System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

Implementing rndc

The BIND 8 ndc and BIND 9 rndc name server control tools are not backward compatible. rndc can not talk to the BIND 8 name server and ndc can not talk to the BIND 9 name server. Features, options, default modes of operation, and configuration file requirements have changed. Therefore, using ndc on a BIND 9 server could result in loss of functionality or insecure operation. See the rndc(1M) man page for more information.

The rndc.conf Configuration File

The most significant difference between ndc in BIND 8 and rndc in BIND 9 is that rndc needs its own configuration file, rndc.conf. This file can be generated by rndc-confgen commands. The rndc.conf file specifies which server controls and what algorithm the server should use.

Example 3–1 Sample rndc.conf File

options {
             default-server localhost;
             default-key "rndc-key";

     key "rndc-key" {
             algorithm hmac-md5;
             secret "qPWZ3Ndl81aBRY9AmJhVtU==";

Example 3–2 Sample named.conf File Entry for rndc

controls {
             inet * allow { any; } keys { "rndc-key"; };

     key "rndc-key" {
             algorithm hmac-md5;
             secret "qPWZ3Ndl81aBRY9AmJhVtU==";

Differences in the Control Channels

Both the ndc and the rndc utilities use a control channel to send commands to and retrieve information from a name server. However, there are differences between the utilities.

Commands of BIND 9 rndc

The following list describes the rndc commands.


Reload configuration file and zones

reload zone [class [view]]

Reload a single zone

refresh zone [class [view]]

Schedule immediate maintenance for a zone


Reload configuration file and new zones only


Write server statistics to the statistics file


Toggle query logging


Dump cache(s) to the dump file (named_dump.db)


Save pending updates to master files and stop the server


Stop the server without saving pending updates


Increment debugging level by one

trace level

Change the debugging level


Set debugging level to 0


Flushes all of the server's caches

flush [view]

Flushes the server's cache for a view


Display status of the server


Restart the server (not yet implemented)