Bv9ARM.ch03.html revision 4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync - Copyright (C) 2000-2003 Internet Software Consortium.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync - Permission to use, copy, modify, and/or distribute this software for any
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync - purpose with or without fee is hereby granted, provided that the above
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync - copyright notice and this permission notice appear in all copies.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
8507f6a07ff05e3119f2fc2b23c2b6a227abf0afvboxsync - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
8507f6a07ff05e3119f2fc2b23c2b6a227abf0afvboxsync - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
8507f6a07ff05e3119f2fc2b23c2b6a227abf0afvboxsync - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
8507f6a07ff05e3119f2fc2b23c2b6a227abf0afvboxsync - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
8507f6a07ff05e3119f2fc2b23c2b6a227abf0afvboxsync - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
8507f6a07ff05e3119f2fc2b23c2b6a227abf0afvboxsync - PERFORMANCE OF THIS SOFTWARE.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<!-- $Id: Bv9ARM.ch03.html,v 1.76 2009/07/11 01:12:46 tbox Exp $ -->
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<link rel="prev" href="Bv9ARM.ch02.html" title="Chapter�2.�BIND Resource Requirements">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<link rel="next" href="Bv9ARM.ch04.html" title="Chapter�4.�Advanced DNS Features">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<tr><th colspan="3" align="center">Chapter�3.�Name Server Configuration</th></tr>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<a accesskey="p" href="Bv9ARM.ch02.html">Prev</a>�</td>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch04.html">Next</a>
8f4f39f7d71727c390c53e6e1ffbc6b5b64887a1vboxsync<a name="Bv9ARM.ch03"></a>Chapter�3.�Name Server Configuration</h2></div></div></div>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="sect1"><a href="Bv9ARM.ch03.html#sample_configuration">Sample Configurations</a></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2567897">A Caching-only Name Server</a></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2567913">An Authoritative-only Name Server</a></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568004">Load Balancing</a></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568358">Name Server Operations</a></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568363">Tools for Use With the Name Server Daemon</a></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2570071">Signals</a></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync In this chapter we provide some suggested configurations along
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync with guidelines for their use. We suggest reasonable values for
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync certain option settings.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<div class="titlepage"><div><div><h2 class="title" style="clear: both">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<a name="sample_configuration"></a>Sample Configurations</h2></div></div></div>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<a name="id2567897"></a>A Caching-only Name Server</h3></div></div></div>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The following sample configuration is appropriate for a caching-only
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync name server for use by clients internal to a corporation. All
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync from outside clients are refused using the <span><strong class="command">allow-query</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync option. Alternatively, the same effect could be achieved using
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync firewall rules.
41ad43cd9c28c6fcf8021479118be370223894c2vboxsync// Two corporate subnets we wish to allow queries from.
41ad43cd9c28c6fcf8021479118be370223894c2vboxsync // Working directory
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync allow-query { corpnets; };
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync// Provide a reverse mapping for the loopback
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync// address 127.0.0.1
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync type master;
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<a name="id2567913"></a>An Authoritative-only Name Server</h3></div></div></div>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync This sample configuration is for an authoritative-only server
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync that is the master server for "<code class="filename">example.com</code>"
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync and a slave for the subdomain "<code class="filename">eng.example.com</code>".
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync // Working directory
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync // Do not allow access to cache
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync allow-query-cache { none; };
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync // This is the default
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync allow-query { any; };
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync // Do not provide recursive service
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync recursion no;
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync// Provide a reverse mapping for the loopback
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync// address 127.0.0.1
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync type master;
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync// We are the master server for example.com
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync type master;
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync // IP addresses of slave servers allowed to
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync allow-transfer {
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync 192.168.4.14;
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync 192.168.5.53;
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync// We are a slave server for eng.example.com
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync type slave;
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync // IP address of eng.example.com master server
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync masters { 192.168.4.12; };
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<div class="titlepage"><div><div><h2 class="title" style="clear: both">
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<a name="id2568004"></a>Load Balancing</h2></div></div></div>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync A primitive form of load balancing can be achieved in
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync the <acronym class="acronym">DNS</acronym> by using multiple records
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync (such as multiple A records) for one name.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync For example, if you have three WWW servers with network addresses
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync of 10.0.0.1, 10.0.0.2 and 10.0.0.3, a set of records such as the
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync following means that clients will connect to each machine one third
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync of the time:
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Resource Record (RR) Data
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync When a resolver queries for these records, <acronym class="acronym">BIND</acronym> will rotate
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync them and respond to the query with the records in a different
9c9e05854c60412d1f606c125e035317ee956db7vboxsync order. In the example above, clients will randomly receive
9c9e05854c60412d1f606c125e035317ee956db7vboxsync records in the order 1, 2, 3; 2, 3, 1; and 3, 1, 2. Most clients
e96c97a1ab2e0e8c6380c2e7b74ecff3377d3790vboxsync will use the first record returned and discard the rest.
e96c97a1ab2e0e8c6380c2e7b74ecff3377d3790vboxsync For more detail on ordering responses, check the
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync <span><strong class="command">rrset-order</strong></span> substatement in the
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync <span><strong class="command">options</strong></span> statement, see
e96c97a1ab2e0e8c6380c2e7b74ecff3377d3790vboxsync <a href="Bv9ARM.ch06.html#rrset_ordering">RRset Ordering</a>.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<div class="titlepage"><div><div><h2 class="title" style="clear: both">
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<a name="id2568358"></a>Name Server Operations</h2></div></div></div>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<a name="id2568363"></a>Tools for Use With the Name Server Daemon</h3></div></div></div>
c6ac41b1ca3af57c636d01a1a3030d61801970bevboxsync This section describes several indispensable diagnostic,
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync administrative and monitoring tools available to the system
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync administrator for controlling and debugging the name server
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<a name="diagnostic_tools"></a>Diagnostic Tools</h4></div></div></div>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync The <span><strong class="command">dig</strong></span>, <span><strong class="command">host</strong></span>, and
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync <span><strong class="command">nslookup</strong></span> programs are all command
c6ac41b1ca3af57c636d01a1a3030d61801970bevboxsync for manually querying name servers. They differ in style and
c6ac41b1ca3af57c636d01a1a3030d61801970bevboxsync output format.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<dt><span class="term"><a name="dig"></a><span><strong class="command">dig</strong></span></span></dt>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync The domain information groper (<span><strong class="command">dig</strong></span>)
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync is the most versatile and complete of these lookup tools.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync It has two modes: simple interactive
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync mode for a single query, and batch mode which executes a
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync each in a list of several query lines. All query options are
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync from the command line.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<div class="cmdsynopsis"><p><code class="command">dig</code> [@<em class="replaceable"><code>server</code></em>] <em class="replaceable"><code>domain</code></em> [<em class="replaceable"><code>query-type</code></em>] [<em class="replaceable"><code>query-class</code></em>] [+<em class="replaceable"><code>query-option</code></em>] [-<em class="replaceable"><code>dig-option</code></em>] [%<em class="replaceable"><code>comment</code></em>]</p></div>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync The usual simple use of <span><strong class="command">dig</strong></span> will take the form
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync <span><strong class="command">dig @server domain query-type query-class</strong></span>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync For more information and a list of available commands and
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync options, see the <span><strong class="command">dig</strong></span> man
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<dt><span class="term"><span><strong class="command">host</strong></span></span></dt>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync The <span><strong class="command">host</strong></span> utility emphasizes
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync and ease of use. By default, it converts
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync between host names and Internet addresses, but its
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync functionality
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync can be extended with the use of options.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<div class="cmdsynopsis"><p><code class="command">host</code> [-aCdlnrsTwv] [-c <em class="replaceable"><code>class</code></em>] [-N <em class="replaceable"><code>ndots</code></em>] [-t <em class="replaceable"><code>type</code></em>] [-W <em class="replaceable"><code>timeout</code></em>] [-R <em class="replaceable"><code>retries</code></em>] [-m <em class="replaceable"><code>flag</code></em>] [-4] [-6] <em class="replaceable"><code>hostname</code></em> [<em class="replaceable"><code>server</code></em>]</p></div>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync For more information and a list of available commands and
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync options, see the <span><strong class="command">host</strong></span> man
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<dt><span class="term"><span><strong class="command">nslookup</strong></span></span></dt>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<p><span><strong class="command">nslookup</strong></span>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync has two modes: interactive and
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync non-interactive. Interactive mode allows the user to
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync query name servers for information about various
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync hosts and domains or to print a list of hosts in a
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync domain. Non-interactive mode is used to print just
b73dfe0e56074de1abc06b83abf661655f106dfevboxsync the name and requested information for a host or
b73dfe0e56074de1abc06b83abf661655f106dfevboxsync<div class="cmdsynopsis"><p><code class="command">nslookup</code> [-option...] [[<em class="replaceable"><code>host-to-find</code></em>] | [- [server]]]</p></div>
b73dfe0e56074de1abc06b83abf661655f106dfevboxsync Interactive mode is entered when no arguments are given (the
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync default name server will be used) or when the first argument
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync hyphen (`-') and the second argument is the host name or
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync Internet address
c6ac41b1ca3af57c636d01a1a3030d61801970bevboxsync of a name server.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Non-interactive mode is used when the name or Internet
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync of the host to be looked up is given as the first argument.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync optional second argument specifies the host name or address
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync of a name server.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync Due to its arcane user interface and frequently inconsistent
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync behavior, we do not recommend the use of <span><strong class="command">nslookup</strong></span>.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync Use <span><strong class="command">dig</strong></span> instead.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<a name="admin_tools"></a>Administrative Tools</h4></div></div></div>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Administrative tools play an integral part in the management
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync of a server.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<a name="named-checkconf"></a><span class="term"><span><strong class="command">named-checkconf</strong></span></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The <span><strong class="command">named-checkconf</strong></span> program
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync checks the syntax of a <code class="filename">named.conf</code> file.
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<div class="cmdsynopsis"><p><code class="command">named-checkconf</code> [-jvz] [-t <em class="replaceable"><code>directory</code></em>] [<em class="replaceable"><code>filename</code></em>]</p></div>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync<a name="named-checkzone"></a><span class="term"><span><strong class="command">named-checkzone</strong></span></span>
14d9135a2a4fd5497d528e54ee225e012553d4a9vboxsync The <span><strong class="command">named-checkzone</strong></span> program
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync checks a master file for
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync syntax and consistency.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [-djqvD] [-c <em class="replaceable"><code>class</code></em>] [-o <em class="replaceable"><code>output</code></em>] [-t <em class="replaceable"><code>directory</code></em>] [-w <em class="replaceable"><code>directory</code></em>] [-k <em class="replaceable"><code>(ignore|warn|fail)</code></em>] [-n <em class="replaceable"><code>(ignore|warn|fail)</code></em>] [-W <em class="replaceable"><code>(ignore|warn)</code></em>] <em class="replaceable"><code>zone</code></em> [<em class="replaceable"><code>filename</code></em>]</p></div>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<a name="named-compilezone"></a><span class="term"><span><strong class="command">named-compilezone</strong></span></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Similar to <span><strong class="command">named-checkzone,</strong></span> but
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync it always dumps the zone content to a specified file
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync (typically in a different format).
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<a name="rndc"></a><span class="term"><span><strong class="command">rndc</strong></span></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The remote name daemon control
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync (<span><strong class="command">rndc</strong></span>) program allows the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync administrator to control the operation of a name server.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Since <acronym class="acronym">BIND</acronym> 9.2, <span><strong class="command">rndc</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync supports all the commands of the BIND 8 <span><strong class="command">ndc</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync utility except <span><strong class="command">ndc start</strong></span> and
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">ndc restart</strong></span>, which were also
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync not supported in <span><strong class="command">ndc</strong></span>'s
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync channel mode.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync If you run <span><strong class="command">rndc</strong></span> without any
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync it will display a usage message as follows:
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<div class="cmdsynopsis"><p><code class="command">rndc</code> [-c <em class="replaceable"><code>config</code></em>] [-s <em class="replaceable"><code>server</code></em>] [-p <em class="replaceable"><code>port</code></em>] [-y <em class="replaceable"><code>key</code></em>] <em class="replaceable"><code>command</code></em> [<em class="replaceable"><code>command</code></em>...]</p></div>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<p>The <span><strong class="command">command</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync is one of the following:
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>reload</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Reload configuration file and zones.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>reload <em class="replaceable"><code>zone</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>class</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>view</code></em></span>]</span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Reload the given zone.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>refresh <em class="replaceable"><code>zone</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>class</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>view</code></em></span>]</span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Schedule zone maintenance for the given zone.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>retransfer <em class="replaceable"><code>zone</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>class</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>view</code></em></span>]</span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Retransfer the given zone from the master.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>freeze
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>zone</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>class</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>view</code></em></span>]</span>]</span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Suspend updates to a dynamic zone. If no zone is
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync then all zones are suspended. This allows manual
9b13375ba53974bdf46503e44314e0f88577f7c3vboxsync edits to be made to a zone normally updated by dynamic
9b13375ba53974bdf46503e44314e0f88577f7c3vboxsync also causes changes in the journal file to be synced
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync into the master
9b13375ba53974bdf46503e44314e0f88577f7c3vboxsync and the journal file to be removed. All dynamic
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync update attempts will
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync be refused while the zone is frozen.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>thaw
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>zone</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>class</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>view</code></em></span>]</span>]</span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Enable updates to a frozen dynamic zone. If no zone
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync specified, then all frozen zones are enabled. This
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync the server to reload the zone from disk, and
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync re-enables dynamic updates
0c0e78bbdcbeec81f856e8aa1097a9504c16bb1cvboxsync after the load has completed. After a zone is thawed,
0c0e78bbdcbeec81f856e8aa1097a9504c16bb1cvboxsync dynamic updates
0c0e78bbdcbeec81f856e8aa1097a9504c16bb1cvboxsync will no longer be refused.
0c0e78bbdcbeec81f856e8aa1097a9504c16bb1cvboxsync<dt><span class="term"><strong class="userinput"><code>notify <em class="replaceable"><code>zone</code></em>
0c0e78bbdcbeec81f856e8aa1097a9504c16bb1cvboxsync [<span class="optional"><em class="replaceable"><code>class</code></em>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>view</code></em></span>]</span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Resend NOTIFY messages for the zone.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>reconfig</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Reload the configuration file and load new zones,
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync but do not reload existing zone files even if they
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync have changed.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync This is faster than a full <span><strong class="command">reload</strong></span> when there
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync is a large number of zones because it avoids the need
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync to examine the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync modification times of the zones files.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>stats</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Write server statistics to the statistics file.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>querylog</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Toggle query logging. Query logging can also be enabled
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync by explicitly directing the <span><strong class="command">queries</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">category</strong></span> to a
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">channel</strong></span> in the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">logging</strong></span> section of
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <code class="filename">named.conf</code> or by specifying
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">querylog yes;</strong></span> in the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">options</strong></span> section of
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>dumpdb
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>view ...</code></em></span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync dump file for the specified views. If no view is
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync specified, all
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync views are dumped.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>stop [<span class="optional">-p</span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Stop the server, making sure any recent changes
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync made through dynamic update or IXFR are first saved to
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync the master files of the updated zones.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync If <code class="option">-p</code> is specified <span><strong class="command">named</strong></span>'s process id is returned.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync This allows an external process to determine when <span><strong class="command">named</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync had completed stopping.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>halt [<span class="optional">-p</span>]</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Stop the server immediately. Recent changes
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync made through dynamic update or IXFR are not saved to
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync the master files, but will be rolled forward from the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync journal files when the server is restarted.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync If <code class="option">-p</code> is specified <span><strong class="command">named</strong></span>'s process id is returned.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync This allows an external process to determine when <span><strong class="command">named</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync had completed halting.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>trace</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Increment the servers debugging level by one.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>trace <em class="replaceable"><code>level</code></em></code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Sets the server's debugging level to an explicit
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>notrace</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Sets the server's debugging level to 0.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>flush</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Flushes the server's cache.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>flushname</code></strong> <em class="replaceable"><code>name</code></em></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Flushes the given name from the server's cache.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>status</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Display status of the server.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Note that the number of zones includes the internal <span><strong class="command">bind/CH</strong></span> zone
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync and the default <span><strong class="command">/IN</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync hint zone if there is not an
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync explicit root zone configured.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>recursing</code></strong></span></dt>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Dump the list of queries <span><strong class="command">named</strong></span> is currently recursing
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync<dt><span class="term"><strong class="userinput"><code>validation
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync [<span class="optional"><em class="replaceable"><code>view ...</code></em></span>]
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Enable or disable DNSSEC validation.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Note <span><strong class="command">dnssec-enable</strong></span> also needs to be
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync set to <strong class="userinput"><code>yes</code></strong> to be effective.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync It defaults to enabled.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync A configuration file is required, since all
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync communication with the server is authenticated with
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync digital signatures that rely on a shared secret, and
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync there is no way to provide that secret other than with a
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync configuration file. The default location for the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">rndc</strong></span> configuration file is
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <code class="filename">/etc/rndc.conf</code>, but an
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync location can be specified with the <code class="option">-c</code>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync option. If the configuration file is not found,
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">rndc</strong></span> will also look in
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <code class="filename">/etc/rndc.key</code> (or whatever
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <code class="varname">sysconfdir</code> was defined when
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync the <acronym class="acronym">BIND</acronym> build was
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync configured).
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync generated by
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync running <span><strong class="command">rndc-confgen -a</strong></span> as
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync described in
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <a href="Bv9ARM.ch06.html#controls_statement_definition_and_usage" title="controls Statement Definition and
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Usage">the section called “<span><strong class="command">controls</strong></span> Statement Definition and
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync Usage”</a>.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The format of the configuration file is similar to
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync that of <code class="filename">named.conf</code>, but
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync only four statements, the <span><strong class="command">options</strong></span>,
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">key</strong></span>, <span><strong class="command">server</strong></span> and
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">include</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync statements. These statements are what associate the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync secret keys to the servers with which they are meant to
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync be shared. The order of statements is not
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync significant.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The <span><strong class="command">options</strong></span> statement has
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync three clauses:
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">default-server</strong></span>, <span><strong class="command">default-key</strong></span>,
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync and <span><strong class="command">default-port</strong></span>.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">default-server</strong></span> takes a
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync host name or address argument and represents the server
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync option is provided on the command line.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">default-key</strong></span> takes
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync the name of a key as its argument, as defined by a <span><strong class="command">key</strong></span> statement.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">default-port</strong></span> specifies the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync port to which
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">rndc</strong></span> should connect if no
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync port is given on the command line or in a
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">server</strong></span> statement.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The <span><strong class="command">key</strong></span> statement defines a
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync key to be used
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync by <span><strong class="command">rndc</strong></span> when authenticating
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">named</strong></span>. Its syntax is
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync identical to the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">key</strong></span> statement in <code class="filename">named.conf</code>.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The keyword <strong class="userinput"><code>key</code></strong> is
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync followed by a key name, which must be a valid
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync domain name, though it need not actually be hierarchical;
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync a string like "<strong class="userinput"><code>rndc_key</code></strong>" is a valid
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The <span><strong class="command">key</strong></span> statement has two
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">algorithm</strong></span> and <span><strong class="command">secret</strong></span>.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync While the configuration parser will accept any string as the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync to algorithm, currently only the string "<strong class="userinput"><code>hmac-md5</code></strong>"
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync has any meaning. The secret is a base-64 encoded string
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync as specified in RFC 3548.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The <span><strong class="command">server</strong></span> statement
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync associates a key
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync defined using the <span><strong class="command">key</strong></span>
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync statement with a server.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The keyword <strong class="userinput"><code>server</code></strong> is followed by a
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync host name or address. The <span><strong class="command">server</strong></span> statement
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync has two clauses: <span><strong class="command">key</strong></span> and <span><strong class="command">port</strong></span>.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync The <span><strong class="command">key</strong></span> clause specifies the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync name of the key
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync to be used when communicating with this server, and the
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync <span><strong class="command">port</strong></span> clause can be used to
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync specify the port <span><strong class="command">rndc</strong></span> should
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync to on the server.
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync A sample minimal configuration file is as follows:
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsynckey rndc_key {
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync algorithm "hmac-md5";
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
9a4748c9b04aa33bb54066d49bd27d4c9f0cf33evboxsync default-server 127.0.0.1;