Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
NAMED-CHECKCONF(1)		    BIND 9		    NAMED-CHECKCONF(1)

NAME
       named-checkconf - named configuration file syntax checking tool

SYNOPSIS
       named-checkconf [-achjklvz] [-p [-x ]] [-t directory] {filename}

DESCRIPTION
       named-checkconf	checks	the  syntax, but not the semantics, of a named
       configuration file. The file, along with	all files included by  it,  is
       parsed and checked for syntax errors. If	no file	is specified, /usr/lo-
       cal/etc/namedb/named.conf is read by default.

       Note:  files  that  named  reads	 in  separate parser contexts, such as
       rndc.conf or rndc.key, are not automatically read  by  named-checkconf.
       Configuration  errors  in  these	 files may cause named to fail to run,
       even if named-checkconf was successful.	However,  named-checkconf  can
       be run on these files explicitly.

OPTIONS
       -a     Don't  check  the	 dnssec-policy's DNSSEC	key algorithms against
	      those supported by the crypto provider.	This  is  useful  when
	      checking a named.conf intended to	be run on another machine with
	      possibly a different set of supported DNSSEC key algorithms.

       -h     This option prints the usage summary and exits.

       -j     When loading a zonefile, this option instructs named to read the
	      journal if it exists.

       -k     Check  the  dnssec-policy's DNSSEC keys against the key files in
	      the key-directory.  This is useful when checking a named.conf to
	      ensure a DNSSEC policy matches the existing keys.

       -l     This option lists	all the	configured zones. Each line of	output
	      contains	the  zone  name, class (e.g. IN), view,	and type (e.g.
	      primary or secondary).

       -c     This option specifies that only the "core" configuration	should
	      be  checked.  This suppresses the	loading	of plugin modules, and
	      causes all parameters to plugin statements to be ignored.

       -i     This option ignores warnings on deprecated options.

       -p     This option prints out the  named.conf  and  included  files  in
	      canonical	 form  if no errors were detected. See also the	-x op-
	      tion.

       -t directory
	      This option instructs named to chroot to directory, so that  in-
	      clude  directives	 in the	configuration file are processed as if
	      run by a similarly chrooted named.

       -v     This option prints the version of	 the  named-checkconf  program
	      and exits.

       -x     When  printing  the  configuration files in canonical form, this
	      option obscures shared secrets by	replacing them with strings of
	      question marks (?). This allows the contents of  named.conf  and
	      related  files  to  be shared - for example, when	submitting bug
	      reports -	without	compromising private data. This	option	cannot
	      be used without -p.

       -z     This  option  performs  a	test load of all zones of type primary
	      found in named.conf.

       filename
	      This indicates the name of the configuration file	to be checked.
	      If    not	    specified,	   it	  defaults     to     /usr/lo-
	      cal/etc/namedb/named.conf.

RETURN VALUES
       named-checkconf returns an exit status of 1 if errors were detected and
       0 otherwise.

SEE ALSO
       named(8), named-checkzone(8), BIND 9 Administrator Reference Manual.

AUTHOR
       Internet	Systems	Consortium

COPYRIGHT
       2025, Internet Systems Consortium

9.20.15				  2025-10-18		    NAMED-CHECKCONF(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=named-checkconf&sektion=1&manpath=FreeBSD+Ports+15.0>

home | help