Configuring rndc for bind 9
Solution for connection refused based on notes from:
http://www.mail-archive.com/comp-pro.../msg03950.html
This simple little process ended up being a real pain because all the documentation from man to O'Reilly didn't seem to work for me.
However, I finally found some snippets that worked. The solution seems to be in the order in which the statements are made in each file.
Create a new file, /etc/rndc.conf and add the snip below.
Your secret code must be duplicated in each file. To create a secret code, you can use the command mmencod. Type your secret code, hit enter and your secret code is created.
You may need to restart your server for the changes to take affect. After restarting, to start named you can type the path of the server, /usr/sbin/named. Mine is located at /usr/local/sbin/named. Type wheris named, to find where named is on your server.
-------- rndc.conf snip ----------
options {
default-server localhost;
default-key "rndc-key";
};
server localhost {
key "rndc-key";
};
key "rndc_key" {
algorithm hmac-md5;
secret "put_code_here" ; # to make a secret code, use:
}; # % mmencode
# foobarsecret
# Zm9vYmFyc2VjcmV0
------- named.conf snip ----------
options {
directory "/var/named"; #my dir is /etc/named.d
};
controls { inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};
key "rndc_key" {
algorithm hmac-md5;
secret "put_code_here" ; # to make a secret code, use:
}; # % mmencode
# foobarsecret
# Zm9vYmFyc2VjcmV0
Good Luck!
