How do I enable rndc on Mac OS X El Capitan (10.11.5)

So I was trying to figure out how to enable rndc on El Capitan so I could dump the DNS cache to check name resolution. I could run the command from the command line, but alas it would indicate that it was not listening on port 953. I tried the alternate port 54, but again to no avail. As it turns out, I needed to modify the named.conf file controls section to get it to work. The named.conf file is located at /Library/Server/named/named.conf. You will need to modify it as the super user using sudo.

Note: I have the Apple Server Application installed

?

1	sudo nano /Library/Server/named/named.conf

The existing file should have a controls section that looks similar to the one below.

?

1 2 3 4 5 6 7

controls {         inet ::1 port 54 allow {                 "any";         } keys {                 "rndc-key";         }; };

I added the following inet 127.0.0.1 allow {localhost;};. So now the configuration looks like:

?

1 2 3 4 5 6 7 8

controls {         inet 127.0.0.1 allow {localhost;};         inet ::1 port 54 allow {                 "any";         } keys {                 "rndc-key";         }; };

You will need to restart named service using the following commands.

?

1 2	sudo launchctl stop org.isc.named sudo launchctl start org.isc.named

You should be able to use rndc. To check, you can issue the following command:

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

sudo rndc status   version: 9.9.7-P3 <id:464a99d> CPUs found: 8 worker threads: 8 UDP listeners per interface: 4 number of zones: 100 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running </id:464a99d>