nsupdate4 Command
Purpose
Updates a DNS server.
Syntax
nsupdate4 [ -a ] [ -g ] [ -i ] [ -q ] [ -v ] [ -? ] [ -k KeyFile] [ -h HostName ] [ -d DomainName ] [ -p PrimaryName ] [ -r IPAddress ] [ -s "CommandString"]
Description
The nsupdate4 command updates the DNS server. The nsupdate4 command runs in either interactive mode or command mode. If a command string is provided, the nsupdate4 command runs the command string and then exits. The return code is dependent upon the successfulness of the command string.
The valid internal commands for the command string or interactive modes are:
Item | Description |
---|---|
r | Reset update packets. This must be first. |
d | Delete a record. Following this command are questions for a record type and the value to delete. |
a | Add a record. Following this command are questions for a record type and the value to add. |
n | Add a record only if it doesn't exist yet. Following this command are questions for a record type and the value to add. |
e | Add a record only if it already exists. Following this command are questions for a record type and the value to add. |
t | Sets the default time to live value for the updated records. |
s | Signs the update. Depending on if the -a or -g flags were specified, a key will be generated and the update will be signed. |
x | Transmit the update packet to the server specified by the -p flag. |
v | Turns on or off verbose mode. |
i | Returns the information passed in by the parameters. |
p | Prints the update packet in record format. |
q | Exits the command |
The -g flag allows you to generate a set of keys to distribute to clients for use in secure mode. This flag takes the hostname and the primary name and generates a public and a private key. For secure mode zone operation, the public is entered into the DNS server's database for the data to secure and the private key is placed on the client so that it can update that information at a later time.
The -a flag allows you to enter administrative mode. The zone may be secured by a zone key. This key gives the user full access to the zone. The -a flag tries to use the zone key for update signatures instead of the individual records key.
Flags
Item | Description |
---|---|
-a | Administrative mode. Attempts to use zone key instead of individual records key. |
-d DomainName | Specifies the name of the domain to apply the update to. This is used with all records except PTR records. |
-g | Generation mode. Used to generate a key pair for a primary name and a hostname. |
-h HostName | Specifies the name of the record to update. This is used with all records except PTR records. |
-i | Ignores errors and runs all the commands in the string. |
-k KeyFile | Specifies the name of the default keyfile. This is the file for keys. |
-p PrimaryName | Specifies the name or IP address of a DNS server. The primary DNS server is prefered. |
-q | Turns off output. |
-r IPAddress | Specifies the IP Address of the record to update. This is used only with PTR records. |
-s "CommandString" | A set of internal commands separated by spaces or colons. |
-v | Turns on verbose output. |
-? | Command line options list |
Exit Status
This command returns the following exit values:
Item | Description |
---|---|
0 | Successful completion. |
>0 | An error occurred. |
Security
Access Control: Any User
Example
To initialize a packet, delete all A records for the specified hostname, add an A record for the hostname to 9.3.145.2 association, signed and valid for 300 seconds with a default KEY pad of 3110400, transmit the packet, and quit, enter: (where ";" is pressing the enter key)
r;d;a;*;a;a;9.3.145.2;s;300;3110400;x;q
If any one of the items had failed, a message would be printed. In command line mode, an error would cause the program to exit and return 1.
Files
Item | Description |
---|---|
/usr/sbin/nsupdate4 | Contains the nsupdate4 command. |
/usr/sbin/named | Contains the DNS server. |