Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello, everyone!...
I have got little problem with bind9 in ubuntu...
When I try to stop bind server it generates
errors that looks like this:
Code:
* Stopping domain name service... bind
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not syncronized, or
* the key is invalid.
It starts normally, without any error or such a thing, but
when I try to change something in the bind9 from webmin
and try to apply changes this error pops up...
Does anyone know what could be the reason?...
Thanks anyway...
This error message is the result of a disagreement between the (client) program rndc trying to control the daemon named and the daemon itself. In the configuration file /etc/named.conf, you will find some lines like this:
In the corresponding file for rndc, /etc/rndc.conf, you should have a corresponding key defined, and that key name should appear in the "server" configuration block. (The key name does not have to be the same as the key-name in /etc/named.conf, but inside /etc/rndc.conf the key used in the server block and the key defined with that name must produce the same secret that is used by named.)
The two secrets should be the same. This is the basis of the "shared-secret" encryption that is used by the Bind9 named to assure itself that a (remotely-received) command is legitimate.
You can choose to alter either the /etc/named.conf file or the /etc/rndc.conf file; I would probably choose the latter, so that I did not have to reload (or restart) named. Once these two configurations are brought into sync, the error messages you reported should stop appearing.
I have generated secret key using rndc-confgen utitily and changed both rndc.conf and named.conf files but the error message still doesn't go anywhere...
Still the same, I've no idea what should I do?.....
Any Ideas?... Thanks anyway.
Well, I guess we will have to go back to the initial error message and eliminate some other possibilities. It enumerated 4 choices:
1. control protocol version mismatch (I guess this is not the problem, since you have a recent version of Ubuntu, and the protocol version changed quite a while ago);
2. clocks are not synchronized (not a problem if your webmin and the named daemon are on the same machine);
3. the key is invalid (we just eliminated that);
4. this host is not authorized to connect.
This last possibility can be checked by examining /etc/named.conf again. There should be a block that looks something like this:
This configuration block tells named to listen only on the loopback interface port 953 (the default) for control messages, and to accept them only from a local controller (speaking on 127.0.0.1) who knows the rndc-key.
Perhaps this will finally make those messages go away.
Almost exactly the same as yours...
The only difference between your code and this is the quotes around the rndc-key in control segment... Could it be the reason?...
I cannot find a definitive statement in the BIND9 documentation; my config files do not contain quotes around the key identifier in either spot. See if it works without them for you, too.
dkm999
No!...
It does not work...
Damn, I do not understand what should be the reason...
Also I have another problem with rebooting the system (the main problem)...
Actually system can't reboot, when I type command reboot
system starts to do it and shuts down every service including
apache, bind9, ftp, ssh too but doesn't reboot...
I couldn't understand what was going on and went to the server room...
I saw that system can't umount /var directory which contains
most server softwares... I also tried to reboot using CTRL + ALT + DELETE
but nothing... Still the same, system is paused and waits for unknown things...
The only chance to reboot the system is to press the RESET button on the machine...
I have checked every service that use /var directory and saw that everything
works just fine except this bind9 problem (which is not actually the problem,
because it start fine but has problems with stopping)...
I really appreciate you help and thank for trying to help me...
Have you got some idea what can be the problem?... Mr. C.
Can you tell me how to check?...
Examine your startup script to see how bind is being started.
Look to see if you a /var/chroot/{bind,named}.
You can also look at the proc interface; ls -l /proc/PROCID/root, replacing PROCID with the PID of your named process.
[ please edit your first post, and trim the excessive whitespace that creates the long line and screws up the width of all these posts. ]
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.