Thanks to all for the help - I won't flood the list with replies to people who replied to me. I'll look at rndc reconfig and do some testing in a lab to validate the behaviour of reconfig. It does, however, look like just what I'm looking for, and hopefully will help us a lot.
Cheers to all! Todd. -----Original Message----- From: Chris Buxton [mailto:[EMAIL PROTECTED] Sent: Thursday, October 09, 2008 11:41 PM To: Todd Snyder Cc: [email protected] Subject: Re: Adding new domains without restarting On Oct 9, 2008, at 1:41 PM, Todd Snyder wrote: > However, adding > new zones is still considered high risk, as a restart of the daemon is > required. No it's not. > Additionally, we lose the cache, which could negatively impact > service. Understandable. For a busy server, clearing the cache can cause a noticeable and sudden spike in both resolution times for end users and network traffic in and out of the server. > So my question is this - is it possible to add a new zone to a > currently running server and have it load? Yes. `rndc reconfig` This command causes named to examine its configuration file (named.conf) and, if it is accepted as syntactically correct, enact any changes. That means changes to ACL's, keys, options, views, etc., are all reloaded, and it means that new zones are loaded while missing (deleted) zones are unloaded. Existing zones that are still referenced are not checked to see if they need reloading. This is, to my knowledge, the only difference between 'reconfig' and 'reload'. > If there are named.conf/zonefile > typos, will that impact any currently running zones? Probably not. If there is a typo in named.conf that renders it unloadable, an error is written out (either stderr or to log files, I forget which) and nothing happens. If a typo in named.conf causes zone statements to be commented out, then yes, live zones will go dark. A typo in a zone will cause an error to be logged, and nothing will happen. To guard against zones being accidentally deleted, I suggest you use some kind of validation routine that compares the output of `named- checkconf -z` against an expected value, or else use a management system that doesn't involve directly modifying named.conf. If you want to talk about commercial management and monitoring products to make this more reliable, please feel free to contact me off-list. Chris Buxton Professional Services Men & Mice --------------------------------------------------------------------- This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
