Bind 9.3.1 Issue

Kevin Darcy kcd at daimlerchrysler.com
Wed Nov 23 03:40:27 UTC 2005 

Otis Surratt Jr. wrote:

>Hello,
>
>I am new to bind. I migrated from w2k dns servers to bind 9 servers. I 
>am running Bind 9.3.1 on FreeBSD 5.4 systems. Ever since I made the 
>change I have had problems. I thought it would be a no brianer if I 
>install webmin and did everything from there. My question is since I am 
>using webmin 1.240 and the module for bind is bind8 will it still work 
>with bind9 correctly? I know it works somewhat without the rndc keys (no 
>security) but works off and on! My goal is to run public dns servers 
>(ns1 - master ns2 -slave ns3 -slave soon ns4- slave) for my isp and make 
>them secure with the rndc and setup acls. Since I have little experience 
>with bind maybe someone here can help! I don't mind showing the keys I 
>can generate different ones onces the fix is done! Would I need to allow 
>my slave servers to be in the allowed list on the master. Lets fix rndc 
>then go to acls later if possible!  :) 
>
>I get the following errors from webmin on NS2 and NS3-
>
>
>      NDC command failed : rndc: connection to remote host closed This
>      may indicate that the remote server is using an older version of
>      the command protocol, this host is not authorized to connect, or
>      the key is invalid.
>
>Also I have a master forward zone for a domain and it doesn't work. 
>(e.g. It can be resolve across the Internet.) I get the error above when 
>I try to reload that zone on the master dns server.
>
>Without using the rndc I was getting bad dotted zero or quad zero. 
>
I'm not sure what you mean here. Is the error message referring to a bad 
dotted quad? The error message should tell you what line of named.conf 
the error is on. If webmin -- or anything else for that matter -- is 
putting a badly-formatted IP address in named.conf, I'm surprised that 
you were even able to make an rndc connection. I would have expected 
named to be incapable of starting in that case (although if named.conf 
was corrupted while named was still running, it may continue to run off 
the old config).

                                                                         
                                             - Kevin

More information about the bind-users mailing list