|
|
发表于 2003-2-18 10:57:45
|
显示全部楼层
NSUPDATE( NSUPDATE(
NAME
nsupdate - Dynamic DNS update utility
SYNOPSIS
nsupdate [ -d ] [ [ -y keyname:secret ] [ -k keyfile ] ] [ -v ] [
filename ]
DESCRIPTION
nsupdate is used to submit Dynamic DNS Update requests as defined in
RFC2136 to a name server. This allows resource records to be added or
removed from a zone without manually editing the zone file. A single
update request can contain requests to add or remove more than one
resource record.
Zones that are under dynamic control via nsupdate or a DHCP server
should not be edited by hand. Manual edits could conflict with dynamic
updates and cause data to be lost.
The resource records that are dynamically added or removed with nsup-
date have to be in the same zone. Requests are sent to the zone's mas-
ter server. This is identified by the MNAME field of the zone's SOA
record.
The -d option makes nsupdate operate in debug mode. This provides
tracing information about the update requests that are made and the
replies received from the name server.
Transaction signatures can be used to authenticate the Dynamic DNS
updates. These use the TSIG resource record type described in RFC2845.
The signatures rely on a shared secret that should only be known to
nsupdate and the name server. Currently, the only supported encryption
algorithm for TSIG is HMAC-MD5, which is defined in RFC 2104. Once
other algorithms are defined for TSIG, applications will need to ensure
they select the appropriate algorithm as well as the key when authenti-
cating each other. For instance suitable key and server statements
would be added to /etc/named.conf so that the name server can associate
the appropriate secret key and algorithm with the IP address of the
client application that will be using TSIG authentication. nsupdate
does not read /etc/named.conf.
nsupdate uses the -y or -k option to provide the shared secret needed
to generate a TSIG record for authenticating Dynamic DNS update
requests. These options are mutually exclusive. With the -k option,
nsupdate reads the shared secret from the file keyfile, whose name is
of the form K{name}.+157.+{random}.private. For historical reasons,
the file K{name}.+157.+{random}.key must also be present. When the -y
option is used, a signature is generated from keyname:secret. keyname
is the name of the key, and secret is the base64 encoded shared secret.
Use of the -y option is discouraged because the shared secret is sup-
plied as a command line argument in clear text. This may be visible in
the output from ps(1) or in a history file maintained by the user's
shell.
By default nsupdate uses UDP to send update requests to the name
server. The -v option makes nsupdate use a TCP connection. This may
be preferable when a batch of update requests is made.
2003年02月18日上午10时53分23秒[root@gugonghcs hdc5]# rpm -qli bind-utils-9.2.1-9
Name : bind-utils Relocations: (not relocateable)
Version : 9.2.1 Vendor: Red Hat, Inc.
Release : 9 Build Date: 2002年08月07日 星期三 21时27分31秒
Install date: 2002年10月03日 星期四 00时05分08秒 Build Host: astest
Group : 应用程序/系统 Source RPM: bind-9.2.1-9.src.rpm
Size : 1752498 License: BSD-like
Signature : DSA/SHA1, 2002年09月04日 星期三 05时10分19秒, Key ID 219180cddb42a60e
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL : http://www.isc.org/products/BIND/
Summary : 用来查询 DNS 名称服务器的工具。
Description :
Bind-utils 包括一组用来查询 DNS (域名系统) 名称服务器
来发现关于互联网主机信息的工具。这些工具可以向
您提供:给定的主机名的 IP 地址,有关注册域的其它
信息,以及网络地址。
如果您需要从 DNS 名称服务器中获取信息,您应该安装
Bind-utils 软件包。
/usr/bin/dig
/usr/bin/host
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/lib/libdns.so.5
/usr/lib/libdns.so.5.3.0
/usr/lib/libisc.so.4
/usr/lib/libisc.so.4.1.0
/usr/lib/liblwres.so.1
/usr/lib/liblwres.so.1.1.0
/usr/share/man/man1/dig.1.gz
/usr/share/man/man1/host.1.gz
/usr/share/man/man5/resolver.5.gz
/usr/share/man/man8/nslookup.8.gz
/usr/share/man/man8/nsupdate.8.gz
2003年02月18日上午10时53分24秒[root@gugonghcs hdc5]# |
|
IP卡
狗仔卡
发表于 2003-2-18 09:34:09
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡