/var/run/ndc conflict on split DNS server?
Joseph S D Yao
jsdy at cospo.osis.gov
Mon Dec 11 20:04:49 UTC 2000
On Sun, Dec 10, 2000 at 11:37:10PM -0700, Bob Proulx wrote:
> I have configured a split DNS server. Two processes running on the
> same machine but with different configuration files. One server
> internal 192.168.* addresses and an external one that serves real
> addresses. All seems well in general. But I have a problem I would
> like to work out.
>
> It seems that named is compiled to use /var/run/ndc for the control
> socket. When two of them are started on the same machine there is a
> conflict.
>
> Dec 10 22:27:12 tesuji named[10602]: ctl_server: bind: /var/run/ndc: Address already in use
>
> In ns_ctl.c:
> ns_ctl_add(list, ns_ctl_new_unix(_PATH_NDCSOCK, 0600, 0, 0));
>
> If I understand the architecture correctly there is no way to change
> this dynamically but only through the compile time macro. I expect I
> need to compile all components, ndc and named both, to remove this
> conflict by renaming one of them to a different name. But that means
> running two different copies of the binaries with only this path as a
> specialization. It would be nice to run the same binary for both
> processes. I am running bind 8.2.3-T9B.
I am happy to say that you are incorrect in your understanding.
In the different named.conf files for the two, you can have different
controls definitions for the 'ndc' interface:
THE CONTROLS STATEMENT
Syntax
controls {
[ inet ip_addr
port ip_port
allow { address_match_list; }; ]
[ unix path_name
perm number
owner number
group number; ]
};
Definition and Usage
The controls statement declares control channels to be used by
system administrators to affect the operation of the local name
server. These control channels are used by the ndc utility to
send commands to and retrieve non-DNS results from a name server.
[Or you could leave one as default and change the other.]
You would then have to tell 'ndc' what the correct control channel is
for the appropriate controls{}; statement:
SYNOPSIS
ndc [-c channel] [-l localsock] [-p pidfile] [-d] [-q] [-s] [-t]
[command]
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list