rndc(8)
Controls operation of a BIND DNS server by sending commands to the rndc socket.
Synopsis
rndc [-c config-file] [-k key-file] [-s server] [-p port] [-V] [-t timeout] command [command-args]Description
rndc is a utility for administering BIND nameservers. It sends control commands to a nameserver on a remote host or the local machine, communicates with the server through a TCP connection, and authenticates commands using digital signatures.
rndc requires a configuration file to determine how to contact the nameserver and what cryptographic key to use when sending commands. By default, rndc looks for /etc/rndc.conf and /etc/rndc.key.
The nameserver must be configured to listen on a control port and must have matching key configuration. A default key and control channel are often generated automatically during BIND installation.
Common options
| Flag | What it does |
|---|---|
-c config-file | Use alternate configuration file (default /etc/rndc.conf) |
-k key-file | Use alternate key file for authentication (default /etc/rndc.key) |
-s server | Connect to specified nameserver (default localhost) |
-p port | Connect to specified port on nameserver (default 953) |
-V | Print rndc version number and exit |
-t timeout | Set timeout for replies in seconds |
-h | Display help message and exit |
Examples
Reload the BIND configuration and zone files without stopping the server
rndc reloadStop and restart the BIND nameserver
rndc restartFlush all DNS cache entries from the server
rndc flushShow the current status of the nameserver
rndc statusEnable query logging to track incoming DNS queries
rndc querylog onReload the nameserver running on a remote host
rndc -s 192.168.1.100 reloadFlush all cache entries for a specific domain
rndc flushname example.comCleanly shut down the BIND nameserver
rndc stop