DNS problem rndc: connect failed connection refused error
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
DNS problem rndc: connect failed connection refused error
Hello
I have a problem with DNS on RH 9. I have configured a very small system with just 2 computers , one with RH 9 and another with windows. I have configured the system as follows :
linux system:
domain name : suchi.com
host name : suchin.suchi.com
ip : 10.10.10.1
name server : 10.10.10.1 i.e., suchin.suchi.com
email : root.suchin.suchi.com
I have configured the following files without errors( checked using named-checkzone and named-checkconf )
/var/named/localhost.zone
/var/named/named.root(cache file)
/var/named/suchi.com.zone
/var/named/10.10.10.in-addr.arpa.zone
/var/named/0.0.127.in-addr.arpa.zone
The problem is :
when i type named restart after any configuration changes , i get the following error
rndc: connect failed : connection refused.
I checked the rndc.key and it is the same as that in named.conf
also i checked the resolv.conf and it has the paths for all the hosts.
Would anybody please explain me why i have this problem and how to solve it.
My IT team ran into the same problem setting up a DNS server and it was very frustrating. Unless someone has a solid fix to give I would just start over if it is a new install heh.
The documentation on the web on how to fix this is VERY scarce, and I think it is some kind of bug in RH 9 or something. I tried to follow some steps on the red hat site in using a more secure rndc.key to fix it, but had no success. I spend roughly 4 hours trying to fix it, and eventually started from scratch and had a whole new install and DNS running in 2 hours.
On the second install I made backups of named.conf and relevant rndc files. I made all my entries in named.conf and added all zonefiles before restarting named. After noticing a few typo's in the zone files, I quickly fixed them and restarted named again. I kept restarting named d to an absolute minimum heh.
This does still keep me concerned, and will be on the watch for any fixes and or bugs in case this happens again.
what a co-incedence,
ystrday i got the same prob
but i was able to correct the prob in my case,
well check out the NS entries in each zone file, in my case one of the zone file has a wrong NS and believe me it caused a lot of probs
anyway if it is okay then try deleting all rndc entries and restart server, sometimes rndc keys get corrupted also.
Yes,
I tried a new install and got it done. I used just one host(that of the linux box ) for the present. I lined up more after the dns got setup. This helped me avoid a lot of confusion. confirmed it using "dig" and ping.
Well, here, now i want to know whether the only way to connect windows systems to linux domain is using samba server , or can we connect the windows systems to a linux DNS server also. Presently other linux systems can connect to the DNS just setup , but other windows boxes donot seem to recognize the DNS.
regarding controls section in the named.conf, i had previously (but unsuccessfully) attmpted all the types of modifications making sure that the same rndc key in named.conf(generated after rndc-confgen) matched the ones in rndc.key file and rndc.conf file. It would never yeild . That is how i thought of a new installation.
ofcource u can connect ur win box to dns.
u need to specify the domain name and the IP add of name server in the n/w settings
one more thing u need to add in the named.conf for this,
add allow-query in the options block , so that dns will reply to the queries from outside
I was having the same problem with Redhat9 Yesterday , when i was trying to force the
Mail queue , sendmail coldn’t resolve the domain name , the error message was the following
Transient parse error -- message queued for future delivery
then I check the named service status with the following status
Cd /etc/rc.d/init.d ./named status
And the answer of the command was
rndc: connect failed : connection refused
Assuming that was a named missconfiguration problem id check my named.conf file
And the content was this :
Still without work , then I remove this line ( assuming a damaged key ):
---------------------------------------------------------------------------------------------------
include "/etc/rndc.key";
---------------------------------------------------------------------------------------------------
And then I’d restart named with this command cd /etc/rc.d/init.d ./named restart
After that I’d check the named status
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running
And now my sendmail is running without problems ,
Expecting to be helpful , and sorry 4 my spanglish
Leo
Same problem is happening to me... i've tries by commenting both controls {... }; and include "/etc/rndc.key" but relult = 0. now i also don;t know what to do. When rndc having prob, the dns works to resolv but it takes a looooong time to restart named/the whole server.
I had exactly the same problem, and I've been battling it for days, until I eventually hit on the solution...
I tried everything: I checked all over the Internet, and found many people with the same problem, but few seem to have solved it, and when they do, they don't bother posting the solution!
I found several references to checking the named.conf and rndc.conf files, to make sure they refer to the same key, port and localhost.
I found several other references to checking that named really is listening on port 953.
But I found no references to what is ACTUALLY the problem in many cases: Even though the rndc.key matches in named.conf and rndc.conf, and named really is listening on port 953, none of that helps if iptables is blocking the communications!
In my case, the solution was simple (after beating my head against the wall for three days...)
Just tell iptables to allow your system to talk to itself on port 953!
(In my case, I'm using a firewall configuration that sets up the table "RH-Lokkit-0-50-INPUT": it might be different in your case!!! )
The IP address “127.0.0.1” is, of course, the loopback address for the system itself, and usually has the name “localhost”.
Yeah, it seems rather stupid that you have to specifically allow localhost LOOPBACK address to talk to itself on port 953, but that's exactly what the problem was!
If you want to make this permanent, then find out from where iptables loads its default set of rules at boot time, and insert the following line in your iptables file:
This should probably go in probably from /etc/sysconfig/iptables, but if you are not sure then you can look in the init script that launches iptables, like this:
# more /etc/init.d/iptables
Look for a line that says something like "IPTABLES_CONFIG=/etc/sysconfig/iptables". That will tell you where it loads the default configuration from. That's the file you need to edit, and insert the line above at the appropriate point (before the first “REJECT” rule.
I sure hope this helps someone! I know I would have LOVED to have this info three days ago...
Guys, RH9 is ancient, and has not been supported in years. It should not be used on a system anymore. In fact, it never should have been used, as it is complete and total crap to begin with.
Check out this thread from the security forum to see if your particular OS is still supported. RH is way out of the picture, and trying to run it on a server is an invitation to be hacked.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.