>
> As you can tell from the above erorr, redhat's init script uses rndc
> to stop named. Rndc requires the proper key to be generated
> (/etc/rndc.key) and named.conf needs the proper control/acl
> statement added so that rndc can actually control named. Example:
>
> Use something like "rndc-confgen -a -b 512" to generate a new key. Further
> options can be found using "man rndc-confgen"
>
okay I followed the configuration to a tee and still having timeout issues.
I am still having time out issues. what else cna I check:
1) generated new rndc key
2) copied the new rndc-kay to the rndc.conf file
3) placed the include /etc/rndc.key in the /etc/named.conf file
4) then added the controls stanza as well.
> In named.conf, add something like...
>
> // Load the key generated by rndc-confgen.
> include "/etc/rndc.key";
>
> // Only allow localhost access from rndc
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; } keys { "rndc-key"; };
>
> Note: If your running named in a chroot'd environment, be sure to
> copy the key to the PATH_TO_NAMED_CHROOT/etc directory.
>
> Steve Cowles
here is a copy of my /etc/rndc.conf file:
-- snip ---
options {
default-server localhost;
default-key "rndc-key";
};
server localhost {
key "rndc-key";
};
key "rndc-key" {
algorithm hmac-md5;
secret "<key>";
};
--- snip ---
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
