Batch updating all DNS records on my Bind server

Warren Kumari warren at
Mon Apr 20 15:33:22 UTC 2020

On Sat, Apr 18, 2020 at 12:52 PM Tony Finch <dot at> wrote:
> @lbutlr <kremels at> wrote:
> >
> > Is it possible to batch update all the domains? Looking at nsupdate it
> > looks like I have to step through and do every domain individually.
> An UPDATE request can change many records, so long as they are all in the
> same zone, and so long as they fit in the 64KB limit of DNS message size.
> I find one request is usually enough for routine changes, but if you are
> doing a bulk update to a large zone, you will need to split the changes
> across mulitiple update requests.
> You might find nsdiff helpful, both to verify that your bulk changes are
> what you expect, and because it will split large updates into multiple
> requests automatically. It's still one-zone-at-a-time, though. A
> quick-and-dirty starting point might be roughly
>         dig axfr $zone |
>         sed 's/oldprefix/newprefix/' |
>         nsdiff $zone /dev/stdin |
>         nsupdate -l

Another option may be:
rndc sync
rndc freeze
rndc sync
[sed and awk[0] ]
rndc thaw


[0]: Now at this point I should have remembered that profound truism:
“Some people, when confronted with a Unix problem, think ‘I know,
I’ll use sed.’ Now they have two problems.” jwz - 12 Dec 1992

> Tony.
> --
> f.anthony.n.finch  <dot at>
> North Utsire, South Utsire: Variable 3 or less. Smooth or slight, occasionally
> moderate at first. Fair. Good.
> _______________________________________________
> Please visit to unsubscribe from this list
> bind-users mailing list
> bind-users at

I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.

More information about the bind-users mailing list