FW: bind9 questions
Maximo Ramos
maximo at violadores.org
Thu Mar 1 16:27:36 UTC 2001
Hi!!
I haven't tried that "null key", but keep in mind that you may need
three statements in /etc/rndc.conf
How about adding a:
server localhost {
key rndc_key;
};
hope that helps .....
On Thu, Mar 01, 2001 at 10:00:24AM -0600, Timothy.Moseley at hurlburt.af.mil wrote:
>
>
> Okay, now we are getting somewhere, if all I need to do is add a key
> statement to my named.conf file that is empty then I will give that a try,
> the manuals do not state that you can use a null value in the key statement.
> I do not have to worry about anybody on my network running rndc, that is
> what the OSI and FBI are for. I will try the null thing and let you know if
> it works.
>
> NOPE.
> So I guess w/out the key bind9 does not work.
>
> Then again this is the response I get now when I do the rndc reload command
>
> rndc reload
> rndc: connect: connection refused
>
> Here is my rndc.conf file as it appears now:
>
> key rndc_key {
> algorithm "hmac-md5";
> secret " ";
> };
>
> options {
> default-server localhost;
> default-key rndc_key;
> };
>
> Here is my named.conf as it appears now:
>
> / generated by named-bootconf.pl
>
>
> acl localhost {
> primary_internal_dns;
> };
> controls {
> inet localhost allow { 127.0.0.1; } keys { rndc_key; };
> key rndc_key { };
>
> options {
> directory "/var/named";
> pid-file "/usr/local/etc/named.pid";
> auth-nxdomain yes;
> statistics-file "/var/named/stats";
> transfer-format many-answers;
> transfer-source primary_internal_dns;
> forward only;
> forwarders {
> internal firewall IP's;
> };
> allow-transfer { none; };
> };
>
> Anybody have a guess?
--
----------------------------------------------------
Maximo Ramos
More information about the bind-users
mailing list