diff --git a/man/coredns-auto.7 b/man/coredns-auto.7 index 3829debbb..5df938269 100644 --- a/man/coredns-auto.7 +++ b/man/coredns-auto.7 @@ -16,7 +16,7 @@ The \fIauto\fR plugin is used for an "old\-style" DNS server\. It serves from a auto [ZONES\.\.\.] { directory DIR [REGEXP ORIGIN_TEMPLATE [TIMEOUT]] no_reload - upstream ADDRESS\.\.\. + upstream [ADDRESS\.\.\.] } . .fi @@ -31,7 +31,7 @@ auto [ZONES\.\.\.] { \fBno_reload\fR by default CoreDNS will try to reload a zone every minute and reloads if the SOA\'s serial has changed\. This option disables that behavior\. . .IP "\(bu" 4 -\fBupstream\fR defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names\. \fBADDRESS\fR can be an IP address, an IP:port or a string pointing to a file that is structured as /etc/resolv\.conf\. +\fBupstream\fR defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names\. \fBADDRESS\fR can be an IP address, an IP:port or a string pointing to a file that is structured as /etc/resolv\.conf\. If no \fBADDRESS\fR is given, CoreDNS will resolve CNAMEs against itself\. . .IP "" 0 . diff --git a/man/coredns-file.7 b/man/coredns-file.7 index 33e4d2f02..074411486 100644 --- a/man/coredns-file.7 +++ b/man/coredns-file.7 @@ -35,7 +35,7 @@ If you want to round robin A and AAAA responses look at the \fIloadbalance\fR pl file DBFILE [ZONES\.\.\. ] { transfer to ADDRESS\.\.\. no_reload - upstream ADDRESS\.\.\. + upstream [ADDRESS\.\.\.] } . .fi @@ -49,7 +49,7 @@ file DBFILE [ZONES\.\.\. ] { \fBno_reload\fR by default CoreDNS will try to reload a zone every minute and reloads if the SOA\'s serial has changed\. This option disables that behavior\. . .IP "\(bu" 4 -\fBupstream\fR defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names\. This is only really useful when CoreDNS is configured as a proxy, for normal authoritative serving you don\'t need \fIor\fR want to use this\. \fBADDRESS\fR can be an IP address, and IP:port or a string pointing to a file that is structured as /etc/resolv\.conf\. +\fBupstream\fR defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names\. This is only really useful when CoreDNS is configured as a proxy, for normal authoritative serving you don\'t need \fIor\fR want to use this\. \fBADDRESS\fR can be an IP address, and IP:port or a string pointing to a file that is structured as /etc/resolv\.conf\. If no \fBADDRESS\fR is given, CoreDNS will resolve CNAMEs against itself\. . .IP "" 0 . diff --git a/man/coredns-kubernetes.7 b/man/coredns-kubernetes.7 index 647e459fe..0b6e11e99 100644 --- a/man/coredns-kubernetes.7 +++ b/man/coredns-kubernetes.7 @@ -87,6 +87,9 @@ kubernetes [ZONES\.\.\.] { \fBttl\fR allows you to set a custom TTL for responses\. The default (and allowed minimum) is to use 5 seconds, the maximum is capped at 3600 seconds\. . .IP "\(bu" 4 +\fBnoendpoints\fR will turn off the serving of endpoint records by disabling the watch on endpoints\. All endpoint queries and headless service queries will result in an NXDOMAIN\. +. +.IP "\(bu" 4 \fBfallthrough\fR \fB[ZONES\.\.\.]\fR If a query for a record in the zones for which the plugin is authoritative results in NXDOMAIN, normally that is what the response will be\. However, if you specify this option, the query will instead be passed on down the plugin chain, which can include another plugin to handle the query\. If \fB[ZONES\.\.\.]\fR is omitted, then fallthrough happens for all zones for which the plugin is authoritative\. If specific zones are listed (for example \fBin\-addr\.arpa\fR and \fBip6\.arpa\fR), then only queries for those zones will be subject to fallthrough\. . .IP "" 0 diff --git a/man/coredns-proxy.7 b/man/coredns-proxy.7 index 4c03678f5..478916cac 100644 --- a/man/coredns-proxy.7 +++ b/man/coredns-proxy.7 @@ -76,7 +76,7 @@ proxy FROM TO\.\.\. { \fBspray\fR when all backends are unhealthy, randomly pick one to send the traffic to\. (This is a failsafe\.) . .IP "\(bu" 4 -\fBprotocol\fR specifies what protocol to use to speak to an upstream, \fBdns\fR (the default) is plain old DNS, and \fBhttps_google\fR uses \fBhttps://dns\.google\.com\fR and speaks a JSON DNS dialect\. Note when using this \fBTO\fR will be ignored\. The \fBgrpc\fR option will talk to a server that has implemented the DnsService \fIhttps://github\.com/coredns/coredns/pb/dns\.proto\fR\. An out\-of\-tree plugin that implements the server side of this can be found at here \fIhttps://github\.com/infobloxopen/coredns\-grpc\fR\. +\fBprotocol\fR specifies what protocol to use to speak to an upstream, \fBdns\fR (the default) is plain old DNS, and \fBhttps_google\fR uses \fBhttps://dns\.google\.com\fR and speaks a JSON DNS dialect\. Note when using this \fBTO\fR will be ignored\. The \fBgrpc\fR option will talk to a server that has implemented the DnsService \fIhttps://github\.com/coredns/coredns/blob/master/pb/dns\.proto\fR\. . .IP "" 0 . @@ -110,7 +110,7 @@ None \- No client authentication is used, and the system CAs are used to verify \fBKEY\fR \fBCERT\fR \- Client authentication is used with the specified key/cert pair\. The server certificate is verified with the system CAs\. . .IP "\(bu" 4 -\fBKEY\fR \fBCERT\fR \fBCACERT\fR \- Client authentication is used with the specified key/cert pair\. The server certificate is verified using the \fBCACERT\fR file\. An out\-of\-tree plugin that implements the server side of this can be found at here \fIhttps://github\.com/infobloxopen/coredns\-grpc\fR\. +\fBKEY\fR \fBCERT\fR \fBCACERT\fR \- Client authentication is used with the specified key/cert pair\. The server certificate is verified using the \fBCACERT\fR file\. . .IP "" 0 diff --git a/man/coredns-secondary.7 b/man/coredns-secondary.7 index b7fbb9030..5ff4deb25 100644 --- a/man/coredns-secondary.7 +++ b/man/coredns-secondary.7 @@ -34,7 +34,7 @@ A working syntax would be: secondary [zones\.\.\.] { transfer from ADDRESS transfer to ADDRESS - upstream ADDRESS\.\.\. + upstream [ADDRESS\.\.\.] } . .fi @@ -48,7 +48,7 @@ secondary [zones\.\.\.] { \fBtransfer to\fR can be enabled to allow this secondary zone to be transferred again\. . .IP "\(bu" 4 -\fBupstream\fR defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names\. This is only really useful when CoreDNS is configured as a proxy, for normal authoritative serving you don\'t need \fIor\fR want to use this\. \fBADDRESS\fR can be an IP address, and IP:port or a string pointing to a file that is structured as /etc/resolv\.conf\. +\fBupstream\fR defines upstream resolvers to be used resolve external names found (think CNAMEs) pointing to external names\. This is only really useful when CoreDNS is configured as a proxy, for normal authoritative serving you don\'t need \fIor\fR want to use this\. \fBADDRESS\fR can be an IP address, and IP:port or a string pointing to a file that is structured as /etc/resolv\.conf\. If no \fBADDRESS\fR is given, CoreDNS will resolve CNAMEs against itself\. . .IP "" 0 . diff --git a/man/coredns-template.7 b/man/coredns-template.7 index 35ef15cde..befcebb91 100644 --- a/man/coredns-template.7 +++ b/man/coredns-template.7 @@ -20,6 +20,7 @@ template CLASS TYPE [ZONE\.\.\.] { [authority RR] [\.\.\.] [rcode CODE] + [upstream [ADDRESS\.\.\.]] [fallthrough [ZONE\.\.\.]] } . @@ -44,6 +45,9 @@ template CLASS TYPE [ZONE\.\.\.] { \fBrcode\fR \fBCODE\fR A response code (\fBNXDOMAIN, SERVFAIL, \.\.\.\fR)\. The default is \fBSUCCESS\fR\. . .IP "\(bu" 4 +\fBupstream\fR [\fBADDRESS\fR\.\.\.] defines the upstream resolvers used for resolving CNAME\. If no \fBADDRESS\fR is given, CoreDNS will resolve CNAMEs against itself\. \fBADDRESS\fR can be an IP, an IP:port, or a path to a file structured like resolv\.conf\. +. +.IP "\(bu" 4 \fBfallthrough\fR Continue with the next plugin if the zone matched but no regex matched\. If specific zones are listed (for example \fBin\-addr\.arpa\fR and \fBip6\.arpa\fR), then only queries for those zones will be subject to fallthrough\. . .IP "" 0