.\" Hey, Emacs! This is an -*- nroff -*- source file. .TH CHIARK\-NAMED\-CONF 8 "30th December 2001" "Greenend" "chiark utilities" .SH NAME chiark\-named\-conf \- check and generate nameserver configuration .SH SYNOPSIS .B chiark\-named\-conf [\fIoptions\fP] \-n|\-y|\-f .br .B chiark\-named\-conf [\fIoptions\fP] \fIzone ...\fP .SH DESCRIPTION .B chiark\-named\-conf is a tool for managing nameserver configurations and checking for suspected DNS problems. Its main functions are to check that delegations are appropriate and working, and to generate a configuration for .BR BIND , from its own input file. .SH OPTIONS .SS MODE OPTIONS If one of the options .BR -n ", " -y ", or " -f is supplied then chiark-named-conf will read its main configuration file for the list of relevant zones. It will then check the configuration and delegation for each zone and/or generate and install a new configuration file for the nameserver: .TP .BR \-y | \-\-yes Generate and install new nameserver config, as well as checking configuration, for all listed zones. .TP .BR \-n | \-\-no Check configuration, for all listed zones, but do not generate new nameserver config. .TP .BR \-f | \-\-force Generate and install new nameserver config, without doing any configuration cross-checking. (Syntax errors in our input configuration will still abort this operation.) .LP Alternatively, one or more zone names may be supplied as arguments, in which case their delegations will be checked, and compared with the data for that zone in the main configuration (if any). In this case no new configuration file for the nameserver will be made. .SS ADDITIONAL OPTIONS .TP \fB\-C\fP|\-\-config \fIconfig\-file\fP Use .I config\-file instead of .BR /etc/bind/chiark-conf-gen.zones . .TP .BR \-q | \-\-quiet Do not print any information about zone(s) which do not have warnings. .TP .BR \-v | \-\-verbose Print additional information about each zone. .TP .BR \-D Enables debugging. Useful for debugging chiark\-named\-conf, but probably not useful for debugging your DNS configuration. .SH CONFIGURATION The file .B /etc/bind/chiark-conf-gen.zones (or other file specified with the .B \-C option) contains a sequence of directives, one per line. Blank lines are permitted. Leading and trailing whitespace on each line is ignored. Comments are lines starting with .BR # . .SS GENERAL DIRECTIVES These directives specify general configuration details. They should appear before directives specifying zones, as each will affect only later zone directives. .TP \fBself\-ns\fP \fIfqdn ...\fP Specifies the list of names that this server may be known by in NS records. There is no default. .TP \fBself\-soa\fP \fIfqdn ...\fP Specifies the list of names that this server may be known by in the ORIGIN field of SOA records. There is no default. .TP \fBself\fP \fIfqdn ...\fP Equivalent to both .BR self\-ns " and " self-\soa with the same set of names. .TP \fBslave\-dir\fP \fIdirectory\fP [[\fIprefix\fP] \fIsuffix\fP] Specifies the directory in which slave (secondary and stealth) zonefiles should be placed. The default .I directory is .BR /var/cache/bind/chiark-slave . The default .IR suffix " and " prefix are empty; they also will be reset to these defaults by a .B slave\-dir directive which does not specify them. .TP \fBdefault\-dir\fP \fIdirectory\fP Makes .I directory be the default directory (which affects the interpretation of relative filenames). The default is the directory containing the main configuration file, ie .BR /etc/bind if no .B -C option is specified. .TP \fBoutput\fP \fIformat\fP \fIfilename\fP [\fIformat\fP \fIfilename ...\fP] Arranges that each .I filename will be overwritten when .BR -y " or " -f are used; its new contents will be configuration directives for the zones which follow for the nameserver in question. Currently the only .I format supported is .B bind8 which indicates new-style BIND 8. If no zones follow, then each file will still be overwritten, by an effectively empty file. Default: if there is no .B output directive in the configuration then the default is to use .BR bind8 " " chiark-conf-gen.bind8 ; otherwise it is an error for there to be any zones in the configuration before the first .B output directive. .SS ZONE DIRECTIVES These directives specify one or more zones. .TP \fBprimary\fP \fIzone\fP \fIfilename\fP Specifies that this server is supposed to be the primary nameserver for .I zone and that the zone data is to be found in .IR filename . .TP \fBprimary-dir\fP \fIdirectory\fP [[\fIprefix\fP] \fIsuffix\fP] Search .I directory for files whose names match the glob pattern .IR suffix * prefix . Each such file is taken to represent a zone file for which this server is supposed to be the primary. * is the name of the zone. The default for .I suffix is .BR _db ; the default for .I prefix is empty. .TP \fBsecondary\fP \fIzone\fP \fIorigin\-addr\fP Specifies that this server is supposed to be a published secondary for the zone in question. .TP \fBstealth\fP \fIzone\fP \fIserver\-addr ...\fP Specifies that this server is supposed to be an unpublished secondary (aka stealth secondary) for the zone in question. .SS OTHER DIRECTIVES .TP \fBinclude\fP \fIfile\fP Reads .I file as if it were included here. .TP \fBend\fP Ends processing of this file; any data beyond this point is ignored. .SH CHECKS chiark\-named\-conf makes the following checks: Delegations: Each delegation from a server for the superzone should contain the same set of nameservers. None of the delegations should lack glue. The glue addresses should be the same in each delegation, and agree with the local default nameserver. Delegated servers: Each server mentioned in the delegation should have the same SOA record (and obviously, should be authoritative). All published nameservers - including delegated servers and servers named in the zone's nameserver set: All nameservers for the zone should supply the same list of nameservers for the zone, and none of this authority information should be glueless. All the glue should always give the same addresses. Origin server's data: The set of nameservers in the origin server's version of the zone should be a superset of those in the delegations. Our zone configuration: For .B primary zones, the SOA origin should be one of the names specified with .BR self\-soa " (or " self ). For .B secondary zones, the address should be that of the SOA origin. For .B stealth zones, the address should be that of the SOA origin or one of the published nameservers. .SH FILES .TP .B /etc/bind/chiark-conf-gen.zones Default input configuration file. (Override with .BR -C .) .TP .B /etc/bind Default directory. (Override with .BR -C " or " default\-dir .) .TP .IB dir /chiark-conf-gen.bind8 Default output file. .TP .B /var/cache/bind/chiark-slave Default location for slave zones. .SH AUTHOR .B chiark\-named\-conf and this manpage were written by Ian Jackson .