rndc

Mark Andrews Mark_Andrews at isc.org
Sun Feb 3 22:32:23 UTC 2008 

> Hi again,
>  
> They are the same version? 
> Any comments on this please?

	You are running a different version of named to the one you
	think you are.  Stop and restart named and see if the
	behaviour changes.

	It is a relatively common problem that people install a new
	version of named but don't restart named.

	Mark
  
> # rndc
> Usage: rndc [-c config] [-s server] [-p port]
>         [-k key-file ] [-y key] [-V] command
>  
> command is one of the following:
>  
>   reload        Reload configuration file and zones.
>   reload zone [class [view]]
>                 Reload a single zone.
>   refresh zone [class [view]]
>                 Schedule immediate maintenance for a zone.
>   retransfer zone [class [view]]
>                 Retransfer a single zone without checking serial number.
>   freeze zone [class [view]]
>                 Suspend updates to a dynamic zone.
>   thaw zone [class [view]]
>                 Enable updates to a frozen dynamic zone and reload it.
>   reconfig      Reload configuration file and new zones only.
>   stats         Write server statistics to the statistics file.
>   querylog      Toggle query logging.
>   dumpdb [-all|-cache|-zones] [view ...]
>                 Dump cache(s) to the dump file (named_dump.db).
>   stop          Save pending updates to master files and stop the
> server.
>   stop -p       Save pending updates to master files and stop the server
>                 reporting process id.
>   halt          Stop the server without saving pending updates.
>   halt -p       Stop the server without saving pending updates reporting
>                 process id.
>   trace         Increment debugging level by one.
>   trace level   Change the debugging level.
>   notrace       Set debugging level to 0.
>   flush         Flushes all of the server's caches.
>   flush [view]  Flushes the server's cache for a view.
>   flushname name [view]
>                 Flush the given name from the server's cache(s)
>   status        Display status of the server.
>   recursing     Dump the queries that are currently recursing
> (named.recursing)
>   *restart      Restart the server.
>  
> * == not yet implemented
> Version: 9.3.2
>  
> #swlist -l product|grep bind
>   ISCbind               9.3.2          ISC BIND 9.3.2
>  
>  
>  
>  
>  
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Barry Margolin
> Sent: Saturday, February 02, 2008 3:23 AM
> To: comp-protocols-dns-bind at isc.org
> Subject: Re: rndc
>  
> In article <fo14hb$ol1$1 at sf1.isc.org>,
>  Latif <latif.binmakhashen at omnicare.com> wrote:
>  
> > On Feb 2, 12:32am, Mark Andrews <Mark_Andr... at isc.org> wrote:
> > > > Hey guys,
> > >
> > > > One of my co-workers noticed that when reloading a zone we get a
> > > > message in the named.log (unknown control channel command 'null').
> And
> > > > then I noticed that running the rndc command causes this message
> to
> > > > appear? e.g) rndc status
> > > > I looked a the control statement in the named.conf and it looks
> fine?
> > >
> > > > controls {
> > > >    inet 127.0.0.1 port 953
> > > >        allow { 127.0.0.1; } keys { "rndc-key"; };
> > > > };
> > >
> > > > Is there any known bugs with the rndc utility in Bind 9.3.2?
> > > > I'm running it in HP-UX 11.23 PA.
> > >
> > > > I'd appreciate any advice on this?
> > >
> > >     This is the behaviour that happens if rndc is updated but
> > >     named isn't.
> > >
> > >     Mark
> > >
> > > 1480.  [bug]      Provide replay protection for rndc commands. Full
> > >             replay protection requires both rndc and named to
> > >             be updated. Partial replay protection (limited
> > >             exposure after restart) is provided if just named
> > >             is updated.
> > > --
> > > Mark Andrews, ISC
> > > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > > PHONE: +61 2 9871 4742         INTERNET: Mark_Andr... at isc.org- Hide 
> > > quoted text -
> > >
> > > - Show quoted text -
> > 
> > So how do you prevent such message? is there a fix?
>  
> Make sure your rndc and named are from the same version of BIND.
>  
> -- 
> Barry Margolin, barmar at alum.mit.edu
> Arlington, MA
> *** PLEASE post questions in newsgroups, not directly to me ***
> *** PLEASE don't copy me on replies, I'll read them in the group ***
>  
>  
>  
> 
> -- NOTICE -- 
> The information transmitted is intended only for the person or
> entity to which it is addressed and may contain confidential and/or
> privileged material, the disclosure of which is governed by
> applicable law. Any review, retransmission, dissemination or other
> use of, or taking of any action in reliance upon, this information
> by persons or entities other than the intended recipient is
> prohibited. If you received this in error please contact the sender
> and destroy the materials contained in this message.
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list