|
|
SYNOPSIS
nsupdate [-k keydir:keyname] [-d] [-v] [filename]
DESCRIPTION
Nsupdate is a program to update Internet domain name servers supporting
dynamic update. Nsupdate uses the DNS resolver library to pass messages
to a DNS server requesting the additional or deletion of DNS resource
records (RRs). Nsupdate reads input from filename or standard input.
ARGUMENTS
-k Sign updates with TSIG.
-d Debug mode.
-v Virtual circuit - use TCP to communication with server. De-
fault is UDP.
INPUT FORMAT
Nsupdate reads input records, one per line, each line contributing a re-
source record to an update request. All domain names used in a single
update request must belong to the same DNS zone. Updates are sent to the
master server as defined in the SOA MNAME field. A blank line causes the
accumulated records to be formated into a single update request and
transmitted to the zone's authoritative name servers. Additional records
may follow, which are formed into additional, completely independent up-
date requests. For the last request to be transmitted, a blank line must
end the input.
Records take one of two general forms. Prerequisite records specify con-
ditions that must be satisfied before the request will be processed.
Update records specify changes to be made to the DNS database. A update
request consists of zero or more prerequisites and one or more updates.
Each update request is processed atomically - all prerequisites must be
satisfied, then all updates will be performed.
Nsupdate understands the following input record formats:
prereq nxdomain domain-name
Requires that no RR of any type exists with name domain-name.
prereq yxdomain domain-name
Requires that at least one RR named domain-name must exist.
prereq nxrrset domain-name [class] type
Requires that no RR exists of the specified type and domain-name.
prereq yxrrset domain-name [class] type [data...]
Requires that a RR exists of the specified type and domain-name. If data
is specified, it must match exactly.
update delete domain-name [class] [type [data...]]
Deletes RRs named domain-name. If type (and possibly data) is specified,
only matching records will be deleted.
update add domain-name ttl [class] type data...
Adds a new RR with specified ttl, type, and data.
EXAMPLES
The following example illustrates the interactive use of nsupdate to
change an IP address by deleting any existing A records for a domain name
and then inserting a new one. Since no prerequisites are specified, the
new record will be added even if there were no existing records to
delete. Note the trailing blank line, required to process the request.
$ nsupdate
> update delete test.example.com A
> update add test.example.com 3600 A 10.1.1.1
>
In this example, a CNAME alias is added to the database only if there are
no existing A or CNAME records for the domain name.
$ nsupdate
> prereq nxrrset www.example.com A
> prereq nxrrset www.example.com CNAME
> update add www.example.com 3600 CNAME test.example.com
>
In this example, the nsupdate will be signed with the key "mykey", which
is in the directory "/var/named/keys".
$ nsupdate -k /var/named/keys:mykey
> update add ftp.example.com 60 A 192.168.5.1
>
DIAGNOSTICS
Qq send error
Typically indicates that the authoritative nameservers could not be
reached
Qq failed update packet
Typically indicates that the nameserver has rejected the update, either
because the nameserver doesn't support dynamic update, or due to an au-
thentication failure
Qq res_mkupdate: packet size = size
(and no other messages) The update was successfully received and authen-
ticated by the nameserver. The prerequisites, however, may have prevent-
ed the update from actually being performed. The only way to determine
if the update was performed is to use debug mode (-d) and examine the
status field in the nameserver's reply.
FILES
/etc/resolv.conf
initial domain name and name server addresses
SEE ALSO
named(ADMN), resolver(SFF), resolver(SLIB); RFC-1034, ``Domain Names -
Concepts and Facilities''; RFC-1035, ``Domain Names - Implementation and
Specification''; RFC-2136, Dynamic Updates in the Domain Name System.
AUTHOR
Brent Baccala
4th Berkeley Distribution March 5, 1999 2