Re: named & rndc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, 2007-09-21 at 20:56 -0400, Robert Spangler wrote:
> On Fri September 21 2007 18:50, Craig White wrote:
> 
> >  [root@srv1 etc]# kill 26598
> >  [root@srv1 etc]# service named restart
> >  Stopping named:                                            [FAILED]
> >  Starting named:                                            [  OK  ]
> 
> After you have killed named start it with 'start' not 'restart'.
----
yeah, I know, I'm lazy and just up arrow/return
----
> 
> >  if I try...
> >  # service named status
> >  rndc: connection to remote host closed
> >  This may indicate that the remote server is using an older version of
> >  the command protocol, this host is not authorized to connect,
> >  or the key is invalid.
> >
> >  but looking at my named.conf, I'm directly including rndc.key
> >  # grep rndc named.conf
> >          inet 127.0.0.1 allow { localhost; } keys { DYNAMIC_DNS_KEY;
> >  rndc.key; };
> >  include "/etc/rndc.key";
> 
> This doesn't look right.  My control section in named.conf is :
> 
> controls {
>         inet 127.0.0.1 allow { any; }
>         keys { rndc-key; };
----
it makes no difference if I only have 1 'key' in my control section or 2
- I have tried all combinations
----
> 
> No need for 'include '.  Your rndc.conf should also be located in your 
> chroot /etc dir.
----
likewise, it makes no difference whether 1 or both keys are stored in
the file itself or 'include rndc.key'
----
> 
> Take notice to what is in between {} in the keys statement.  This has to match 
> what is in your rndc.conf file.

> server localhost {
>         key     "rndc-key";
> };
----
apparently CentOS-5 doesn't include rndc.conf but has a program called
rndc-confgen and I copied over my named.conf/zone files etc from
previous server.

/var/named/chroot/etc/rndc.conf
options {
        default-server  localhost;
        default-key     "rndckey";
        default-port    953;
};

server localhost {
        key             "rndckey";
};

include "/etc/rndc.key";

 and then in /var/named/chroot/etc/named.conf

controls {
        inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys {
DYNAMIC_DNS_KEY; "rndckey"; };
        };

include "/etc/rndc.key";

no probs mate - thanks - it's solved

Craig

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux