Making Manual Changes to a Dynamically Updated Zone
2.16.1 Problem
You want to edit a zone data file by hand, but the zone is dynamically updated.
2.16.2 Solution
On a BIND 8 name server, stop the name server with ndc stop, delete the zone's dynamic update log file (whose name is the name of the zone data file with .log appended, by default) and the IXFR log file, if any (whose name is the zone data file's plus .ixfr). Then edit the zone data file and start the name server.
On a BIND 9 name server, stop the name server with rndc stop, delete the zone's journal file (whose name is the zone data file's with .jnl on the end), edit the zone data file and start the name server again.
On a BIND 9.3.0 or newer name server, you can freeze the zone with rndc freeze, edit the zone data file, and unfreeze the zone with rndc unfreeze.
2.16.3 Discussion
With dynamic zones, it's better to make all changes to the zone using dynamic updates. However, sometimes that's just not practical.
The problem is that, with most BIND name servers, if you edit a zone data file while the name server is running, you can lose your changes. When you restart the name server (reloading dynamic zones doesn't work), the name server will rewrite the zone data file if it has received any dynamic updates to the zone that haven't yet been written to the zone data file. What happens to your changes? Poof! They disappear without a trace, like so many dot-coms. You need to stop the name server before editing the zone data file. And that means your name server may miss dynamic updates while you're manually editing the zone data file, so be quick about it!
Also, when you edit the zone data file manually, the changes you make don't get entered into the dynamic update log -- the .log file, for BIND 8, and the .jnl file for BIND 9. When the name server loads the zone data file and then checks the content of the log file, it discovers a gap: It's missing the record of the last change, the one you made manually. So you have to delete the log file before loading.
The price of deleting the log file is that your zone's slaves won't be able to get an incremental zone transfer on their next try, since the record of the last change -- necessary to get them up-to-date -- is missing. They'll request an incremental zone transfer but receive a full zone transfer instead.
The BIND 9.3.0 name server has two new rndc commands, freeze and unfreeze, which allow you to suspend and resume the processing of dynamic updates to a zone. freeze also deletes the log file. So you can rndc freeze the zone, edit the zone data file, then rndc unfreeze.
2.16.4 See Also
Section 5.20, to learn how to use the nsupdate program to modify a zone.