13.5 Administering the Name Service

The rndc command allows you to administer the named service, either locally or from a remote machine (if permitted in the controls section of the /etc/named.conf file). To prevent unauthorized access to the service, rndc must be configured to listen on the selected port (by default, port 953), and both named and rndc must have access to the same key. To generate a suitable key, use the rndc-confgen command:

# rndc-confgen –a
wrote key file "/etc/rndc.key"

To ensure that only root can read the file:

# chmod o-rwx /etc/rndc.key

To check the status of the named service:

# rndc status
number of zones: 3
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running

If you modify the named configuration file or zone files, rndc reload instructs named to reload the files:

# rndc reload
server reload successful 

For more information, see the named(8), rndc(8) and rndc-confgen(8) manual pages.