create an "nsupdate" script from DNS zone file differences
The nsdiff program examines the old and new versions of a DNS zone, and outputs the differences as a script for use by BIND's nsupdate program. It provides a bridge between static zone files and dynamic updates.
The nspatch script is a wrapper around nsdiff | nsupdate
that checks and reports errors in a manner suitable for running from cron.
The nsvi script makes it easy to edit a dynamic zone.
If you use BIND 9.7 or 9.8, you can use nsdiff as an alternative to the DNSSEC inline-signing feature which appeared in BIND 9.9. The server updates the DNSSEC records dynamically, but you can continue to manage the unsigned static zone file as before and use nsdiff | nsupdate
to push changes to the server.
There are other situations where you have a zone which is partly dynamic and partly static, for example, a reverse DNS zone mostly updated by a DHCP server, which also has a few static entries. You can use nsdiff to update the static part of the zone.