RNDC troubles

James A Griffin agriffin at cpcug.org
Tue Jul 3 21:02:12 UTC 2001 

Note the spelling difference in the .conf files and the error message. 
Where did the 's' come from?

Jim

Godfried Duodu wrote:
> 
> I have successfully compiled bind-9.1.1 on RH 6.2 and a 2.4.2 kernel and generated a key from the dnssec-keygen
> 
> command for rndc.conf file.
> When I run the rndc reload command I get the error messages:
> "rndc:connection refused".
> When I issued rndc stop command, named gets stopped.
> I generated the keys a couple of times and still getting the same error messages. I have included the log messages
> 
> and the relevant files below for scrutiny.
>  What am I doing wrong?
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> 
> statement in named.conf:
> 
> key rndc_key {
--- no 's' ---^

>      algorithm hmac-md5;
>      secret "vf3nm1L95/qYmsLz2pfQCA==";
> };
> controls {
>          inet * allow { any; } keys { rndc_key; };
--- no 's' -------------------------------------^
> 
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> statement in rndc.conf:
> options {
>         default-server 127.0.0.1;
>         default-key   rndc_key;
> };
> server localhost {
>    key  rndc_key
> key rndc_key {
>      algorithm  hmac-md5;
>      secret "vf3nm1L95/qYmsLz2pfQCA==";
> };
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> error report from /var/log/messages:
> Apr 14 07:45:19 linuxserv ./named[896]: starting BIND 9.1.1
> Apr 14 07:45:19 linuxserv ./named[896]: using 1 CPU
> Apr 14 07:45:19 linuxserv ./named[896]: loading configuration from '/etc/named.conf'
> Apr 14 07:45:19 linuxserv ./named[896]: no IPv6 interfaces found
> Apr 14 07:45:19 linuxserv ./named[896]: listening on IPv4 interface lo, 127.0.0.1#53
> Apr 14 07:45:19 linuxserv ./named[896]: listening on IPv4 interface eth0, 192.168.0.131#53
> Apr 14 07:45:19 linuxserv ./named[896]: couldn't find key rndc_keys for use with command channel 
--------------------------------------------------------- an 's' ---^
0.0.0.0#953
> Apr 14 07:45:19 linuxserv ./named[896]: command channel listening on 0.0.0.0#953
> Apr 14 07:45:19 linuxserv ./named[896]: running

More information about the bind-users mailing list