question re rndc

Mark.Andrews at nominum.com Mark.Andrews at nominum.com
Mon Mar 5 12:32:22 UTC 2001 

	The key has to be defined in *both* rndc.conf and named.conf,
	it also has to defined before it is used, i.e. the key clause
	comes before the controls clause.

	Mark

> 
> 
> 
> Hello,
> 
> I follow what you have suggested. and got no luck implementing controls
> statement. Here's my named.conf contains and pls have comment.
> 
> copy --- log files ---
> 
> Mar  5 17:55:17 sun1 named[14388]: no key statements for use by control chann
> els
> 
> copy --- named.conf ----
> 
> // generated by named-bootconf.pl
> 
> acl internals { 192.168.9.0/24; 192.168.1.0/24; 192.168.0.0/24; };
> acl externals { 202.134.244.0/24; 202.134.224.0/24; 202.134.245.0/24; };
> 
> options {
>         directory "/var/named";
>         auth-nxdomain yes;
>         allow-query {internals; externals; };
>         allow-recursion { internals; externals;};
>         allow-notify {externals; };
>         query-source address 202.134.244.1;
> };
> 
> logging {
>         category lame-servers { null; };
>         channel xfer-log {
>                 file "/var/log/bind-xfer.log";
>                 print-category yes;
>                 print-severity yes;
>                 print-time yes;
>                 severity info;
>         };
>         category xfer-in { xfer-log; };
>         category xfer-out { xfer-log; };
>         category notify { xfer-log; };
> };
> 
> controls {
>                 inet 202.134.244.1 allow { 202.134.244.1; } keys {rndc_key; }
> ;
> };
> 
> zone "." IN {
>         type hint;
>         file "named.ca";
> };
>                 
> zone "0.0.127.in-addr.arpa" IN {
>         type master;
>         file "db.127.0.0";
> };
>         
> zone "iloilo.fapenet.org" IN {
>         type master;
>         file "db.iloilo.fapenet.org";
>         allow-transfer { 202.134.244.2; };
> };
> 
> zone "244.134.202.in-addr.arpa" IN {
>         type master;
>         file "db.202.134.244";
>         allow-transfer { 202.134.244.2;};
> };
> 
> 
> cut --- rndc.conf ----
> 
> key "rndc_key" {
>         algorithm       hmac-md5;
>         secret
> "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
> };
>  
> options {
>         default-server  202.134.244.1;
>         default-key     "rndc_key";
> };
> 
> 
> thanks...
> 
> 
> On Fri, 2 Mar 2001, Jim Reid wrote:
> 
> > >>>>> "Allan" == Allan T Parreno <allan at iloilo.fapenet.org> writes:
> > 
> >     Allan> Would like to ask, why i got connection refused when i run
> >     Allan> rndc stats?
> > 
> > Because you didn't provide a controls{} statement in named.conf
> > telling it to create the socket that rndc wants to connect to.
> > 
> 
> 
> 
> 
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com

More information about the bind-users mailing list