LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-24-2003, 04:44 AM   #1
suchi
Member
 
Registered: Nov 2003
Location: india
Posts: 46
Blog Entries: 1

Rep: Reputation: 15
DNS problem rndc: connect failed connection refused error


Hello
I have a problem with DNS on RH 9. I have configured a very small system with just 2 computers , one with RH 9 and another with windows. I have configured the system as follows :
linux system:
domain name : suchi.com
host name : suchin.suchi.com
ip : 10.10.10.1
name server : 10.10.10.1 i.e., suchin.suchi.com
email : root.suchin.suchi.com

I have configured the following files without errors( checked using named-checkzone and named-checkconf )
/var/named/localhost.zone
/var/named/named.root(cache file)
/var/named/suchi.com.zone
/var/named/10.10.10.in-addr.arpa.zone
/var/named/0.0.127.in-addr.arpa.zone
The problem is :
when i type named restart after any configuration changes , i get the following error
rndc: connect failed : connection refused.
I checked the rndc.key and it is the same as that in named.conf
also i checked the resolv.conf and it has the paths for all the hosts.
Would anybody please explain me why i have this problem and how to solve it.
 
Old 12-25-2003, 06:50 PM   #2
meks
Member
 
Registered: Jul 2003
Location: AT, Upper Austria
Posts: 33

Rep: Reputation: 15
is there any named-output in /var/log/messages?

in addition to key "rndc_key" { ... }; you will need a control-section in your named.conf, which is looking something like this:

controls {
inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};

as you can see, this tells rndc where to look for the key and which ips are allowed to use rndc.
 
Old 12-25-2003, 11:14 PM   #3
hookooekoo
LQ Newbie
 
Registered: Dec 2003
Posts: 10

Rep: Reputation: 0
My IT team ran into the same problem setting up a DNS server and it was very frustrating. Unless someone has a solid fix to give I would just start over if it is a new install heh.

The documentation on the web on how to fix this is VERY scarce, and I think it is some kind of bug in RH 9 or something. I tried to follow some steps on the red hat site in using a more secure rndc.key to fix it, but had no success. I spend roughly 4 hours trying to fix it, and eventually started from scratch and had a whole new install and DNS running in 2 hours.

On the second install I made backups of named.conf and relevant rndc files. I made all my entries in named.conf and added all zonefiles before restarting named. After noticing a few typo's in the zone files, I quickly fixed them and restarted named again. I kept restarting named d to an absolute minimum heh.

This does still keep me concerned, and will be on the watch for any fixes and or bugs in case this happens again.
 
Old 12-26-2003, 03:10 AM   #4
sashhoney
Member
 
Registered: Jul 2003
Distribution: Red Hat, Fedora, Debian
Posts: 85

Rep: Reputation: 15
what a co-incedence,
ystrday i got the same prob
but i was able to correct the prob in my case,
well check out the NS entries in each zone file, in my case one of the zone file has a wrong NS and believe me it caused a lot of probs
anyway if it is okay then try deleting all rndc entries and restart server, sometimes rndc keys get corrupted also.
 
Old 12-26-2003, 06:52 AM   #5
suchi
Member
 
Registered: Nov 2003
Location: india
Posts: 46

Original Poster
Blog Entries: 1

Rep: Reputation: 15
Yes,
I tried a new install and got it done. I used just one host(that of the linux box ) for the present. I lined up more after the dns got setup. This helped me avoid a lot of confusion. confirmed it using "dig" and ping.
Well, here, now i want to know whether the only way to connect windows systems to linux domain is using samba server , or can we connect the windows systems to a linux DNS server also. Presently other linux systems can connect to the DNS just setup , but other windows boxes donot seem to recognize the DNS.
 
Old 12-26-2003, 06:55 AM   #6
suchi
Member
 
Registered: Nov 2003
Location: india
Posts: 46

Original Poster
Blog Entries: 1

Rep: Reputation: 15
regarding controls section in the named.conf, i had previously (but unsuccessfully) attmpted all the types of modifications making sure that the same rndc key in named.conf(generated after rndc-confgen) matched the ones in rndc.key file and rndc.conf file. It would never yeild . That is how i thought of a new installation.
 
Old 12-26-2003, 10:31 PM   #7
sashhoney
Member
 
Registered: Jul 2003
Distribution: Red Hat, Fedora, Debian
Posts: 85

Rep: Reputation: 15
ofcource u can connect ur win box to dns.
u need to specify the domain name and the IP add of name server in the n/w settings
one more thing u need to add in the named.conf for this,
add allow-query in the options block , so that dns will reply to the queries from outside

e.g.,
allow-query { 127.0.0.1; 192.168.0.0/24;};
 
Old 08-22-2005, 10:32 AM   #8
swanand_rk
LQ Newbie
 
Registered: Aug 2005
Location: INDIA
Distribution: RedHat Linux 9.0
Posts: 2

Rep: Reputation: 0
Check this URL for the answer
 
Old 08-22-2005, 10:32 AM   #9
swanand_rk
LQ Newbie
 
Registered: Aug 2005
Location: INDIA
Distribution: RedHat Linux 9.0
Posts: 2

Rep: Reputation: 0
Re:

Check this URL for the answer
 
Old 09-22-2005, 11:51 AM   #10
N3gro
LQ Newbie
 
Registered: Sep 2005
Posts: 1

Rep: Reputation: 0
The solution

I was having the same problem with Redhat9 Yesterday , when i was trying to force the
Mail queue , sendmail coldn’t resolve the domain name , the error message was the following

Transient parse error -- message queued for future delivery

then I check the named service status with the following status

Cd /etc/rc.d/init.d ./named status

And the answer of the command was

rndc: connect failed : connection refused


Assuming that was a named missconfiguration problem id check my named.conf file
And the content was this :

------------------------------------------------------------------------------------------------------------------
controls {
inet 192.168.0.4 port 53 allow {
localhost;
};
};

include "/etc/named.custom";

include "/etc/rndc.key";
-------------------------------------------------------------------------------------------------------------------

I’d never input this data at the file , webmin did it , im sure , then I’d restore mi named.conf to this config

------------------------------------------------------------------------------------------------
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

include "/etc/named.custom";

include "/etc/rndc.key";

----------------------------------------------------------------------------------------------------------------------

Still without work , then I remove this line ( assuming a damaged key ):

---------------------------------------------------------------------------------------------------
include "/etc/rndc.key";
---------------------------------------------------------------------------------------------------

And then I’d restart named with this command cd /etc/rc.d/init.d ./named restart

After that I’d check the named status

debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running

And now my sendmail is running without problems ,
Expecting to be helpful , and sorry 4 my spanglish
Leo
 
Old 01-01-2006, 06:17 PM   #11
miahac
LQ Newbie
 
Registered: Jan 2006
Posts: 1

Rep: Reputation: 0
check to see if your /var partition (or whichever partition that your dns records are stored)
is full.

Last edited by miahac; 01-01-2006 at 06:19 PM.
 
Old 04-13-2006, 05:44 AM   #12
aq_mishu
Member
 
Registered: Sep 2005
Location: Bangladesh
Distribution: RH 7.2, 8, 9, Fedora
Posts: 217

Rep: Reputation: 30
Same problem is happening to me... i've tries by commenting both controls {... }; and include "/etc/rndc.key" but relult = 0. now i also don;t know what to do. When rndc having prob, the dns works to resolv but it takes a looooong time to restart named/the whole server.
 
Old 08-19-2006, 08:06 AM   #13
suchi
Member
 
Registered: Nov 2003
Location: india
Posts: 46

Original Poster
Blog Entries: 1

Rep: Reputation: 15
the previous problem was something to do with the OS

same way in which ldap has issues in FC5, this was some problem in the earlier linux. Now everything is fine (NEIF) !
 
Old 05-27-2007, 02:19 AM   #14
Stuart.Allsop
LQ Newbie
 
Registered: May 2007
Location: Santiago, Chile
Distribution: RH
Posts: 2

Rep: Reputation: 0
This might fix it...

I had exactly the same problem, and I've been battling it for days, until I eventually hit on the solution...

I tried everything: I checked all over the Internet, and found many people with the same problem, but few seem to have solved it, and when they do, they don't bother posting the solution!

I found several references to checking the named.conf and rndc.conf files, to make sure they refer to the same key, port and localhost.

I found several other references to checking that named really is listening on port 953.

But I found no references to what is ACTUALLY the problem in many cases: Even though the rndc.key matches in named.conf and rndc.conf, and named really is listening on port 953, none of that helps if iptables is blocking the communications!

In my case, the solution was simple (after beating my head against the wall for three days...)

Just tell iptables to allow your system to talk to itself on port 953!

Like this:

# iptables -I RH-Lokkit-0-50-INPUT -p tcp -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT --dport 953

(In my case, I'm using a firewall configuration that sets up the table "RH-Lokkit-0-50-INPUT": it might be different in your case!!! )

The IP address “127.0.0.1” is, of course, the loopback address for the system itself, and usually has the name “localhost”.

Yeah, it seems rather stupid that you have to specifically allow localhost LOOPBACK address to talk to itself on port 953, but that's exactly what the problem was!

If you want to make this permanent, then find out from where iptables loads its default set of rules at boot time, and insert the following line in your iptables file:

-A RH-Lokkit-0-50-INPUT -p tcp -m tcp -s 127.0.0.1 -d 127.0.0.1 --dport 953 -j ACCEPT

This should probably go in probably from /etc/sysconfig/iptables, but if you are not sure then you can look in the init script that launches iptables, like this:

# more /etc/init.d/iptables

Look for a line that says something like "IPTABLES_CONFIG=/etc/sysconfig/iptables". That will tell you where it loads the default configuration from. That's the file you need to edit, and insert the line above at the appropriate point (before the first “REJECT” rule.

I sure hope this helps someone! I know I would have LOVED to have this info three days ago...
 
Old 05-27-2007, 11:51 AM   #15
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
Guys, RH9 is ancient, and has not been supported in years. It should not be used on a system anymore. In fact, it never should have been used, as it is complete and total crap to begin with.

Check out this thread from the security forum to see if your particular OS is still supported. RH is way out of the picture, and trying to run it on a server is an invitation to be hacked.

http://www.linuxquestions.org/questi...d.php?t=524803

Peace,
JimBass
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind9: NDC command failed : rndc: connect failed: connection refused Boudewijn Linux - Networking 19 01-02-2014 07:19 AM
rndc: connect failed: connection refused jkmartha Linux - Software 0 06-20-2005 01:35 AM
DNS Problem - rndc: connect failed: connection refused krishvij Linux - Newbie 2 04-25-2005 07:40 AM
rndc: connect failed: connection refused Justalk Linux - Software 2 06-28-2004 03:45 PM
rndc: connect failed: connection refused Atroxic Linux - Networking 1 10-24-2003 01:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration