rndc problem

Dino Nardini dino at rivendellsoftware.com
Sat Aug 7 15:35:18 UTC 2004 

I've been using bind for dns services on my primary and backup servers for 
years now, although it's been a while since I manually configured the 
files.  I've been using the linuxconf admin tool to maintain the zone 
lists.  Also keep in mind that I've been using bind 9.2.1 on a RH 7.2 box, 
and I've never really had to deal with rndc or bind-chroot until yesterday.

I installed FC2 from iso images and initially accepted the default 
install.  I plan to use this test box as a secondary dns only, and it was 
only after I started adding secondary domain information that I noticed it 
wasn't polling the main dns.  I tried forcing a zone update, and then 
discovered the command channel problem.  I removed bind* and 
caching-nameserver, and reinstalled with yum, but ran into the same problems.

Yes, I do have a firewall configured with iptables, and I tried opening 
port 953 to localhost, but still could not get rndc to open a command 
channel with bind-chroot installed.  Are there any other ports that I must 
open for bind-chroot?

I've gone over the named.conf and rndc.conf files in detail, many times, 
and everything checks out fine.  Also considering that it works fine 
without bind-chroot installed indicates no problem with the key information.

I've narrowed the problem down to bind-chroot configuration, and am open to 
suggestions at this point.  I've thought that it might be a firewall issue, 
however I did open port 953 without success... perhaps another port I'm 
overlooking?

Without bind-chroot installed:

$ netstat -tualpen | grep 953
tcp 0 0 127.0.0.1#953 0.0.0.0:* LISTEN 25 5068 2185/named

Cheers and thanks... Dino


At 05:02 PM 07/08/2004 +0200, you wrote:
>In your first posting you said you configured bind, now you are saying
>it did not work already with the default setup coming right after
>installation. It can't be both the case. So I asked for your specific
>configuration.
>
>$ netstat -tualpen | grep 953
>tcp        0      0 127.0.0.1:953           0.0.0.0:*
>LISTEN      25         9726       3736/named
>
>Running fine in chrooted mode, with default configuration as well after
>my customization. Did you remove the rndc key entry in
>/var/named/chroot/etc/named.conf? Any iptables rules active? You may
>read the bind documentation first, because DNS is a serious, essential
>service and proper working is needed for a lot of other things.
>
>Alexander
>
>
>--
>Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
>Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.7-1.494.2.2smp
>Serendipity 16:54:46 up 3 days, 10:22, load average: 0.05, 0.05, 0.06
>
>--
>fedora-list mailing list
>fedora-list at redhat.com
>To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

_____________________________________
Rivendell Software - Dynamic Web Solutions
http://www.rivendellsoftware.com
Tel 902.461.1697
Fax 902.461.3765

More information about the fedora-list mailing list