60
61       -y key_id         Use the key key_id from the configuration  file.  The
62                         key_id  argument must be known by named with the same
63                         algorithm and secret string for control message vali‐
64                         dation  to  succeed.  If no key_id is specified, rndc
65                         will first look for a key clause in the server state‐
66                         ment of the server being used, or if no server state‐
67                         ment is present for that host, then  the  default-key
68                         clause  of  the  options statement. The configuration
69                         file contains shared secrets that are  used  to  send
70                         authenticated  control  commands  to name servers. It
71                         should therefore  not  have  general  read  or  write
72                         access.
73
74
75
76       For  the  complete  set  of  commands supported by rndc, see the BIND 9
77       Administrator Reference Manual or run rndc without arguments to see its
78       help message.
79

LIMITATIONS

81       The  rndc  utility  does not support all the commands of the BIND 8 ndc
82       utility.
83
84
85       There is no way to provide the shared secret for a key_id without using
86       the configuration file.
87
88
89       Several error messages could be clearer.
90

ATTRIBUTES

92       See attributes(5) for descriptions of the following attributes:
93
94
95
96
97       ┌─────────────────────────────┬─────────────────────────────┐
98       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
99       ├─────────────────────────────┼─────────────────────────────┤
100       │Availability                 │SUNWbind                     │
101       ├─────────────────────────────┼─────────────────────────────┤
102       │Interface Stability          │External                     │
103       └─────────────────────────────┴─────────────────────────────┘
104

SEE ALSO

106       named(1M), rndc-confgen(1M), rndc.conf(4), attributes(5)
107
108
109       BIND 9 Administrator Reference Manual
110
111
112
113SunOS 5.11                        24 Dec 2008                         rndc(1M)
Impressum