rndc problem
Dino Nardini
dino at rivendellsoftware.com
Sat Aug 7 15:35:18 UTC 2004
I've been using bind for dns services on my primary and backup servers for
years now, although it's been a while since I manually configured the
files. I've been using the linuxconf admin tool to maintain the zone
lists. Also keep in mind that I've been using bind 9.2.1 on a RH 7.2 box,
and I've never really had to deal with rndc or bind-chroot until yesterday.
I installed FC2 from iso images and initially accepted the default
install. I plan to use this test box as a secondary dns only, and it was
only after I started adding secondary domain information that I noticed it
wasn't polling the main dns. I tried forcing a zone update, and then
discovered the command channel problem. I removed bind* and
caching-nameserver, and reinstalled with yum, but ran into the same problems.
Yes, I do have a firewall configured with iptables, and I tried opening
port 953 to localhost, but still could not get rndc to open a command
channel with bind-chroot installed. Are there any other ports that I must
open for bind-chroot?
I've gone over the named.conf and rndc.conf files in detail, many times,
and everything checks out fine. Also considering that it works fine
without bind-chroot installed indicates no problem with the key information.
I've narrowed the problem down to bind-chroot configuration, and am open to
suggestions at this point. I've thought that it might be a firewall issue,
however I did open port 953 without success... perhaps another port I'm
overlooking?
Without bind-chroot installed:
$ netstat -tualpen | grep 953
tcp 0 0 127.0.0.1#953 0.0.0.0:* LISTEN 25 5068 2185/named
Cheers and thanks... Dino
At 05:02 PM 07/08/2004 +0200, you wrote:
>In your first posting you said you configured bind, now you are saying
>it did not work already with the default setup coming right after
>installation. It can't be both the case. So I asked for your specific
>configuration.
>
>$ netstat -tualpen | grep 953
>tcp 0 0 127.0.0.1:953 0.0.0.0:*
>LISTEN 25 9726 3736/named
>
>Running fine in chrooted mode, with default configuration as well after
>my customization. Did you remove the rndc key entry in
>/var/named/chroot/etc/named.conf? Any iptables rules active? You may
>read the bind documentation first, because DNS is a serious, essential
>service and proper working is needed for a lot of other things.
>
>Alexander
>
>
>--
>Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
>Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.7-1.494.2.2smp
>Serendipity 16:54:46 up 3 days, 10:22, load average: 0.05, 0.05, 0.06
>
>--
>fedora-list mailing list
>fedora-list at redhat.com
>To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
_____________________________________
Rivendell Software - Dynamic Web Solutions
http://www.rivendellsoftware.com
Tel 902.461.1697
Fax 902.461.3765
More information about the fedora-list
mailing list