What is the differences between rndc and manually manipulating named.conf.local

Question

I know rndc means that I can control the dns server from remote. However, let's say I don't need such remote feature. I do everything on the dns server. What I wanted to is to efficiently add/update/remove zones without affecting other zones. I figured out some script using rndc to add/update/remove zones like so:

to add a new zone

rndc addzone mydomain.com  '{type master; file "/etc/bind/db.mydomain.com";};'
rndc reconfig

to reload modified zone

rndc reload mydomain.com

to remove a zone

rndc delzone mydomain.com

It seems to be quite handy. However, it seems it doesn't add anything to the named.conf.local file. So does it mean rndc has taken over the control from the usual named.conf.local way? If this is the case, what are the differences? Which way should I use?

Thanks, Elgs

Answer 1

First off, to use this feature, you have to enable it, so in your options block in /etc/bind/named.conf.options I assume you have:

options {
    directory "/var/cache/bind";
    ...
    allow-new-zones yes;
    ...
}

When you use rndc addzone, the server will create a new file called <hashstring>.nzf in the base directory as specified above. The < hashstring > is a hash of the view name. Anyway, this file is re-read when you start up the name server again after stopping it, or rebooting, so the changes persist.

If you're happy with the way this works, stick with it. The only downside is all your zone specifications are not all in named.conf.local so you'll have two files to look in if you need to modify any zone options.