question re rndc
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Mon Mar 5 12:32:22 UTC 2001
The key has to be defined in *both* rndc.conf and named.conf,
it also has to defined before it is used, i.e. the key clause
comes before the controls clause.
Mark
>
>
>
> Hello,
>
> I follow what you have suggested. and got no luck implementing controls
> statement. Here's my named.conf contains and pls have comment.
>
> copy --- log files ---
>
> Mar 5 17:55:17 sun1 named[14388]: no key statements for use by control chann
> els
>
> copy --- named.conf ----
>
> // generated by named-bootconf.pl
>
> acl internals { 192.168.9.0/24; 192.168.1.0/24; 192.168.0.0/24; };
> acl externals { 202.134.244.0/24; 202.134.224.0/24; 202.134.245.0/24; };
>
> options {
> directory "/var/named";
> auth-nxdomain yes;
> allow-query {internals; externals; };
> allow-recursion { internals; externals;};
> allow-notify {externals; };
> query-source address 202.134.244.1;
> };
>
> logging {
> category lame-servers { null; };
> channel xfer-log {
> file "/var/log/bind-xfer.log";
> print-category yes;
> print-severity yes;
> print-time yes;
> severity info;
> };
> category xfer-in { xfer-log; };
> category xfer-out { xfer-log; };
> category notify { xfer-log; };
> };
>
> controls {
> inet 202.134.244.1 allow { 202.134.244.1; } keys {rndc_key; }
> ;
> };
>
> zone "." IN {
> type hint;
> file "named.ca";
> };
>
> zone "0.0.127.in-addr.arpa" IN {
> type master;
> file "db.127.0.0";
> };
>
> zone "iloilo.fapenet.org" IN {
> type master;
> file "db.iloilo.fapenet.org";
> allow-transfer { 202.134.244.2; };
> };
>
> zone "244.134.202.in-addr.arpa" IN {
> type master;
> file "db.202.134.244";
> allow-transfer { 202.134.244.2;};
> };
>
>
> cut --- rndc.conf ----
>
> key "rndc_key" {
> algorithm hmac-md5;
> secret
> "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
> };
>
> options {
> default-server 202.134.244.1;
> default-key "rndc_key";
> };
>
>
> thanks...
>
>
> On Fri, 2 Mar 2001, Jim Reid wrote:
>
> > >>>>> "Allan" == Allan T Parreno <allan at iloilo.fapenet.org> writes:
> >
> > Allan> Would like to ask, why i got connection refused when i run
> > Allan> rndc stats?
> >
> > Because you didn't provide a controls{} statement in named.conf
> > telling it to create the socket that rndc wants to connect to.
> >
>
>
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list