aboutsummaryrefslogtreecommitdiff
path: root/man
diff options
context:
space:
mode:
Diffstat (limited to 'man')
-rw-r--r--man/coredns-auto.720
-rw-r--r--man/coredns-cache.74
-rw-r--r--man/coredns-file.724
-rw-r--r--man/coredns-hosts.72
-rw-r--r--man/coredns-kubernetes.716
-rw-r--r--man/coredns-secondary.723
-rw-r--r--man/coredns-transfer.731
7 files changed, 67 insertions, 53 deletions
diff --git a/man/coredns-auto.7 b/man/coredns-auto.7
index 9b4d01edb..6e1dcd7aa 100644
--- a/man/coredns-auto.7
+++ b/man/coredns-auto.7
@@ -19,7 +19,6 @@ zonefile. New or changed zones are automatically picked up from disk only when S
.nf
auto [ZONES...] {
directory DIR [REGEXP ORIGIN\_TEMPLATE]
- transfer to ADDRESS...
reload DURATION
}
@@ -37,17 +36,15 @@ like \fB\fC{<number>}\fR are replaced with the respective matches in the file na
first match, \fB\fC{2}\fR is the second. The default is: \fB\fCdb\.(.*) {1}\fR i.e. from a file with the
name \fB\fCdb.example.com\fR, the extracted origin will be \fB\fCexample.com\fR.
.IP \(bu 4
-\fB\fCtransfer\fR enables zone transfers. It may be specified multiples times. \fB\fCTo\fR or \fB\fCfrom\fR signals
-the direction. \fBADDRESS\fP must be denoted in CIDR notation (e.g., 127.0.0.1/32) or just as plain
-addresses. The special wildcard \fB\fC*\fR means: the entire internet (only valid for 'transfer to').
-When an address is specified a notify message will be send whenever the zone is reloaded.
-.IP \(bu 4
\fB\fCreload\fR interval to perform reloads of zones if SOA version changes and zonefiles. It specifies how often CoreDNS should scan the directory to watch for file removal and addition. Default is one minute.
Value of \fB\fC0\fR means to not scan for changes and reload. eg. \fB\fC30s\fR checks zonefile every 30 seconds
and reloads zone when serial changes.
.PP
+For enabling zone transfers look at the \fItransfer\fP plugin.
+
+.PP
All directives from the \fIfile\fP plugin are supported. Note that \fIauto\fP will load all zones found,
even though the directive might only receive queries for a specific zone. I.e:
@@ -80,8 +77,10 @@ notifies to 10.240.1.1
org {
auto {
directory /etc/coredns/zones/org
- transfer to *
- transfer to 10.240.1.1
+ }
+ transfer {
+ to *
+ to 10.240.1.1
}
}
@@ -106,3 +105,8 @@ org {
.fi
.RE
+.SH "ALSO"
+.PP
+Use the \fIroot\fP plugin to help you specify the location of the zone files. See the \fItransfer\fP plugin
+to enable outgoing zone transfers.
+
diff --git a/man/coredns-cache.7 b/man/coredns-cache.7
index 1ecd74153..130f74130 100644
--- a/man/coredns-cache.7
+++ b/man/coredns-cache.7
@@ -12,6 +12,10 @@ With \fIcache\fP enabled, all records except zone transfers and metadata records
database, etc.) is expensive.
.PP
+\fICache\fP will change the query to enable DNSSEC (DNSSEC OK; DO) if it passes through the plugin. If
+the client didn't request any DNSSEC (records), these are filtered out when replying.
+
+.PP
This plugin can only be used once per Server Block.
.SH "SYNTAX"
diff --git a/man/coredns-file.7 b/man/coredns-file.7
index a17341e6d..88c2fdccd 100644
--- a/man/coredns-file.7
+++ b/man/coredns-file.7
@@ -38,7 +38,6 @@ If you want to round-robin A and AAAA responses look at the \fIloadbalance\fP pl
.nf
file DBFILE [ZONES... ] {
- transfer to ADDRESS...
reload DURATION
}
@@ -46,16 +45,14 @@ file DBFILE [ZONES... ] {
.RE
.IP \(bu 4
-\fB\fCtransfer\fR enables zone transfers. It may be specified multiples times. \fB\fCTo\fR or \fB\fCfrom\fR signals
-the direction. \fBADDRESS\fP must be denoted in CIDR notation (e.g., 127.0.0.1/32) or just as plain
-addresses. The special wildcard \fB\fC*\fR means: the entire internet (only valid for 'transfer to').
-When an address is specified a notify message will be sent whenever the zone is reloaded.
-.IP \(bu 4
\fB\fCreload\fR interval to perform a reload of the zone if the SOA version changes. Default is one minute.
Value of \fB\fC0\fR means to not scan for changes and reload. For example, \fB\fC30s\fR checks the zonefile every 30 seconds
and reloads the zone when serial changes.
+.PP
+If you need outgoing zone transfers, take a look at the \fItransfer\fP plugin.
+
.SH "EXAMPLES"
.PP
Load the \fB\fCexample.org\fR zone from \fB\fCexample.org.signed\fR and allow transfers to the internet, but send
@@ -66,9 +63,9 @@ notifies to 10.240.1.1
.nf
example.org {
- file example.org.signed {
- transfer to *
- transfer to 10.240.1.1
+ file example.org.signed
+ transfer {
+ to * 10.240.1.1
}
}
@@ -83,9 +80,9 @@ Or use a single zone file for multiple zones:
.nf
\&. {
- file example.org.signed example.org example.net {
- transfer to *
- transfer to 10.240.1.1
+ file example.org.signed example.org example.net
+ transfer example.org example.net {
+ to * 10.240.1.1
}
}
@@ -140,5 +137,6 @@ example.org {
.SH "ALSO SEE"
.PP
-See the \fIloadbalance\fP plugin if you need simple record shuffling.
+See the \fIloadbalance\fP plugin if you need simple record shuffling. And the \fItransfer\fP plugin for zone
+transfers. Lastly the \fIroot\fP plugin can help you specificy the location of the zone files.
diff --git a/man/coredns-hosts.7 b/man/coredns-hosts.7
index 1250a1028..eee3821fa 100644
--- a/man/coredns-hosts.7
+++ b/man/coredns-hosts.7
@@ -7,7 +7,7 @@
.SH "DESCRIPTION"
.PP
-The hosts plugin is useful for serving zones from a \fB\fC/etc/hosts\fR file. It serves from a preloaded
+The \fIhosts\fP plugin is useful for serving zones from a \fB\fC/etc/hosts\fR file. It serves from a preloaded
file that exists on disk. It checks the file for changes and updates the zones accordingly. This
plugin only supports A, AAAA, and PTR records. The hosts plugin can be used with readily
available hosts files that block access to advertising servers.
diff --git a/man/coredns-kubernetes.7 b/man/coredns-kubernetes.7
index 397ba5750..de599e1a6 100644
--- a/man/coredns-kubernetes.7
+++ b/man/coredns-kubernetes.7
@@ -56,7 +56,6 @@ kubernetes [ZONES...] {
endpoint\_pod\_names
ttl TTL
noendpoints
- transfer to ADDRESS...
fallthrough [ZONES...]
ignore empty\_service
}
@@ -126,13 +125,6 @@ the endpoint, use the dashed IP address form.
\fB\fCnoendpoints\fR will turn off the serving of endpoint records by disabling the watch on endpoints.
All endpoint queries and headless service queries will result in an NXDOMAIN.
.IP \(bu 4
-\fB\fCtransfer\fR enables zone transfers. It may be specified multiples times. \fB\fCTo\fR signals the direction
-(only \fB\fCto\fR is allowed). \fBADDRESS\fP must be denoted in CIDR notation (127.0.0.1/32 etc.) or just as
-plain addresses. The special wildcard \fB\fC*\fR means: the entire internet.
-Sending DNS notifies is not supported.
-Deprecated
-\[la]https://github.com/kubernetes/dns/blob/master/docs/specification.md#26---deprecated-records\[ra] pod records in the subdomain \fB\fCpod.cluster.local\fR are not transferred.
-.IP \(bu 4
\fB\fCfallthrough\fR \fB[ZONES...]\fP If a query for a record in the zones for which the plugin is authoritative
results in NXDOMAIN, normally that is what the response will be. However, if you specify this option,
the query will instead be passed on down the plugin chain, which can include another plugin to handle
@@ -145,6 +137,9 @@ This allows the querying pod to continue searching for the service in the search
The search path could, for example, include another Kubernetes cluster.
+.PP
+Enabling zone transfer is done by using the \fItransfer\fP plugin.
+
.SH "READY"
.PP
This plugin reports readiness to the ready plugin. This will happen after it has synced to the
@@ -347,3 +342,8 @@ It may take one of the three values:
.PP
The duration metric only supports the "headless_with_selector" service currently.
+.SH "ALSO SEE"
+.PP
+See the \fIautopath\fP plugin to enable search path optimizations. And use the \fItransfer\fP plugin to
+enable outgoing zone transfers.
+
diff --git a/man/coredns-secondary.7 b/man/coredns-secondary.7
index bf80590a4..a4f443e60 100644
--- a/man/coredns-secondary.7
+++ b/man/coredns-secondary.7
@@ -35,7 +35,6 @@ A working syntax would be:
.nf
secondary [zones...] {
transfer from ADDRESS
- transfer to ADDRESS
}
.fi
@@ -43,15 +42,14 @@ secondary [zones...] {
.IP \(bu 4
\fB\fCtransfer from\fR specifies from which address to fetch the zone. It can be specified multiple times;
-if one does not work, another will be tried.
-.IP \(bu 4
-\fB\fCtransfer to\fR can be enabled to allow this secondary zone to be transferred again.
+if one does not work, another will be tried. Transfering this zone outwards again can be done by
+enableing the \fItransfer\fP plugin.
.PP
When a zone is due to be refreshed (Refresh timer fires) a random jitter of 5 seconds is
applied, before fetching. In the case of retry this will be 2 seconds. If there are any errors
-during the transfer the transfer fails; this will be logged.
+during the transfer in, the transfer fails; this will be logged.
.SH "EXAMPLES"
.PP
@@ -63,8 +61,7 @@ Transfer \fB\fCexample.org\fR from 10.0.1.1, and if that fails try 10.1.2.1.
.nf
example.org {
secondary {
- transfer from 10.0.1.1
- transfer from 10.1.2.1
+ transfer from 10.0.1.1 10.1.2.1
}
}
@@ -78,10 +75,12 @@ Or re-export the retrieved zone to other secondaries.
.RS
.nf
-\&. {
- secondary example.net {
+example.net {
+ secondary {
transfer from 10.1.2.1
- transfer to *
+ }
+ transfer {
+ to *
}
}
@@ -92,3 +91,7 @@ Or re-export the retrieved zone to other secondaries.
.PP
Only AXFR is supported and the retrieved zone is not committed to disk.
+.SH "ALSO SEE"
+.PP
+See the \fItransfer\fP plugin to enable zone transfers \fIto\fP other servers.
+
diff --git a/man/coredns-transfer.7 b/man/coredns-transfer.7
index 8f7db960a..27f03f789 100644
--- a/man/coredns-transfer.7
+++ b/man/coredns-transfer.7
@@ -3,19 +3,23 @@
.SH "NAME"
.PP
-\fItransfer\fP - perform zone transfers for other plugins.
+\fItransfer\fP - perform (outgoing) zone transfers for other plugins.
.SH "DESCRIPTION"
.PP
-This plugin answers zone transfers for authoritative plugins that implement
-\fB\fCtransfer.Transferer\fR. Currently, no internal plugins implement this interface.
+This plugin answers zone transfers for authoritative plugins that implement \fB\fCtransfer.Transferer\fR.
.PP
-Transfer answers full zone transfer (AXFR) requests and incremental zone transfer (IXFR) requests
+\fItransfer\fP answers full zone transfer (AXFR) requests and incremental zone transfer (IXFR) requests
with AXFR fallback if the zone has changed.
.PP
-Notifies are not currently supported.
+When a plugin wants to notify it's secondaries it will call back into the \fItransfer\fP plugin.
+
+.PP
+The following plugins implement zone transfers using this plugin: \fIfile\fP, \fIauto\fP, \fIsecondary\fP, and
+\fIkubernetes\fP. See \fB\fCtransfer.go\fR for implementation details if you are a plugin author that wants to
+use this plugin.
.SH "SYNTAX"
.PP
@@ -23,23 +27,24 @@ Notifies are not currently supported.
.nf
transfer [ZONE...] {
- to HOST...
+ to ADDRESS...
}
.fi
.RE
.IP \(bu 4
-\fBZONES\fP The zones \fItransfer\fP will answer zone requests for. If left blank,
-the zones are inherited from the enclosing server block. To answer zone
-transfers for a given zone, there must be another plugin in the same server
-block that serves the same zone, and implements \fB\fCtransfer.Transferer\fR.
+\fBZONE\fP The zones \fItransfer\fP will answer zone transfer requests for. If left blank, the zones
+are inherited from the enclosing server block. To answer zone transfers for a given zone,
+there must be another plugin in the same server block that serves the same zone, and implements
+\fB\fCtransfer.Transferer\fR.
.IP \(bu 4
-\fB\fCto\fR \fBHOST...\fP The hosts \fItransfer\fP will transfer to. Use \fB\fC*\fR to permit
-transfers to all hosts.
+\fB\fCto\fR \fBADDRESS...\fP The hosts \fItransfer\fP will transfer to. Use \fB\fC*\fR to permit transfers to all
+addresses. \fBADDRESS\fP must be denoted in CIDR notation (e.g., 127.0.0.1/32) or just as plain
+addresses. \fB\fCto\fR may be specified multiple times.
.SH "EXAMPLES"
.PP
-TODO
+See the specific plugins using this plugin for examples on it's usage.
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-03 15:02:54 +0000