how can I add records to the zone file without restarting the named service?
Solution 1
I have found the answer:
my problem was that BIND can't rndc reload zone with the dynamic zones so BIND won’t allow us to reload a dynamic zone. So we have to tell bind to temporarily stop allowing dynamic updates. This is handled with the freeze option.
rndc freeze example.com
then reloading
rndc reload example.com
then allowing dynamic updates again:
rndc thaw example.com
Solution 2
Have you tried:
rndc reconfig
This should do the trick.
But be aware that this command adds (removes) new (old) zones, but it cannot modify existing ones
Related videos on Youtube
29 : 46
09 : 19
02 : 46
02 : 55
15 : 26
Nidal
I'm a Networks Engineer and I love dealing with Routers,switches and I adore Linux
Updated on September 18, 2022Comments
-
Nidal almost 2 years
I'm working on centos6.5 and bind9 and I have managed to add records to a DNS zone by doing this steps:
creating the key:
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST example.com.editing conf. file:
// TSIG Key key "example.com." { algorithm hmac-md5; secret "THE KEY GENERATED ABOVE"; }; zone "example.com" IN { type master; file "example.com.zone"; allow-update{ key "example.com."; }; };give the named authorization to the /var/named folder:
# chown -R named:named /var/named # find . -type d -exec chmod 770 {} \; # find . -type f -exec chmod 660 {} \;I have adding records using this script:
#!/bin/bash #Defining Variables DNS_SERVER="localhost" DNS_ZONE="example.com." USER_NAME="dd2.example.com." IP="192.168.1.7" TTL="60" RECORD=" $USER_NAME $TTL A $IP" echo " server $DNS_SERVER zone $DNS_ZONE debug update add $RECORD show send" | nsupdate -k Kexample.com.+157+55566.keyit didn't return any error.
I test if I add this record by using dig command:
#dig +short dd2.example.com. 192.168.1.7but the problem that the record added doesn't appear in the zone file 'example.com.zone'.
even when I use reload:
rndc reload MYZONEorrndc reload
it returns an error message like this:[root@dd Shells]# rndc reload example.com. rndc: 'reload' failed: dynamic zonebut when I restart the named service:
service named restartthe record appears in the zone file.my question is :
Is it a way to the record to be added to the zone file without restarting the named service?
-
Nidal about 10 yearsThanks, but did you have any idea why
rndc reload zonedidn't work? -
Nidal about 10 years
service named reloaddidn't work too @Christopher
-
-
Nidal about 10 yearsI want to add records to the zone,, not adding a new zone @Neven
-
Neven about 10 yearsSorry I misunderstood. There is no other way than rndc reload. Have you tried with SOA serial number change?
-
Nidal about 10 yearsbut why it won't work? @Neven
-
Neven about 10 yearsHave you changed serial number in SOA?
-
Nidal about 10 yearsno I haven't, but is it necessary every time I modify my zone ,and if I do it what it would do ?
-
Neven about 10 yearsThe best answer is: It depends on your DNS topology, do you have more than one DNS, bla bla bla... But I've found that changing SOA SN is really good thing to do, because I've encountered similar problems in past. So I always increment serial number. This is my proposition to you also and than try to reinitiate zone reload.
-
Tero Kilkanen about 10 yearsI have learned that if I don't increment SOA SN, BIND won't reload the zone contents. So, SN incrementation is essential.
-
Jenny D about 10 years@Neven, you should post the serial number increase as an answer. It needs to be incremented, that is how it works. -
Pablo Saratxaga about 10 yearsChanging the serial number is the way to tell "hey! the records have changed" and that info will be widespread to other servers. Without changing it, you could locally force reloading of the file by shutting down and restarting BIND, but the changes won't be seen outside (as other servers/clients will rightfully use their cached date, assuming no changed have happened since the serial number is the same).
