Linux:启动/停止/重新启动BIND DNS服务器
如何在Linux操作系统下启动/停止/重新启动Berkeley Internet名称后台程序(BIND)dns服务器?
BIND是迄今为止互联网上使用最广泛的DNS软件。
根据您的Linux发行版使用以下命令:
service service-name命令。/etc/init.d/service-name脚本命令。rndc命令名称服务器控制实用程序。
CentOS/RHEL/Fedora Linux
执行以下命令以启动BIND服务器:
# service named start
执行以下命令来停止BIND服务器:
# service named stop
执行以下命令以重新启动BIND服务器:
# service named restart
执行以下命令以重新加载BIND服务器以重新加载区域文件或者配置文件更改:
# service named reload
执行以下命令以查看BIND服务器的当前状态:
# service named status
您也可以使用以下语法:
/etc/init.d/named start /etc/init.d/named stop /etc/init.d/named restart
Debian/Ubuntu Linux
执行以下命令以启动BIND服务器:
# service bind9 start
执行以下命令来停止BIND服务器:
# service bind9 stop
执行以下命令以重新启动BIND服务器:
# service bind9 restart
执行以下命令以重新加载BIND服务器以重新加载区域文件或者配置文件更改:
# service bind9 reload
执行以下命令以查看BIND服务器的当前状态:
# service bind9 status
输出示例:
BIND 9服务在行动
您也可以使用以下语法:
/etc/init.d/bind9 start /etc/init.d/bind9 stop /etc/init.d/bind9 restart /etc/init.d/bind9 status
关于rncd命令的注释
这是一个可选命令,建议您仅使用上述命令。
在rndc手册页中:
rndc控制名称服务器的操作。
它取代了旧的BIND版本中提供的ndc实用程序。
如果在不使用命令行选项或者参数的情况下调用rndc,则它将打印所支持命令及其可用选项及其参数的简短摘要。
rndc通过TCP连接与名称服务器通信,发送通过数字签名验证的命令。
在rndc和named的当前版本中,唯一受支持的身份验证算法是HMAC-MD5,该算法在连接的两端使用共享密钥。
这为命令请求和名称服务器响应提供了TSIG样式的身份验证。
通过通道发送的所有命令必须由服务器已知的key_id签名。
rndc读取配置文件,以确定如何与名称服务器联系并确定其应使用的算法和密钥。
请注意,rndc尚不支持BIND 8 ndc实用程序的所有命令:
status显示服务器状态。stop将待处理的更新保存到主文件并停止服务器。restart重新启动服务器。reload重新加载配置文件和区域。
要查看状态,请执行:
# rndc status
输出示例:
version: 9.7.3 CPUs found: 8 worker threads: 8 number of zones: 18 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running
要重新加载服务器,请执行:
# rndc reload
要查看所有选项,只需执行rncd:
# rndc
输出示例:
Usage: rndc [-b address] [-c config] [-s server] [-p port]
[-k key-file ] [-y key] [-V] command
command is one of the following:
reload Reload configuration file and zones.
reload zone [class [view]]
Reload a single zone.
refresh zone [class [view]]
Schedule immediate maintenance for a zone.
retransfer zone [class [view]]
Retransfer a single zone without checking serial number.
freeze Suspend updates to all dynamic zones.
freeze zone [class [view]]
Suspend updates to a dynamic zone.
thaw Enable updates to all dynamic zones and reload them.
thaw zone [class [view]]
Enable updates to a frozen dynamic zone and reload it.
notify zone [class [view]]
Resend NOTIFY messages for the zone.
reconfig Reload configuration file and new zones only.
sign zone [class [view]]
Update zone keys, and sign as needed.
loadkeys zone [class [view]]
Update keys without signing immediately.
stats Write server statistics to the statistics file.
querylog Toggle query logging.
dumpdb [-all|-cache|-zones] [view ...]
Dump cache(s) to the dump file (named_dump.db).
secroots [view ...]
Write security roots to the secroots file.
stop Save pending updates to master files and stop the server.
stop -p Save pending updates to master files and stop the server
reporting process id.
halt Stop the server without saving pending updates.
halt -p Stop the server without saving pending updates reporting
process id.
trace Increment debugging level by one.
trace level Change the debugging level.
notrace Set debugging level to 0.
flush Flushes all of the server's caches.
flush [view] Flushes the server's cache for a view.
flushname name [view]
Flush the given name from the server's cache(s)
status Display status of the server.
recursing Dump the queries that are currently recursing (named.recursing)
validation newstate [view]
Enable / disable DNSSEC validation.
*restart Restart the server.
addzone ["file"] zone [class [view]] { zone-options }
Add zone to given view. Requires new-zone-file option.
delzone ["file"] zone [class [view]]
Removes zone from given view. Requires new-zone-file option.
* == not yet implemented
Version: 9.7.3
