Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
NAMED-COMPILEZONE(1)		    BIND 9		  NAMED-COMPILEZONE(1)

NAME
       named-compilezone - zone	file validity checking or converting tool

SYNOPSIS
       named-compilezone  [-d]	[-h]  [-j]  [-q] [-v] [-c class] [-C mode] [-f
       format] [-F format] [-J filename] [-i mode] [-k	mode]  [-m  mode]  [-M
       mode] [-n mode] [-l ttl]	[-L serial] [-r	mode] [-s style] [-S mode] [-t
       directory] [-T mode] [-w	directory] [-D]	[-W mode] {-o filename}	{zone-
       name} {filename}

DESCRIPTION
       named-compilezone  checks  the syntax and integrity of a	zone file, and
       dumps the zone contents to a specified file in a	specified format.

       Unlike named-checkzone, zone contents are not strictly checked  by  de-
       fault.  If the output is	to be used as an actual	zone file to be	loaded
       by named, then the check	levels should be manually configured to	be  at
       least as	strict as those	specified in the named configuration file.

       Running	named-checkzone	 on  the  input	prior to compiling will	ensure
       that the	zone compiles with the default requirements of named.

OPTIONS
       -d     This option enables debugging.

       -h     This option prints the usage summary and exits.

       -q     This option sets quiet mode, which only sets an exit code	to in-
	      dicate successful	or failed completion.

       -v     This option prints the version of	 the  named-checkzone  program
	      and exits.

       -j     When  loading  a	zone file, this	option tells named to read the
	      journal if it exists. The	journal	file name is assumed to	be the
	      zone file	name with the string .jnl appended.

       -J filename
	      When loading the zone file, this option tells named to read  the
	      journal from the given file, if it exists. This implies -j.

       -c class
	      This  option  specifies the class	of the zone. If	not specified,
	      IN is assumed.

       -C mode
	      This option controls check mode  on  zone	 files	when  loading.
	      Possible modes are check-svcb:fail and check-svcb:ignore.

	      check-svcb:fail  turns on	additional checks on _dns SVCB records
	      and check-svcb:ignore disables these  checks.   The  default  is
	      check-svcb:ignore.

       -i mode
	      This  option  performs post-load zone integrity checks. Possible
	      modes are	full, full-sibling,  local,  local-sibling,  and  none
	      (the default).

	      Mode  full  checks  that	MX  records refer to A or AAAA records
	      (both in-zone and	out-of-zone hostnames).	Mode local only	checks
	      MX records which refer to	in-zone	hostnames.

	      Mode full	checks that SRV	records	refer to  A  or	 AAAA  records
	      (both in-zone and	out-of-zone hostnames).	Mode local only	checks
	      SRV records which	refer to in-zone hostnames.

	      Mode  full  checks that delegation NS records refer to A or AAAA
	      records (both in-zone and	out-of-zone hostnames).	It also	checks
	      that glue	address	records	in the zone match those	advertised  by
	      the  child.   Mode  local	 only checks NS	records	which refer to
	      in-zone hostnames	or verifies that some  required	 glue  exists,
	      i.e., when the name server is in a child zone.

	      Modes   full-sibling  and	 local-sibling	disable	 sibling  glue
	      checks, but are otherwise	the same as full  and  local,  respec-
	      tively.

	      Mode none	disables the checks.

       -f format
	      This option specifies the	format of the zone file. Possible for-
	      mats are text (the default), and raw.

       -F format
	      This  option  specifies the format of the	output file specified.
	      For named-checkzone, this	does not have  any  effect  unless  it
	      dumps the	zone contents.

	      Possible	formats	 are text (the default), which is the standard
	      textual representation of	the zone, and  raw  and	 raw=N,	 which
	      store  the  zone	in a binary format for rapid loading by	named.
	      raw=N specifies the format version of the	raw zone file: if N is
	      0, the raw file can be read by any version of named; if N	is  1,
	      the  file	 can  only be read by release 9.9.0 or higher. The de-
	      fault is 1.

       -k mode
	      This option performs check-names checks with the specified fail-
	      ure mode.	 Possible modes	are fail, warn,	and  ignore  (the  de-
	      fault).

       -l ttl This  option  sets a maximum permissible TTL for the input file.
	      Any record with a	TTL higher than	this value causes the zone  to
	      be rejected. This	is similar to using the	max-zone-ttl option in
	      named.conf.

       -L serial
	      When  compiling  a  zone	to  raw	 format,  this option sets the
	      "source serial" value in the header to the specified serial num-
	      ber. This	is expected to be used primarily for testing purposes.

       -m mode
	      This option specifies whether MX records should  be  checked  to
	      see  if  they  are addresses. Possible modes are fail, warn, and
	      ignore (the default).

       -M mode
	      This option checks whether a MX record refers to a CNAME.	Possi-
	      ble modes	are fail, warn,	and ignore (the	default).

       -n mode
	      This option specifies whether NS records should  be  checked  to
	      see  if  they are	addresses. Possible modes are fail, warn,  and
	      ignore (the default).

       -o filename
	      This option writes the zone output to filename. If  filename  is
	      -,  then	the zone output	is written to standard output. This is
	      mandatory	for named-compilezone.

       -r mode
	      This option checks for records that are treated as different  by
	      DNSSEC  but  are semantically equal in plain DNS.	Possible modes
	      are fail,	warn, and ignore (the default).

       -s style
	      This option specifies the	style of the dumped zone file.	Possi-
	      ble  styles are full (the	default) and relative. The full	format
	      is most suitable for  processing	automatically  by  a  separate
	      script.	The relative format is more human-readable and is thus
	      suitable for editing by hand.

       -S mode
	      This option checks whether an SRV	record refers to a CNAME. Pos-
	      sible modes are fail, warn, and ignore (the default).

       -t directory
	      This option tells	named to chroot	to directory, so that  include
	      directives  in the configuration file are	processed as if	run by
	      a	similarly chrooted named.

       -T mode
	      This option checks whether Sender	Policy Framework (SPF) records
	      exist and	issues a warning if an SPF-formatted TXT record	is not
	      also present. Possible modes are warn and	ignore (the default).

       -w directory
	      This option instructs named to chdir to directory, so that rela-
	      tive filenames in	master file $INCLUDE directives	work. This  is
	      similar to the directory clause in named.conf.

       -D     This option dumps	the zone file in canonical format. This	is al-
	      ways enabled for named-compilezone.

       -W mode
	      This  option  specifies  whether to check	for non-terminal wild-
	      cards. Non-terminal wildcards are	almost always the result of  a
	      failure  to  understand  the  wildcard  matching	algorithm (RFC
	      4592). Possible modes are	warn and ignore	(the default).

       zonename
	      This indicates the domain	name of	the zone being checked.

       filename
	      This is the name of the zone file.

RETURN VALUES
       named-compilezone returns an exit status	of 1 if	errors	were  detected
       and 0 otherwise.

SEE ALSO
       named(8),  named-checkconf(8), named-checkzone(8), RFC 1035, BIND 9 Ad-
       ministrator Reference Manual.

AUTHOR
       Internet	Systems	Consortium

COPYRIGHT
       2025, Internet Systems Consortium

9.20.9				  2025-05-08		  NAMED-COMPILEZONE(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=named-compilezone&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help