Red Hat Enterprise Linux 5 Administration Unleashed

Configuring BIND 347The default-port clause specifies the port number to use when connecting to thename server. If a port clause is not listed in the server statement for the name server,this default port is used when connecting. If no port is given, the default is 953.options {default-server ;default-key ;default-port ;};. server: A server statement can be defined for the name server, with being theIP address of the name server to which rndc is configured to connect. The keyclause should be used to provide the key-id of the key to use for authentication withthe name server. The port clause lists the port to use when connecting to the nameserver.TIPInstead of declaring a server statement, you can just declare the key and port in theoptions statement.server {key ;port ;};16. key: Each key statement must have a unique key name, or key-id. The algorithmclause provides the encryption algorithm to use for the key. Currently, only hmacmd5is supported by BIND. The secret clause must be a base-64 encoding of theencryption key, enclosed in double quotation marks.key {algorithm hmac-md5;secret “”;};An rndc.conf file can be generated with a random key with the rndc-confgen command.It outputs the rndc.conf file and the corresponding key and controls statements for thenamed.conf file. Either cut and paste the output to the appropriate files or redirect theoutput into a file named rndc.conf, and remove the extra statements for named.conf:rndc-confgen > rndc.confTable 16.1 shows the available rndc command-line options such as rndc status to showthe server’s status.