• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

CONCEPTS | BASICS | HOWTO

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • Linux Services
    • VCS
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Interview Questions
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to use rndc command (command-line administration tool for named)

By admin

The rndc utility is a command-line tool to administer the named service, both locally and from a remote machine. To prevent unauthorized access to the service, rndc must be configured to listen on the selected port (port 953 by default), and an identical key must be used by both the service and the rndc utility. The rndc key is generated by using the following command:

# rndc-confgen -a
wrote key file "/etc/rndc.key"

This command creates the /etc/rndc.key file, which contains the key.

# cat /etc/rndc.key
key "rndc-key" {
        algorithm hmac-md5;
        secret "k7WFNCP01e1NwIgaIhvtQQ==";
};

To configure named to use the key, include the following entries in /etc/named.conf:

# vi /etc/named.conf<
include “/etc/rndc.key”;
controls {
         inet 127.0.0.1 allow { localhost; } keys { “rndckey”; }
};

The include statement allows files to be included so that potentially sensitive data can be placed in a separate file with restricted permissions. To ensure that only root can read the file, enter the following:

# chmod o-rwx /etc/rndc.key

The controls statement defines access information and the various security requirements necessary to use the rndc command.

  • inet: The example allows you to control rndc from a console on the localhost (127.0.0.1).
  • keys: Keys are used to authenticate various actions and are the primary access control method for remote administration. The example specifies using rndckey, which is defined in the /etc/rndc.key include file.

rndc command Examples

Type rndc to display usage of the utility and a list of available commands:

# rndc
Usage: rndc [-b address] [-c config] [-s server] [-p port]
        [-k key-file ] [-y key] [-V] command
command is one of the following:
  reload        Reload configuration file and zones.
  reload zone [class [view]]
                Reload a single zone.
  refresh zone [class [view]]
                Schedule immediate maintenance for a zone.
  retransfer zone [class [view]]
                Retransfer a single zone without checking the serial number.
  freeze        Suspend updates to all dynamic zones.
  freeze zone [class [view]]
                Suspend updates to a dynamic zone.
  thaw          Enable updates to all dynamic zones and reload them.
  thaw zone [class [view]]
                Enable updates to a frozen dynamic zone and reload it.
  sync [-clean] Dump changes to all dynamic zones to disk, and optionally
  ....

The following is an example of some of the rndc commands:

1. Use the rndc status command to check the current status of the named service:

# rndc status
number of zones: 3
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running

Use the rndc reload command to reload both the configuration file and zones:

# rndc reload
server reload successful

Filed Under: CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. Linux OS Service ‘NetworkManagerDispatcher’
  2. How to change a system’s machine-ID in Oracle Enterprise Linux 7
  3. Linux Interview Questions – Linux Printing (CUPS)
  4. Understanding rsyslog Actions
  5. How to map /dev/sdX and /dev/mapper/mpathY device from the /dev/dm-Z device
  6. Replacing a Failed Mirror Disk in a Software RAID Array (mdadm)
  7. Cron Script does not Execute as Expected from crontab – Troubleshoot
  8. CentOS / RHEL : How to Recover from deleted /etc/passwd file
  9. ip Command Examples to Manage Networking in Linux
  10. How to Transfer a File In Passive Mode by FTP

You May Also Like

Primary Sidebar

Recent Posts

  • How to Disable IPv6 on Ubuntu 18.04 Bionic Beaver Linux
  • How to Capture More Logs in /var/log/dmesg for CentOS/RHEL
  • Unable to Start RDMA Services on CentOS/RHEL 7
  • How to rename a KVM VM with virsh
  • Archives
  • Contact Us
  • Copyright

© 2021 · The Geek Diary