Restarting bind remotly
Kevin Darcy
kcd at daimlerchrysler.com
Wed Nov 5 22:45:51 UTC 2003
Mark_Andrews at isc.org wrote:
>>BIND 8's "ndc" command supports "reload" and "reload <zone>". Unlike
>>"rndc", you can't run it directly from another box, but there's always
>>ssh...
>>
>>
>
> Actually you can run ndc remotely. It is just not the default
> configuration.
>
True, but I've never even considered that option, since
source-address-based authentication is pretty weak. I suppose if you're
using IPSEC or whatever...
- Kevin
>>Or, as I suggested before, just use a standard master/slave arrangement
>>(optionally supplemented with "also-notify" if you need faster
>>propagation of changes).
>>
>>
>> - Kevin
>>
>>Dickon Newman wrote:
>>
>>
>>
>>>What's the best solution if we assume that I am restricted to using BIND
>>>version 8.3.6?
>>>
>>>Dickon...
>>>
>>>----- Original Message -----
>>>From: "Kevin Darcy" <kcd at daimlerchrysler.com>
>>>To: <bind-users at isc.org>
>>>Sent: Wednesday, November 05, 2003 2:44 PM
>>>Subject: Re: Restarting bind remotly
>>>
>>>
>>>
>>>
>>>
>>>
>>>>If you have many zones, then that's an even *stronger* reason to avoid
>>>>full reloads -- do you really want your nameserver tied up reloading
>>>>unchanged zones?
>>>>
>>>>I would expect that your master knows which zones have changed and which
>>>>have not, so why not have it issue the "rndc reload <zone>"s right after
>>>>the rsync?
>>>>
>>>>Or, even better, why not just use regular, DNS-standards-defined zone
>>>>transfers? rsync isn't necessarily the best solution for *every*
>>>>data-propagation requirement...
>>>>
>>>>
>>>> - Kevin
>>>>
>>>>Dickon Newman wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>Well...we host many zones (please forgive my newb-ness)...wouldn't this
>>>>>
>>>>>
>>>>>
>>>>>
>>>be a
>>>
>>>
>>>
>>>
>>>>>pain to have a script recognize which zone had changed and initiate a
>>>>>
>>>>>
>>>>>
>>>>>
>>>zone
>>>
>>>
>>>
>>>
>>>>>change for that particular zone?
>>>>>
>>>>>Please keep in mind that I want to make this as simple as possible for my
>>>>>co-workers who make quite a few dns changes each day.
>>>>>
>>>>>Dickon...
>>>>>
>>>>>----- Original Message -----
>>>>>From: "Kevin Darcy" <kcd at daimlerchrysler.com>
>>>>>To: <bind-users at isc.org>
>>>>>Sent: Wednesday, November 05, 2003 2:16 PM
>>>>>Subject: Re: Restarting bind remotly
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>Dickon Newman wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>>Dear List,
>>>>>>>I've tried searching online for a resolution to save having to bug
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>you..
>>>
>>>
>>>
>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>However, I haven't had much luck.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>I have 4 primary DNS servers in various locations. They are FreeBSD
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>based with Bind 8.3.6.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>What I want to be able to do is make dns changes on one box, then run a
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>script to make the changes active on all 4 boxes.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>I WAS using rsync to copy this files, which is no problem. But I don't
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>know the best way to restart named. I WAS stopping, and then restarting
>>>>>
>>>>>
>>>>>
>>>>>
>>>the
>>>
>>>
>>>
>>>
>>>>>process. I don't want to do this anymore.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>>Can anyone please offer some insight on what I should do?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>Why do you need to do a full restart? Generally "reload <zone>" for each
>>>>>>changed zone is sufficient. You can do that remotely by upgrading to
>>>>>>BIND 9 and using the "rndc" utility.
>>>>>>
>>>>>>
>>>>>> - Kevin
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>--
>Mark Andrews, Internet Software Consortium
>1 Seymour St., Dundas Valley, NSW 2117, Australia
>PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
>
>
>
>
>
More information about the bind-users
mailing list