-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Using rndc reconfig

When you have one running authoritative bind nameserver, you will the sooner or the later change the configuration of the service, let’s say, for adding a new zone. For this change to be taken into account, you can either restart bind (which doesn’t make much sense to me) or use rndc reconfig, what I shall demonstrate now.

Warning

For the sake of this article, I’ll state that bind configuration files are stored on /etc/named.conf, but when doing tests I noticed that as I was using bind-chroot, configuration files should have been copied to /var/named/chroot/etc/, which was the case for all files but /var/named/chroot/etc/named.conf that I had to keep updated by hand. So, be careful.

Testing

Let’s add one new zone to our configuration :

# Edit the main configuration
cat >> /etc/named.conf << EOF
	include "/etc/named/myzone2.tld.conf";
EOF
# Keep the main zone file updated as per of the previous warning
cat /etc/named.conf > /var/named/chroot/etc/named.conf
# Create the configuration files of the zone by copying an existing
cd /etc/named/
cp myzone.tld.conf myzone2.tld.conf
perl -i -pe 's/myzone/myzone2/g' myzone2.tld.conf 
cat myzone2.tld.conf
	zone "myzone2.tld" {
		type master;
		file "zones/myzone2.tld.zone";
	};
cd zones
cp myzone.tld.zone myzone2.tld.zone

Let’s see the running status of our authoritative nameserver before changing the configuration :

rndc status
	version: 9.8.1-RedHat-9.8.1-2.el6
	CPUs found: 4
	worker threads: 4
	number of zones: 7
	debug level: 0
	xfers running: 0
	xfers deferred: 0
	soa queries in progress: 0
	query logging is OFF
	recursive clients: 0/0/1000
	tcp clients: 0/100
	server is up and running

Now, lauch the reconfiguration statement:

rndc reconfig

# Here is an extract of the logs :
named[25171]: received control channel command 'reconfig'
# This is errorneous. It does load the file, but relatively to the chrooted dir.
named[25171]: loading configuration from '/etc/named.conf'
named[25171]: using default UDP/IPv4 port range: [1024, 65535]
named[25171]: using default UDP/IPv6 port range: [1024, 65535]
named[25171]: no IPv6 interfaces found
# Tadaaa ... 8 zones loaded
named[25171]: sizing zone task pool based on 8 zones
named[25171]: reloading configuration succeeded
named[25171]: zone myzone2.tld/IN: loaded serial 2012021202
named[25171]: any newly configured zones are now loaded
named[25171]: zone myzone2.tld/IN: sending notifies (serial 2012021202)

Congratulations, you’ve just changed bind’s configuration without restarting the service. Please note that rndc reconfig is designed to reload configuration file and new zones only.

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJW5eRIAAoJEBeKS2x6xuR7B7MP/39K2a09WaUnSrdf9gzZCUTV
CTg6Cfk+tMUFdKWiQkIG1mB16JvpBz2FCKgLYJw3Lsk8ZS5dwFg7oEwzYwTLAsd+
IrYhY1qAxZRVw7DhYv8yUE1r63yDmSRBztkXG69CFc7+ur4TO76zZXTL1Znq39jw
xqFukPPStt5GseTFo4jJhMUWUG+U0qhB82cUgJ9/tATol4Wrmnaeir3v6kY6rDn9
T6mwsO+oVzL6bXLs2ds0n2nnZ5ETPpe4/e15xhNi5smUQd8dWucArlHIHRX7UXEU
6ML87HebEDaEWcPto50n3dMYRfEbGyYGGl/Slce399ESLZr58pxDaxt2BZn/4Qrj
vfip0YkWBsFrtZE3NUpXspg1jRlguj1Y2qu66HgDX47+XR59Il0mtVMBokSvxR/e
SUzZeaiB5cw24h5ALOljzKb5WpShf7Tc/96MEhUPouZ8e9DRHSVxkughRoe4dYdK
V3XKXfJmX0IWV7rnuGYslzD/TtCBsIqbZYiak5lTZcbc84yXxOlvggG2nIoDeunC
zWudhU3IJ28MBrsoWq1Vuj+C1co9JM4MPACChNxV+vnWgFdK+UQyY5cdeJP4IKOv
fQNbNKhVtU+/p+oe3E+cvRcIKSfTzBKiT3zW7VjrjA2QjzVH1QVeRDfTCAzbSHSy
JzF7tk7UiQMOfmPgixw6
=KIVX
-----END PGP SIGNATURE-----

Hint: To validate signature, please view page source and copy html code between BEGIN PGP Signed message and END PGP Signature anchors.

Created the 2012-05-22

Share this


Article content

Resources

10 last blog posts

Related to this article

blog comments powered by Disqus