If desired, the configuration of the NAMED server can be changed outside the current server session by modifying the NAMED zone data files and starting NAMED again.
In addition, it is also possible to change the configuration via so-called dynamic updates. In this case, Resource Records can be dynamically added, deleted or modified during the current server session.This feature will play an important role in the future, especially in connection with DHCP.
Dynamic Update
Dynamic update is the term used for the ability under certain specified conditions to add, modify or delete records or RRsets in the master zone files. Dynamic update is fully described in RFC 2136.
Dynamic update is enabled on a zone-by-zone basis, by including an allow-update or updatepolicy clause in the zone statement.
Updating of secure zones (zones using DNSSEC) follows RFC 3007 and subsequent RFCs: SIG and NXT records affected by updates are automatically regenerated by the server using an online zone key. Update authorization is based on transaction signatures and an explicit server policy.
The journal file
All changes made to a zone using dynamic update are stored in the zone’s journal file. This file is automatically created by the server when the first dynamic update takes place. The name of the journal file is formed by appending the extension .jnl to the name of the corresponding zone file. The journal file is in a binary format and should not be edited manually.
The server will also occasionally write (“dump”) the complete contents of the updated zone to its zone file. This is not done immediately after each dynamic update, because that would be too slow when a large zone is updated frequently. Instead, the dump is delayed by 15 minutes, allowing additional updates to take place.
When a server is restarted after a shutdown or crash, it will replay the journal file to incorporate into the zone any updates that took place after the last zone dump.
Changes that result from incoming incremental zone transfers are also journaled in a similar way.
The zone files of dynamic zones cannot normally be edited by hand because they are not guaranteed to contain the most recent dynamic changes - those are only in the journal file. The only way to ensure that the zone file of a dynamic zone is up to date is to run rndc stop.
If you have to make changes to a dynamic zone manually, the following procedure will work:
| shut down the server using rndc stop (). sending a signal or using rndc halt is not sufficient |
| wait for the server to exit remove the journal file, edit the zone file, and restart the server. |
CAUTION!
Removing the journal file is necessary because the manual edits will not be present in the journal, rendering it inconsistent with the contents of the zone file.