help with rndc fail
pyh at mail.nsbeta.info
pyh at mail.nsbeta.info
Sat Jan 15 04:48:08 UTC 2011
I don't know what's the problem.
Just copied the config files to another host and run bind master on it,
everything works fine, including the zone transfer for multi-views.
Thanks.
pyh at mail.nsbeta.info writes:
>
> And, the named version is:
>
> # named -v
> BIND 9.6.1-P2
>
> I'm pretty sure the secret in both named.conf and rndc.conf are the same.
> Thanks.
>
>
> pyh at mail.nsbeta.info writes:
>
>>
>> Hello gurus,
>>
>> my rndc related commands in bind master with multi-views run fail,but in
>> slave it's running correctly.
>>
>> # rndc status
>> rndc: connection to remote host closed
>> This may indicate that
>> * the remote server is using an older version of the command protocol,
>> * this host is not authorized to connect,
>> * the clocks are not synchronized, or
>> * the key is invalid.
>>
>> Here is the named.conf for master.
>> Please help,thanks in advance.
>>
>> -------------
>> options {
>> directory "/var/cache/bind";
>> recursion no;
>> };
>>
>>
>> # ACLs begin
>> include "/etc/bind/tel.acl";
>> include "/etc/bind/uni.acl";
>> include "/etc/bind/edu.acl";
>> # ACLs end
>>
>>
>> # views for ISP begin
>> view "uni" {
>> match-clients {
>> key "unikey";
>> UNI;
>> };
>> allow-update {key "unikey";};
>> allow-transfer { key "unikey"; };
>> server 202.104.186.180 { keys "unikey"; };
>> # zone begin uni
>> zone "test.nsbeta.info" {
>> type master;
>> file "test.nsbeta.info.uni.db";
>> };
>> # zone end uni
>> };
>>
>> view "edu" {
>> match-clients {
>> key "edukey";
>> EDU;
>> };
>> allow-update {key "edukey";};
>> allow-transfer { key "edukey"; };
>> server 202.104.186.180 { keys "edukey"; };
>> # zone begin edu
>> zone "test.nsbeta.info" {
>> type master;
>> file "test.nsbeta.info.edu.db";
>> };
>> # zone end edu
>> };
>>
>> view "tel" {
>> match-clients {
>> key "telkey";
>> any;
>> };
>> allow-update {key "telkey";};
>> allow-transfer { key "telkey"; };
>> server 202.104.186.180 { keys "telkey"; };
>> # zone begin tel
>> zone "test.nsbeta.info" {
>> type master;
>> file "test.nsbeta.info.tel.db";
>> };
>> # zone end tel
>> };
>> # views for ISP end
>>
>>
>> # rndc key begin
>> key "rndc-key" {
>> algorithm hmac-md5;
>> secret "SUpgZRkpZVeteRiTIxQw6w==";
>> };
>>
>> controls {
>> inet 127.0.0.1 port 953
>> allow { 127.0.0.1; } keys { "rndc-key"; };
>> };
>> # rndc key end
>>
>> # customized keys begin
>> key "edukey" {
>> algorithm hmac-md5;
>> secret "***";
>> };
>> key "unikey" {
>> algorithm hmac-md5;
>> secret "***";
>> };
>> key "telkey" {
>> algorithm hmac-md5;
>> secret "***";
>> };
>> # customized keys end
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list