rndc.conf

Simon Waters Simon at wretched.demon.co.uk
Mon May 21 21:57:50 UTC 2001 

Rachael Stewart wrote:
> 
> I am trying to implement rndc for bind 9.1.2 on a box running RH7.1.  When I
> run the command "rndc reload", I get the following message:
> 
> [root at dns2 named]# /usr/local/sbin/rndc reload
> /etc/rndc.conf:6: syntax error near '<string>'
> rndc: /etc/rndc.conf: failure

See comments on rndc.conf

You get different errors if localhost doesn't resolve, or
the named isn't running.
 
> When I check the file with "named-checkconf rndc.conf", I get:
> 
> [root at dns2 named]# /usr/local/sbin/named-checkconf /etc/rndc.conf
> /etc/rndc.conf:2: parse error near 'default-server'

I get that too - I don't think named-checkconf was intended
for checking rndc.conf files.
 
> I generated the key with: "dnssec-keygen -a hmac-md5 -b 128 -n HOST
> rndc_key".

Seems sensible - the "name" (e.g. rndc_key) isn't important
here. Since it is only a random string you could post an
unadulterated version and then change it - so we have
complete data.

> This is my rndc.conf file:
> 
> options {
>         default-server localhost;
>         default-key "rndc_key";
> };
> 
> key "rndc_key" {
> algorithm hmac-md5;
> secret "xxxxxxxxxxxxxxxx";
> };

Okay, I don't have my key names in quotation marks but it
seems to make no difference as long as your consistent!?

I tried using this rndc.conf and it works for me. Since you
seem to get a syntax error from rndc I'm wondering if you
have some sort of hidden characters in the file that upset
the parsing - try "cat -v /etc/rndc.conf"
 
> controls {
>        inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
> };

You don't show the key statement in the named.conf file. I
assume it is there somewhere otherwise you should get errors
on starting named in the system log /var/log/messages on
RedHat by default.

Sorry not to be more specific, but it seems to work here
with 9.1.2 and RedHat 6.1, so it is probably something small
and hard to spot.

-- 
Simon Waters
Are you using the Internet to best effect ?
www.eighth-layer.com
Tel: +44(0)1395 232769      ICQ: 116952768
Moderated discussion of teleworking issues at
news:uk.business.telework

More information about the bind-users mailing list