5.2 The rndc Program
The rndc (remote name server control) program is a program that allows you to control a name server both remotely and safely. A name server administrator can use this program to carry out the actions stated in the later table. The program can find out the name server’s PID and send the server the appropriate signal.
The rndc program has gradually developed over the years. Version 4 defined signals (see Section 5.2.1) for this purpose. A DNS administrator would send these signals to a name server using operating system commands. Version 8 introduced the rndc utility that offered a similar group of functions, but did not ensure security. BIND 9 added the authentication of the connection used.
BIND 9 and its client use a prepared symmetric key to mutually identify each other. The server has the key stored in the key clause in the named.conf file. The client has the same key and it is stored in the rndc.key file or in the rndc.conf configuration file. The rndc-confgen -a...
