/var/run/ndc conflict on split DNS server?

Joseph S D Yao jsdy at cospo.osis.gov
Mon Dec 11 20:04:49 UTC 2000


On Sun, Dec 10, 2000 at 11:37:10PM -0700, Bob Proulx wrote:
> I have configured a split DNS server.  Two processes running on the
> same machine but with different configuration files.  One server
> internal 192.168.* addresses and an external one that serves real
> addresses.  All seems well in general.  But I have a problem I would
> like to work out.
> 
> It seems that named is compiled to use /var/run/ndc for the control
> socket.  When two of them are started on the same machine there is a
> conflict.
> 
> Dec 10 22:27:12 tesuji named[10602]: ctl_server: bind: /var/run/ndc: Address already in use
> 
> In ns_ctl.c:
> 	ns_ctl_add(list, ns_ctl_new_unix(_PATH_NDCSOCK, 0600, 0, 0));
> 
> If I understand the architecture correctly there is no way to change
> this dynamically but only through the compile time macro.  I expect I
> need to compile all components, ndc and named both, to remove this
> conflict by renaming one of them to a different name.  But that means
> running two different copies of the binaries with only this path as a
> specialization.  It would be nice to run the same binary for both
> processes.  I am running bind 8.2.3-T9B.

I am happy to say that you are incorrect in your understanding.

In the different named.conf files for the two, you can have different
controls definitions for the 'ndc' interface:

THE CONTROLS STATEMENT
   Syntax

     controls {
       [ inet ip_addr
         port ip_port
         allow { address_match_list; }; ]
       [ unix path_name
         perm number
         owner number
         group number; ]
     };

   Definition and Usage

     The controls statement declares control channels to be used by
     system administrators to affect the operation of the local name
     server.  These control channels are used by the ndc utility to
     send commands to and retrieve non-DNS results from a name server.

[Or you could leave one as default and change the other.]

You would then have to tell 'ndc' what the correct control channel is
for the appropriate controls{}; statement:

SYNOPSIS
     ndc [-c channel] [-l localsock] [-p pidfile] [-d] [-q] [-s] [-t]
         [command]

-- 
Joe Yao				jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.



More information about the bind-users mailing list