The rndc command allows you to administer the
named
service, either locally or from a remote machine (if permitted in
the controls
section of the /etc/named.conf
file). To
prevent unauthorized access to the service, rndc must be configured to
listen on the selected port (by default, port 953), and both named and rndc
must have access to the same key. To generate a suitable key, use the
rndc-confgen command:
# rndc-confgen -a
wrote key file "/etc/rndc.key"
To ensure that only root
can read the file:
# chmod o-rwx /etc/rndc.key
To check the status of the named
service:
# rndc status
number of zones: 3
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
If you modify the named
configuration file or zone files, rndc
reload instructs named
to reload the files:
# rndc reload
server reload successful
For more information, see the named(8)
, rndc(8)
and
rndc-confgen(8)
manual pages.