Controlling Multiple named Processes with ndc

5.12.1 Problem

You want to control multiple named processes running on the same host with ndc.

5.12.2 Solution

Configure the name servers to create different Unix domain sockets. For example, if the host runs both a caching-only name server and an authoritative-only name server, you might configure a controls statement like this one in the caching-only name server's named.conf file:

controls { unix "/var/run/ndc.caching" owner 0 group 0 perm 0660; };

In the other's named.conf file, you could add this controls statement:

controls { unix "/var/run/ndc.auth" owner 0 group 0 perm 0660; };

Then, to use ndc to control the caching-only name server, run:

# ndc -c /var/run/ndc.caching

To control the authoritative-only name server, use:

# ndc -c /var/run/ndc.auth

5.12.3 Discussion

To make this setup a little easier to use, you could create shell aliases from ndc-caching and ndc-auth to ndc -c /var/run/ndc.caching and ndc -c /var/run/ndc.auth, respectively.

You can set this up with TCP-based control channels, too, but BIND 8's TCP-based control channels aren't secure. If you opt to use them anyway, see Section 5.11 for hints.

5.12.4 See Also

Section 5.11 and "Two Name Server in One" in Chapter 11 of DNS and BIND.

Категории