remote rndc server administration; Please Help!
Barry Margolin
barmar at alum.mit.edu
Tue Apr 27 19:56:49 UTC 2004
In article <c6mbo6$1jt5$1 at sf1.isc.org>,
jshaboo at hotmail.com (joe shaboo) wrote:
> Hi,
>
> I have a problem which has been plaguing me for a while.
>
> I have a master server (ns1) which I can run rndc reload locally on,
> and it works, no problem. I have a slave server (ns2) which I can run
> rndc reload locally, and it works.
>
> What I would like to do, is run rndc -y ns2-key -s ns2.domain.com
> reload from the master, for the slave. This would be a huge help.
>
> I have configured my rndc.keys correctly, or at least they appear to
> be correct. This key is on both ns1 and ns2.
>
> key "ns2-key" {
> algorithm hmac-md5;
> secret "xxxxx";
> };
> In my etc/named.conf on ns2 I have the following
>
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; ip of ns1; ip of ns2; }
> keys { "ns1-key"; };
> };
127.0.0.1 is the loopback address -- it can only be reached from the
same machine. You need to set up a control channel on the address of
the machine's NIC so that it can accept remote commands.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list