NSUPDATE(8)                  BSD    System    Manager's    Manual
NSUPDATE(8)

NAME
     nsupdate - update Internet name servers interactively

SYNOPSIS
     nsupdate [-k keydir:keyname] [-d] [-v] [filename]

DESCRIPTION
     Nsupdate is a program to update Internet domain name servers
supporting
     dynamic  update.   Nsupdate uses the DNS resolver library to
pass messages
     to a DNS server requesting the additional or deletion of DNS
resource
     records  (RRs).  Nsupdate reads input from filename or stan-
dard input.

ARGUMENTS
     -k          Sign updates with TSIG.

     -d          Debug mode.

     -v          Virtual circuit - use TCP to communication  with
server.  De-
                 fault is UDP.

INPUT FORMAT
     Nsupdate  reads  input records, one per line, each line con-
tributing a re-
     source record to an update request.  All domain  names  used
in a single
     update  request  must  belong to the same DNS zone.  Updates
are sent to the
     master server as defined in the SOA MNAME  field.   A  blank
line causes the
     accumulated  records to be formated into a single update re-
quest and
     transmitted to the zone's authoritative name servers.  Addi-
tional records
     may follow, which are formed into additional, completely in-
dependent up-
     date requests.  For the last request to  be  transmitted,  a
blank line must
     end the input.

     Records take one of two general forms.  Prerequisite records
specify con-
     ditions that must be satisfied before the  request  will  be
processed.
     Update  records  specify  changes  to  be  made  to  the DNS
database.  A update
     request consists of zero or more prerequisites  and  one  or
more updates.
     Each  update request is processed atomically - all prerequi-
sites must be
     satisfied, then all updates will be performed.

     Nsupdate understands the following input record formats:

     prereq nxdomain domain-name Requires that no RR of any  type
exists with
             name domain-name.

     prereq  yxdomain  domain-name  Requires that at least one RR
named domain-
             name must exist.

     prereq nxrrset domain-name [class] type Requires that no  RR
exists of the
             specified type and domain-name.

     prereq  yxrrset  domain-name [class] type [data...] Requires
that a RR ex-
             ists of the specified type and domain-name. If  data
is specified,
             it must match exactly.

     update  delete  domain-name [class] [type [data...]] Deletes
RRs named
             domain-name. If type (and possibly data)  is  speci-
fied, only
             matching records will be deleted.

     update  add  domain-name ttl [class] type data... Adds a new
RR with speci-
             fied ttl, type, and data.

EXAMPLES
     The following example illustrates  the  interactive  use  of
nsupdate to
     change  an IP address by deleting any existing A records for
a domain name
     and then inserting a new one.  Since  no  prerequisites  are
specified, the
     new  record  will  be  added  even if there were no existing
records to
     delete.  Note the trailing blank line, required  to  process
the request.

           $ nsupdate
           > update delete test.example.com A
           > update add test.example.com 3600 A 10.1.1.1
           >

     In this example, a CNAME alias is added to the database only
if there are
     no existing A or CNAME records for the domain name.

           $ nsupdate
           > prereq nxrrset www.example.com A
           > prereq nxrrset www.example.com CNAME
           > update add  www.example.com  3600  CNAME  test.exam-
ple.com
           >

     In  this  example,  the nsupdate will be signed with the key
"mykey", which
     is in the directory "/var/named/keys".

           $ nsupdate -k /var/named/keys:mykey
           > update add ftp.example.com 60 A 192.168.5.1
           >

DIAGNOSTICS
     Qq send error Typically  indicates  that  the  authoritative
nameservers
             could not be reached

     Qq  failed  update packet Typically indicates that the name-
server has re-
             jected the update,  either  because  the  nameserver
doesn't support
             dynamic update, or due to an authentication failure

     Qq  res_mkupdate: packet size = size (and no other messages)
The update
             was successfully received and authenticated  by  the
nameserver.
             The  prerequisites,  however, may have prevented the
update from
             actually being performed.  The only way to determine
if the up-
             date was performed is to use debug mode (-d) and ex-
amine the sta-
             tus field in the nameserver's reply.

FILES
     /etc/resolv.conf initial domain name  and  name  server  ad-
dresses

SEE ALSO
     named(8),   resolver(3),   resolver(5);   RFC-1034, ``Domain
Names -
     Concepts and Facilities''; RFC-1035, ``Domain Names - Imple-
mentation and
     Specification'';  RFC-2136,  Dynamic  Updates  in the Domain
Name System.

AUTHOR
     Brent Baccala

4th    Berkeley     Distribution            March     5,     1999
2