Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-03-2005, 11:45 AM
|
#1
|
LQ Newbie
Registered: Mar 2005
Posts: 5
Rep:
|
DNS, Bind, rndc update issue
It seems I can only get my config and zone files to refresh by restarting bind.. when i try to 'rndc reload' i don't get an error, but it doesnt update. I noticed this when I tried to stop and restart bind and got this error.
/etc/init.d/named stop
Shutting down named: rndc: connection to remote host closed
This may indicate that the remote server is using an older version of
the command protocol, this host is not authorized to connect,
or the key is invalid.
here is my rndc.conf
options {
default-server 127.0.0.1;
default-key "rndckey";
};
server 127.0.0.1 {
key "rndckey";
};
key "rndckey" {
algorithm "hmac-md5";
secret ".........";
named.conf
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { rndckey; };
};
key "rndckey" {
algorithm "hmac-md5";
secret "same as rndc.conf";
}
Did I miss somehting in either of these conf's?
EDIT: In addition, I had changed key's recently. After the change, I was able to stop and start without issue. But this is the first time I tried stopping it since then, and now it is giving me the above mentioned error message.
This is on SuSe 9.2
|
|
|
03-03-2005, 02:44 PM
|
#2
|
Member
Registered: Jan 2005
Distribution: OpenSuse Tumbleweed
Posts: 288
Rep:
|
I had the same problem awhile back too. Removing the rndc.conf file fixed it. Apparently on of the BIND updates changed the operation of rndc. It seems to now pull the auth info for local host from the named.conf. Very strange, wouldn't believe it if someone told me that...
|
|
|
03-03-2005, 03:09 PM
|
#3
|
LQ Newbie
Registered: Mar 2005
Posts: 5
Original Poster
Rep:
|
removing the rndc.conf file? like not using the conf file at all will fix it? Thats odd. I will have to give it a try during off hours. Thanks.
|
|
|
03-03-2005, 03:18 PM
|
#4
|
Member
Registered: Jan 2005
Distribution: OpenSuse Tumbleweed
Posts: 288
Rep:
|
Quote:
Originally posted by jujuman
removing the rndc.conf file? like not using the conf file at all will fix it? Thats odd. I will have to give it a try during off hours. Thanks.
|
It was very odd. Make a backup before you try it!
|
|
|
03-03-2005, 07:16 PM
|
#5
|
LQ Newbie
Registered: Sep 2004
Posts: 7
Rep:
|
Okay.. heres what happens after removing rndc.conf:
shell#>rndc reload
rndc: connect failed: connection refused
so i ran 'rndc-confgen' and created an new rndc.conf file and modified the named.conf file, and i am now back to square one. any other suggestions?
EDIT: I just realized I was using a different login as my original post.
Last edited by Jerman; 03-03-2005 at 07:18 PM.
|
|
|
03-03-2005, 10:17 PM
|
#6
|
LQ Newbie
Registered: Sep 2004
Posts: 7
Rep:
|
alright.. I solved part of the problem.... The /etc/init.d/named was setting rndc as /usr/local/sbin, but when I was trying to reload i was using /usr/sbin/ rndc. The problem still is that it still doesnt update the zones... i check /var/log/messages and it says loading configuration from '/etc/named.conf'... now Im running bind in a chroot jail, i did create a symlink in /etc/named.conf that points to the /etc in named's chroot... problem is, if rndc is reading named.conf, is it reading it unchrooted, so if it sees /conf in the named.conf file, it thinks its really /conf and not /chroot/named/conf.. i tried creating a symlink from /conf to /chroot/named/conf but that didnt work... Anyone shed some light?
Last edited by Jerman; 03-03-2005 at 10:18 PM.
|
|
|
03-03-2005, 10:46 PM
|
#7
|
LQ Newbie
Registered: Feb 2005
Location: Australia
Distribution: Debian, Reformed Slackwareist
Posts: 20
Rep:
|
Is it possible that when you're editing your zone files you're forgetting to update your serial value?
just a thought..
good luck
Kurt
Last edited by KurtAKARebuild; 03-06-2005 at 08:07 PM.
|
|
|
03-04-2005, 12:08 AM
|
#8
|
LQ Newbie
Registered: Sep 2004
Posts: 7
Rep:
|
Quote:
Originally posted by KurtAKARebuild
Is it possible that when you're editing your zone files you're forgetting to update your serial value?
just a thought..
good luck
Kurt
[KRW Digital www.krwdigital.com]
|
Definitely updating the serial in my zone files.
|
|
|
03-04-2005, 10:02 AM
|
#9
|
LQ Newbie
Registered: Mar 2005
Posts: 5
Original Poster
Rep:
|
the fact that my messages log says that its loading named.conf, tells me its working... i think the problem could be that rndc is reading /etc/named.conf which looks at /conf, which as far as rndc is concerned, should mean /conf, but to named its /chroot/named/conf... is rndc setup where it doesnt give an error if it doesnt find the zone file, it just checks the conf file and tries it but doesnt give an error if the zone file is not found?
|
|
|
All times are GMT -5. The time now is 12:22 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|