RNDC troubles
James A Griffin
agriffin at cpcug.org
Tue Jul 3 21:02:12 UTC 2001
Note the spelling difference in the .conf files and the error message.
Where did the 's' come from?
Jim
Godfried Duodu wrote:
>
> I have successfully compiled bind-9.1.1 on RH 6.2 and a 2.4.2 kernel and generated a key from the dnssec-keygen
>
> command for rndc.conf file.
> When I run the rndc reload command I get the error messages:
> "rndc:connection refused".
> When I issued rndc stop command, named gets stopped.
> I generated the keys a couple of times and still getting the same error messages. I have included the log messages
>
> and the relevant files below for scrutiny.
> What am I doing wrong?
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>
> statement in named.conf:
>
> key rndc_key {
--- no 's' ---^
> algorithm hmac-md5;
> secret "vf3nm1L95/qYmsLz2pfQCA==";
> };
> controls {
> inet * allow { any; } keys { rndc_key; };
--- no 's' -------------------------------------^
>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> statement in rndc.conf:
> options {
> default-server 127.0.0.1;
> default-key rndc_key;
> };
> server localhost {
> key rndc_key
> key rndc_key {
> algorithm hmac-md5;
> secret "vf3nm1L95/qYmsLz2pfQCA==";
> };
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> error report from /var/log/messages:
> Apr 14 07:45:19 linuxserv ./named[896]: starting BIND 9.1.1
> Apr 14 07:45:19 linuxserv ./named[896]: using 1 CPU
> Apr 14 07:45:19 linuxserv ./named[896]: loading configuration from '/etc/named.conf'
> Apr 14 07:45:19 linuxserv ./named[896]: no IPv6 interfaces found
> Apr 14 07:45:19 linuxserv ./named[896]: listening on IPv4 interface lo, 127.0.0.1#53
> Apr 14 07:45:19 linuxserv ./named[896]: listening on IPv4 interface eth0, 192.168.0.131#53
> Apr 14 07:45:19 linuxserv ./named[896]: couldn't find key rndc_keys for use with command channel
--------------------------------------------------------- an 's' ---^
0.0.0.0#953
> Apr 14 07:45:19 linuxserv ./named[896]: command channel listening on 0.0.0.0#953
> Apr 14 07:45:19 linuxserv ./named[896]: running
More information about the bind-users
mailing list