nsupdate4 Command

Purpose

Updates a DNS server.

Syntax

nsupdate4 [ -a ] [ -g ] [ -i ] [ -q ] [ -v ] [ -? ] [ -k KeyFile] [ -h HostName ] [ -d DomainName ] [ -p PrimaryName ] [ -r IPAddress ] [ -s "CommandString"]

Description

The nsupdate4 command updates the DNS server. The nsupdate4 command runs in either interactive mode or command mode. If a command string is provided, the nsupdate4 command runs the command string and then exits. The return code is dependent upon the successfulness of the command string.

The valid internal commands for the command string or interactive modes are:

Item Description
r Reset update packets. This must be first.
d Delete a record. Following this command are questions for a record type and the value to delete.
a Add a record. Following this command are questions for a record type and the value to add.
n Add a record only if it doesn't exist yet. Following this command are questions for a record type and the value to add.
e Add a record only if it already exists. Following this command are questions for a record type and the value to add.
t Sets the default time to live value for the updated records.
s Signs the update. Depending on if the -a or -g flags were specified, a key will be generated and the update will be signed.
x Transmit the update packet to the server specified by the -p flag.
v Turns on or off verbose mode.
i Returns the information passed in by the parameters.
p Prints the update packet in record format.
q Exits the command

The -g flag allows you to generate a set of keys to distribute to clients for use in secure mode. This flag takes the hostname and the primary name and generates a public and a private key. For secure mode zone operation, the public is entered into the DNS server's database for the data to secure and the private key is placed on the client so that it can update that information at a later time.

The -a flag allows you to enter administrative mode. The zone may be secured by a zone key. This key gives the user full access to the zone. The -a flag tries to use the zone key for update signatures instead of the individual records key.

Flags

Item Description
-a Administrative mode. Attempts to use zone key instead of individual records key.
-d DomainName Specifies the name of the domain to apply the update to. This is used with all records except PTR records.
-g Generation mode. Used to generate a key pair for a primary name and a hostname.
-h HostName Specifies the name of the record to update. This is used with all records except PTR records.
-i Ignores errors and runs all the commands in the string.
-k KeyFile Specifies the name of the default keyfile. This is the file for keys.
-p PrimaryName Specifies the name or IP address of a DNS server. The primary DNS server is prefered.
-q Turns off output.
-r IPAddress Specifies the IP Address of the record to update. This is used only with PTR records.
-s "CommandString" A set of internal commands separated by spaces or colons.
-v Turns on verbose output.
-? Command line options list

Exit Status

This command returns the following exit values:

Item Description
0 Successful completion.
>0 An error occurred.

Security

Access Control: Any User

Example

To initialize a packet, delete all A records for the specified hostname, add an A record for the hostname to 9.3.145.2 association, signed and valid for 300 seconds with a default KEY pad of 3110400, transmit the packet, and quit, enter: (where ";" is pressing the enter key)

r;d;a;*;a;a;9.3.145.2;s;300;3110400;x;q

If any one of the items had failed, a message would be printed. In command line mode, an error would cause the program to exit and return 1.

Files

Item Description
/usr/sbin/nsupdate4 Contains the nsupdate4 command.
/usr/sbin/named Contains the DNS server.