nsupdate(1M)
NAME
nsupdate - update Internet name servers interactively
SYNOPSIS
nsupdate [-k keydir:keyname] [-d] [-v] [filename]
DESCRIPTION
The nsupdate program can be used to update Internet domain
name servers that support dynamic update. nsupdate uses the
DNS resolver library to pass messages to the DNS server
requesting the addition or deletion of DNS resource records
(RR's). nsupdate reads input from filename or from standard
input.
OPTIONS
nsupdate supports the following options:
-d Debug mode.
-k Sign updates with Secret Key Transaction Authentica-
tion for DNS (TSIG).
-v Virtual circuit. Make use of TCP to communicate with
the server. The default is UDP.
USAGE
nsupdate reads input records, one per line. Each line con-
tributes a resource record to an update request. All domain
names used in a single update request must belong to the
same DNS zone. Updates are sent ot the master server as
defined in the SOA MNAME field. A blank line causes the
accumulated records to be formatted into a single update
request and transmitted to the zone's authoritative name
servers. Additional records may follow, which are formed
into additional, but completely independent, update
requests. End the input with a blank line in order to
transmit the last request.
Records take one of two general forms. Prerequisite records
specify conditions that must be satisfied before the request
will be processed. Update records specify changes to be made
to the DNS database. An update request consists of zero or
more prerequisites and one or more updates. Each update
request is processed atomically. All prerequisites must be
satisfied, then all updates will be performed.
nsupdate understands the following input record formats:
prereq nxdomain domain-name
This format requires that no RR of any type exist with name
domain-name.
prereq yxdomain domain-name
This format requires that at least one RR names domain-name
must exist.
prereq nxrrset domain-name [class] type
This format requires that no RR exist of the specified type
and domain-name.
prereq yxrrset domain-name [class] type [data ...]
This format requires that an RR exist of the specified type
and domain-name. If data is specified, it must match
exactly.
update delete domain-name [class] [type [data ...]]
This format deletes RR's names domain-name. If type (and
possibly data) are specified, only matching records will be
deleted.
update add domain-name ttl [class] type data ...
This format adds a new RR of specified ttl, type and data.
EXAMPLES
Example 1: Using nsupdate Interactively To Change an IP
Address
The following example shows the interactive use of nsupdate
to change an IP address. It deletes any existing A records
for a domain name and then inserts a new address. Since no
prerequisites are specified, the new record will be added
even if there are no existing records to delete. A trailing
blank line is required to process the request.
example$ nsupdate
>update delete test.example.com A
>update add test.example.com 3600 A 10.1.1.1
>
Example 2: Using nsupdate Interactively to Add a CNAME
(Alias)
In the following example, a CNAME (alias) is added to the
database only if there are no existing A or CNAME records
for the domain name.
example$ nsupdate
>prereq nxrrset www.example.com A
>prereq nxrrset www.example.com CNAME
>update add www.example.com 3600 CNAME test.test.com
>
Example 3: Using nsupdate Interactively With a Key
In the following example, nsupdate is signed with the key
mykey, which is located in the directory /var/named/keys.
example$ nsupdate -k /var/named/keys:mykey
>update add ftp.example.com 60 A 192.168.5.1
>
FILES
/etc/resolv.conf
Initial domain name and name server addresses.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|
| Interface Stability | Standard BIND 8.2.4 |
|_____________________________|_____________________________|
SEE ALSO
in.named(1M),resolver(3RESOLV), resolv.conf(4), attri-
butes(5)
Mockapetris, P. RFC 1034, Domain Names - Concepts and Facil-
ities. Network Working Group. November 1987.
Mockapetris, P. RFC 1035, Domain Names - Implementation and
Specification. Network Working Group. November 1987.
Vixie, P., editor, Thomson, S., Rekhter, Y. Bound, J. RFC
2136, Dynamic Updates in the Domain Name System (DNS). Net-
work Working Group. April 1997.
DIAGNOSTICS
Qq send error
This message typically indicates that authoritative name
servers could not be reached.
Qq failed update packet
This message typically indicates that the name server
has rejected the update. Either the name server does not
support dynamic update, or there was an authentication
failure.
Qq res_mkupdate: packet size = size
If this is the only message sent, it indicates that the
update was received and authenticated by the name
server. However, the prerequisites may have prevented
the update from being performed. Use debug mode (the -d
option) to examine the status field in the name server's
reply and determine if the update was performed.
Man(1) output converted with
man2html