-
Notifications
You must be signed in to change notification settings - Fork 1
Zone Maintenance Commands
FIXME explain usage of commands for zone maintenance including:
###dumpdb
The zonename.db files may be in a binary format or a non-flat text format. This command:
rndc dumpdb -zones
will create a file called named_dump.db which is in a flat text file format.
###freeze
###thaw
-
when bind9 restart is required
-
when rndc reconfig is required
-
forcing an IXFR now
-
what to look for in logs
-
testing
-
zytrax masters FIXME find in BIND docs
-
zytrax update policy FIXME find in BIND docs
###Removing individual entries from the cache
See How do I flush or delete incorrect records from my recursive server cache?
If you know the records that are wrong, then you may be able to delete them from cache without restarting your nameserver or flushing the entire cache:
####Flush the cache for a specific name (available since BIND 9.3)
rndc flushname name
This flushes entries matching the specific name both from the main cache and from the Address Database (ADB) where named tracks the status of authoritative servers that it has queried.
Use the name of a domain if there are problems with the NS or MX records associated with it.
Use the server name, if there are problems with the addresses associated with that server name (for example a nameserver, a webserver or a mailserver).
####Flush the cache for a specific name as well as all records below that name
rndc flushtree name
This will clear the cache, but it will not clear any names out of ADB, so may not be sufficient for some needs.
If you are not sure where the problem lies, or there are too many records to delete them individually, then you might prefer to:
####Flush the entire named cache
rndc flush
The advantage of this is that there is no need to know which entries need to be cleared - they all will be. The disadvantage is that clearing the entire cache will cause a subsequent flood of iterative queries in order to repopulate the cache with frequently-accessed records and server information. Flushing the entire cache clears all resource records (RRs), bad cache (for DNSSEC-validation failures) and also the ADB.
Restart the named daemon.
####Bad Cache is not cleared by rndc flushtree
Bad Cache is where DNSSEC-validation failures are held. Currently, the only way to clear validation failures before they expire normally is to flush the entire cache, identify the name and apply rndc flushname or to restart named.