Restarting bind remotly

Kevin Darcy kcd at daimlerchrysler.com
Wed Nov 5 22:45:51 UTC 2003


Mark_Andrews at isc.org wrote:

>>BIND 8's "ndc" command supports "reload" and "reload <zone>". Unlike 
>>"rndc", you can't run it directly from another box, but there's always 
>>ssh...
>>    
>>
>
>	Actually you can run ndc remotely.  It is just not the default
>	configuration.
>
True, but I've never even considered that option, since 
source-address-based authentication is pretty weak. I suppose if you're 
using IPSEC or whatever...

                                                                         
                                             - Kevin

>>Or, as I suggested before, just use a standard master/slave arrangement 
>>(optionally supplemented with "also-notify" if you need faster 
>>propagation of changes).
>>
>>                                                                         
>>                                             - Kevin
>>
>>Dickon Newman wrote:
>>
>>    
>>
>>>What's the best solution if we assume that I am restricted to using BIND
>>>version 8.3.6?
>>>
>>>Dickon...
>>>
>>>----- Original Message ----- 
>>>From: "Kevin Darcy" <kcd at daimlerchrysler.com>
>>>To: <bind-users at isc.org>
>>>Sent: Wednesday, November 05, 2003 2:44 PM
>>>Subject: Re: Restarting bind remotly
>>>
>>>
>>> 
>>>
>>>      
>>>
>>>>If you have many zones, then that's an even *stronger* reason to avoid
>>>>full reloads -- do you really want your nameserver tied up reloading
>>>>unchanged zones?
>>>>
>>>>I would expect that your master knows which zones have changed and which
>>>>have not, so why not have it issue the "rndc reload <zone>"s right after
>>>>the rsync?
>>>>
>>>>Or, even better, why not just use regular, DNS-standards-defined zone
>>>>transfers? rsync isn't necessarily the best solution for  *every*
>>>>data-propagation requirement...
>>>>
>>>>
>>>>                                               - Kevin
>>>>
>>>>Dickon Newman wrote:
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>>>>Well...we host many zones (please forgive my newb-ness)...wouldn't this
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>be a
>>> 
>>>
>>>      
>>>
>>>>>pain to have a script recognize which zone had changed and initiate a
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>zone
>>> 
>>>
>>>      
>>>
>>>>>change for that particular zone?
>>>>>
>>>>>Please keep in mind that I want to make this as simple as possible for my
>>>>>co-workers who make quite a few dns changes each day.
>>>>>
>>>>>Dickon...
>>>>>
>>>>>----- Original Message ----- 
>>>>>From: "Kevin Darcy" <kcd at daimlerchrysler.com>
>>>>>To: <bind-users at isc.org>
>>>>>Sent: Wednesday, November 05, 2003 2:16 PM
>>>>>Subject: Re: Restarting bind remotly
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>>>Dickon Newman wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>       
>>>>>>
>>>>>>            
>>>>>>
>>>>>>>Dear List,
>>>>>>>I've tried searching online for a resolution to save having to bug
>>>>>>>         
>>>>>>>
>>>>>>>              
>>>>>>>
>>>you..
>>> 
>>>
>>>      
>>>
>>>>>>>         
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>However, I haven't had much luck.
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>>>>I have 4 primary DNS servers in various locations.  They are FreeBSD
>>>>>>>
>>>>>>>
>>>>>>>         
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>based with Bind 8.3.6.
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>>>>What I want to be able to do is make dns changes on one box, then run a
>>>>>>>
>>>>>>>
>>>>>>>         
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>script to make the changes active on all 4 boxes.
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>>>>I WAS using rsync to copy this files, which is no problem.  But I don't
>>>>>>>
>>>>>>>
>>>>>>>         
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>know the best way to restart named.  I WAS stopping, and then restarting
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>the
>>> 
>>>
>>>      
>>>
>>>>>process.  I don't want to do this anymore.
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>>>>Can anyone please offer some insight on what I should do?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>         
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>>Why do you need to do a full restart? Generally "reload <zone>" for each
>>>>>>changed zone is sufficient. You can do that remotely by upgrading to
>>>>>>BIND 9 and using the "rndc" utility.
>>>>>>
>>>>>>
>>>>>>                                        - Kevin
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>       
>>>>>>
>>>>>>            
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>   
>>>>
>>>>        
>>>>
>>>
>>>
>>>
>>> 
>>>
>>>      
>>>
>>
>>    
>>
>--
>Mark Andrews, Internet Software Consortium
>1 Seymour St., Dundas Valley, NSW 2117, Australia
>PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org
>
>
>
>  
>




More information about the bind-users mailing list