LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Fedora
User Name
Password
Fedora This forum is for the discussion of the Fedora Project.

Notices

Reply
 
Search this Thread
Old 06-02-2004, 07:12 PM   #1
hookooekoo
LQ Newbie
 
Registered: Dec 2003
Posts: 10

Rep: Reputation: 0
Setting up Bind and rndc.key on Fedora Core 2


Hi all, any help would be greatly appreciated.

I have setup a perfectly working DNS server on Red Hat 9, but I am not as lucky with a chroot-bind on Fedora. The problem I am having is with the rndc key, and I have had little luck searching for guides and/or answers.

I ran rndc-confgen and got the following,

Code:
# Start of rndc.conf
key "rndckey" {
        algorithm hmac-md5;
        secret "q3k3SzpxASgKHCZpG1LeMw==";
};

options {
        default-key "rndckey";
        default-server 127.0.0.1;
        default-port 953;
};
# End of rndc.conf


# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" {
#       algorithm hmac-md5;
#       secret "q3k3SzpxASgKHCZpG1LeMw==";
# };
# 
# controls {
#       inet 127.0.0.1 port 953
#               allow { 127.0.0.1; } keys { "rndckey"; };
# };
# End of named.conf
I put each corresponding code into rndc.conf and named.conf.

Code:
[root@ns3 etc]# cat named.conf
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
  
include "/var/named/chroot/etc/named.custom";
 
include "/var/named/chroot/etc/rndc.key";
  
# Use with the following in named.conf, adjusting the allow list as needed:

key "rndckey" {
        algorithm hmac-md5;
        secret "q3k3SzpxASgKHCZpG1LeMw==";
};
 
 controls {
       inet 127.0.0.1 port 953
               allow { 127.0.0.1; } keys { "rndckey"; };
};
 
zone  "0.0.127.in-addr.arpa" {
        type master;
        file  "0.0.127.in-addr.arpa.zone";
};
and rndc.conf

Code:
[root@ns3 etc]# cat rndc.conf
# Start of rndc.conf
key "rndckey" {
        algorithm hmac-md5;
        secret "q3k3SzpxASgKHCZpG1LeMw==";
};
options {
        default-key "rndckey";
        default-server 127.0.0.1;
        default-port 953;
};
# End of rndc.conf
And this step I a m not sure about, as rndc.key was empty, so I added the code again here.


Code:
[root@ns3 etc]# cat rndc.key
key "rndckey" {
        algorithm hmac-md5;
        secret "q3k3SzpxASgKHCZpG1LeMw==";
};
I have also done the following...

I have added to /etc/sysconfig/iptables

Code:
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 53 -j
and made sure named had ownership of rndc.key and all named files in the chroot directory.

Now to the ever popular problem.

Code:
[root@ns3 named]# /etc/init.d/named restart
Stopping named: rndc: connect failed: connection refused
[FAILED]
Starting named: [  OK  ]
 
Old 06-02-2004, 07:40 PM   #2
hookooekoo
LQ Newbie
 
Registered: Dec 2003
Posts: 10

Original Poster
Rep: Reputation: 0
I have actuually changed rndc.conf to the following to reflect how it was done in RH 9


Code:
[root@ns3 etc]# cat rndc.conf
options {
        default-server  localhost;
        default-key     "rndckey";
};

server localhost {
        key     "rndckey";
};

include "/var/named/chroot/etc/rndc.key";
still same error.
 
Old 04-07-2010, 01:28 AM   #3
aneeshep
LQ Newbie
 
Registered: Apr 2010
Location: India
Distribution: CentOS,Redhat,Ubuntu,Solaris
Posts: 4

Rep: Reputation: 0
hi,

just try this command as root

Code:
lsof -i :953
you will get output like this (if named daemon is running)

Code:
COMMAND  PID  USER   FD   TYPE DEVICE SIZE NODE NAME
named   3470 named   22u  IPv4  12464       TCP localhost.localdomain:rndc (LISTEN)
Named daemon is listening on port 953 for rndc requests. So you should open port 953 in the firewall for rndc to work properly .Hope this help.

Aneesh
-----------------------------
findasolution.in
-----------------------------
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind 9 rndc connection refused. 360 Linux - Networking 2 10-15-2010 03:47 PM
rndc: connection refused - fedora core 2 granny Linux - Networking 11 10-28-2004 12:38 PM
rndc: no key definition for name rncd.key forkvoid Linux - Networking 2 12-29-2003 04:40 PM
BIND/rndc Question m3kgt Linux - Networking 2 12-12-2003 04:53 AM
rndc: no key definition stand Linux - Networking 1 11-30-2002 08:31 AM


All times are GMT -5. The time now is 09:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration