#
# rndc status
#	/etc/rndc.conf
#	/etc/rndc.key	
#
# dig -x 127.0.0.1
#
# dig madwifi.org @localhost
#
# dig @dnsf.linux-consulting.com any madwifi.org
#
#
# dig linux.bogus axfr
#
#
# http://www.magnesium.net/~brigg/bind9-howto.html
#	rndc-confgen -a -c /usr/local/etc/rndc.key
#		 chmod 600 /usr/local/etc/rndc.key
#		 chown bind:bind /usr/local/etc/rndc.key
#
#	cp /usr/local/etc/rndc.conf.sample /usr/local/etc/rndc.conf
#		chmod 600 /usr/local/etc/rndc.conf
#		chown bind:bind /usr/local/etc/rndc.conf
#
#	vi /usr/local/etc/rndc.conf
#		( delete the old key statement)
#
#
# http://www.wains.be/index.php/2007/12/13/centos-5-chroot-dns-with-bind/
#	cd /etc ; rndc-confgen > rndc.key
#
#    vi rndc.key
#    =============
#	key "rndckey" {
#	  algorithm hmac-md5;
#	  secret "SGsvd1dF+mv+yU4ywCCkkg==";
#	};
#
#    vi named.conf
#    =============
	// we include the rndckey (copy-paste from rndc.key created earlier)
	key "rndckey" {
	  algorithm hmac-md5;
	  secret "SGsvd1dF+mv+yU4ywCCkkg==";
	};

	// we assume our server has the IP 192.168.254.207 serving the 192.168.254.0/24 subnet
	controls {
          inet 127.0.0.1 allow { 127.0.0.1; } keys { "rndckey"; };
          inet 192.168.254.207 allow { 192.168.254.0/24; } keys { "rndckey"; };
	};

	options {
	  ....
	} ;
#
#
# End of file