Limit actions on control channel?

Paul Kosinski bind at
Fri Jun 18 16:13:58 UTC 2021

It ought to be possible to write a front-end to listen on the standard control channel and only forward (properly-keyed) 'status' requests to the "real" port that BIND listens to. 

From looking at the RNDC exchange via Wireshark however, you'd have to adapt some of BIND's code that does the encryption / key-signing of RNDC requests. Still, for us users, that might be safer -- and more update resistant -- than modifying BIND itself.

On Thu, 17 Jun 2021 11:48:36 -0800
John Thurston <john.thurston at> wrote:

> I see I can define (using the 'controls' statement) a 'read-only' inet 
> channel. I suspect I could define a couple of channels on the same 
> address if I put them on different ports. Is there a way to define a 
> single 'read-write' channel, and then limit certain keys to read-only 
> access on it?
> Here's the scenario:
> I'd like to have a single control channel listening (on port 953, for 
> example). I'd like to say the key named "foo" can do lots of things, but 
> the key named "bar" can only submit a "status" message. This would let 
> our monitoring application ask for "status" without also letting it ask 
> for "reload" or "flushname".

More information about the bind-users mailing list