The rndc Tool
This is the “remote name daemon control” utility. It is handy for controlling the name
server and also debugging problems with the name server.
The rndc program can be used to securely manage the name server. To do this, a
separate configuration file is required for rndc, since all communication with the server
is authenticated with digital signatures that rely on a shared secret, and this shared secret
is typically stored in a configuration file, which is usually named /etc/rndc.conf. You
will need to generate the secret that is shared between the utility and the name server by
using tools such as rndc-confgen (we don’t discuss this feature here).
The usage summary for rndc is listed as follows:
rndc [-c config] [-s server] [-p port]
[-k key-file ] [-y key] [-V] command
command is one of the following:
reload Reload configuration file and zones.
reload zone [class [view]]
Reload a single zone.
refresh zone [class [view]]
Schedule immediate maintenance for a zone.
reconfig Reload configuration file and new zones only.
stats Write server statistics to the statistics file.
querylog Toggle query logging.
dumpdb Dump cache(s) to the dump file (named_dump.db).
stop Save pending updates to master files and stop the server.
halt Stop the server without saving pending updates.
trace Increment debugging level by one.
trace level Change the debugging level.
notrace Set debugging level to 0.
flush Flushes all of the server's caches.
flush [view] Flushes the server's cache for a view.
status Display status of the server.
For example, you can use rndc to view the status of the DNS server. Type
[root@serverA ~]# rndc status
number of zones: 7
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 1
query logging is OFF
server is up and running
If, for example, you make changes to the zone database file (/var/named/example
.org.db) for one of the zones under your control (e.g., example.org) and you want to eload just that zone without restarting the entire DNS server, you can issue the rndc
command with the option shown here:
[root@serverA ~]# rndc reload example.org
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment