help with rndc fail
pyh at mail.nsbeta.info
pyh at mail.nsbeta.info
Sat Jan 15 03:17:37 UTC 2011
And, the named version is:
# named -v
BIND 9.6.1-P2
I'm pretty sure the secret in both named.conf and rndc.conf are the same.
Thanks.
pyh at mail.nsbeta.info writes:
>
> Hello gurus,
>
> my rndc related commands in bind master with multi-views run fail,but in
> slave it's running correctly.
>
> # rndc status
> rndc: connection to remote host closed
> This may indicate that
> * the remote server is using an older version of the command protocol,
> * this host is not authorized to connect,
> * the clocks are not synchronized, or
> * the key is invalid.
>
> Here is the named.conf for master.
> Please help,thanks in advance.
>
> -------------
> options {
> directory "/var/cache/bind";
> recursion no;
> };
>
>
> # ACLs begin
> include "/etc/bind/tel.acl";
> include "/etc/bind/uni.acl";
> include "/etc/bind/edu.acl";
> # ACLs end
>
>
> # views for ISP begin
> view "uni" {
> match-clients {
> key "unikey";
> UNI;
> };
> allow-update {key "unikey";};
> allow-transfer { key "unikey"; };
> server 202.104.186.180 { keys "unikey"; };
> # zone begin uni
> zone "test.nsbeta.info" {
> type master;
> file "test.nsbeta.info.uni.db";
> };
> # zone end uni
> };
>
> view "edu" {
> match-clients {
> key "edukey";
> EDU;
> };
> allow-update {key "edukey";};
> allow-transfer { key "edukey"; };
> server 202.104.186.180 { keys "edukey"; };
> # zone begin edu
> zone "test.nsbeta.info" {
> type master;
> file "test.nsbeta.info.edu.db";
> };
> # zone end edu
> };
>
> view "tel" {
> match-clients {
> key "telkey";
> any;
> };
> allow-update {key "telkey";};
> allow-transfer { key "telkey"; };
> server 202.104.186.180 { keys "telkey"; };
> # zone begin tel
> zone "test.nsbeta.info" {
> type master;
> file "test.nsbeta.info.tel.db";
> };
> # zone end tel
> };
> # views for ISP end
>
>
> # rndc key begin
> key "rndc-key" {
> algorithm hmac-md5;
> secret "SUpgZRkpZVeteRiTIxQw6w==";
> };
>
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; } keys { "rndc-key"; };
> };
> # rndc key end
>
> # customized keys begin
> key "edukey" {
> algorithm hmac-md5;
> secret "***";
> };
> key "unikey" {
> algorithm hmac-md5;
> secret "***";
> };
> key "telkey" {
> algorithm hmac-md5;
> secret "***";
> };
> # customized keys end
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list