'\" t .\" Title: b10-xfrout .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 .\" Date: December 1, 2010 .\" Manual: BIND10 .\" Source: BIND10 .\" Language: English .\" .TH "B10\-XFROUT" "8" "December 1, 2010" "BIND10" "BIND10" .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" b10-xfrout \- Outbound DNS zone transfer service .SH "SYNOPSIS" .HP \w'\fBb10\-xfrout\fR\ 'u \fBb10\-xfrout\fR [\fB\-v\fR] [\fB\-\-verbose\fR] .SH "DESCRIPTION" .PP The \fBb10\-xfrout\fR daemon provides the BIND 10 outgoing DNS zone transfer service\&. It is also used to send outgoing NOTIFY messages\&. Normally it is started by the \fBbind10\fR(8) boss process\&. When the \fBb10\-auth\fR DNS server receives a transfer request, \fBb10\-xfrout\fR sends the zone as found in the BIND 10 zone data store\&. .if n \{\ .sp .\} .RS 4 .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br .ps +1 \fBNote\fR .ps -1 .br .sp This development prototype release only supports AXFR\&. IXFR is not implemented\&. .sp .5v .RE .PP This daemon communicates with BIND 10 over a \fBb10-msgq\fR(8) C\-Channel connection\&. If this connection is not established, \fBb10\-xfrout\fR will exit\&. .PP \fBb10\-xfrout\fR receives its configurations from \fBb10-cfgmgr\fR(8)\&. .SH "CONFIGURATION AND COMMANDS" .PP The configurable settings are: .PP \fItransfers_out\fR defines the maximum number of outgoing zone transfers that can run concurrently\&. The default is 10\&. .PP \fItsig_key_ring\fR A list of TSIG keys (each of which is in the form of name:base64\-key[:algorithm]) used for access control on transfer requests\&. The default is an empty list\&. .PP \fItransfer_acl\fR A list of ACL elements that apply to all transfer requests by default (unless overridden in zone_config)\&. See the BIND 10 guide for configuration examples\&. The default is an element that allows any transfer requests\&. .PP \fIzone_config\fR A list of JSON objects (i\&.e\&. maps) that define per zone configuration concerning \fBb10\-xfrout\fR\&. The supported names of each object are "origin" (the origin name of the zone), "class" (the RR class of the zone, optional, default to "IN"), and "acl_element" (ACL only applicable to transfer requests for that zone)\&. See the BIND 10 guide for configuration examples\&. The default is an empty list, that is, no zone specific configuration\&. .PP \fIlog_name\fR .PP \fIlog_file\fR The location of the log file if using a file channel\&. If undefined, then the file channel is closed\&. The default is /usr/local/var/bind10\-devel/log/Xfrout\&.log\&. .PP \fIlog_severity\fR The default is "debug"\&. .PP \fIlog_versions\fR The default is 5\&. .PP \fIlog_max_bytes\fR The default is 1048576\&. .if n \{\ .sp .\} .RS 4 .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br .ps +1 \fBNote\fR .ps -1 .br .sp This prototype version uses SQLite3 as its data source backend\&. Future versions will be configurable, supporting multiple data storage types\&. .sp .5v .RE .PP The configuration commands are: .PP \fBshutdown\fR stops all outbound zone transfers and exits \fBb10\-xfrout\fR\&. (Note that the BIND 10 boss process will restart this service\&.) .PP \fBzone_new_data_ready\fR is sent from \fBb10-xfrin\fR(8) to indicate that the zone transferred in successfully\&. This triggers \fBb10\-xfrout\fR to send NOTIFY message(s)\&. This is an internal command and not exposed to the administrator\&. .SH "SEE ALSO" .PP \fBb10-auth\fR(8), \fBb10-cfgmgr\fR(8), \fBb10-msgq\fR(8), \fBb10-xfrin\fR(8), \fBbind10\fR(8), BIND 10 Guide\&. .SH "HISTORY" .PP The \fBb10\-xfrout\fR daemon was first implemented in March 2010 by Zhang Likun of CNNIC for the ISC BIND 10 project\&. .SH "COPYRIGHT" .br Copyright \(co 2010 Internet Systems Consortium, Inc. ("ISC") .br