Red Hat SummitEste conteúdo não está disponível no idioma selecionado.
17.2.3. Using the rndc Utility
The
rndc utility is a command-line tool that allows you to administer the named service, both locally and from a remote machine. Its usage is as follows:
rndc [option...] command [command-option]
rndc [option...] command [command-option]17.2.3.1. Configuring the Utility
Copiar o linkLink copiado para a área de transferência!
To prevent unauthorized access to the service,
named must be configured to listen on the selected port (that is, 953 by default), and an identical key must be used by both the service and the rndc utility.
The
rndc configuration is located in /etc/rndc.conf. If the file does not exist, the utility will use the key located in /etc/rndc.key, which was generated automatically during the installation process using the rndc-confgen -a command.
The
named service is configured using the controls statement in the /etc/named.conf configuration file as described in Section 17.2.1.2, “Other Statement Types”. Unless this statement is present, only the connections from the loopback address (that is, 127.0.0.1) will be allowed, and the key located in /etc/rndc.key will be used.
For more information on this topic, see manual pages and the BIND 9 Administrator Reference Manual listed in Section 17.2.7, “Additional Resources”.
Important
To prevent unprivileged users from sending control commands to the service, make sure only root is allowed to read the
/etc/rndc.key file:
chmod o-rwx /etc/rndc.key
~]# chmod o-rwx /etc/rndc.key17.2.3.2. Checking the Service Status
Copiar o linkLink copiado para a área de transferência!
To check the current status of the
named service, use the following command:
17.2.3.3. Reloading the Configuration and Zones
Copiar o linkLink copiado para a área de transferência!
To reload both the configuration file and zones, type the following at a shell prompt:
rndc reload
~]# rndc reload
server reload successful
This will reload the zones while keeping all previously cached responses, so that you can make changes to the zone files without losing all stored name resolutions.
To reload a single zone, specify its name after the
reload command, for example:
rndc reload localhost
~]# rndc reload localhost
zone reload up-to-date
Finally, to reload the configuration file and newly added zones only, type:
rndc reconfig
~]# rndc reconfigNote
If you intend to manually modify a zone that uses Dynamic DNS (DDNS), make sure you run the
freeze command first:
rndc freeze localhost
~]# rndc freeze localhost
Once you are finished, run the
thaw command to allow the DDNS again and reload the zone:
rndc thaw localhost
~]# rndc thaw localhost
The zone reload and thaw was successful.17.2.3.4. Updating Zone Keys
Copiar o linkLink copiado para a área de transferência!
To update the DNSSEC keys and sign the zone, use the
sign command. For example:
rndc sign localhost
~]# rndc sign localhost
Note that to sign a zone with the above command, the
auto-dnssec option has to be set to maintain in the zone statement. For instance:
17.2.3.5. Enabling the DNSSEC Validation
Copiar o linkLink copiado para a área de transferência!
To enable the DNSSEC validation, type the following at a shell prompt:
rndc validation on
~]# rndc validation on
Similarly, to disable this option, type:
rndc validation off
~]# rndc validation off
See the
options statement described in Section 17.2.1.1, “Common Statement Types” for information on how to configure this option in /etc/named.conf.
17.2.3.6. Enabling the Query Logging
Copiar o linkLink copiado para a área de transferência!
To enable (or disable in case it is currently enabled) the query logging, run the following command:
rndc querylog
~]# rndc querylog
To check the current setting, use the
status command as described in Section 17.2.3.2, “Checking the Service Status”.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}