bind9 named.conf, named.boot, rndc.conf samples

Ian Downard itd at ece.umr.edu
Wed Mar 28 22:24:53 UTC 2001



I'm trying to set up bind-9.1, caching only, on a LAN with only two
computers. Their hostnames and ip addrs are:
  10.1.1.3 - spike.bebop.edu   <-- master server
  10.1.1.2 - ed.bebop.edu
(both machines are running Red Hat linux 6.0, kernel 2.2.17)

This was working fine with bind-8.2, but because my server was compromised
via bind-8.2 vulnerabilies, I'm upgrading.

So far I've been unsuccessful configuring rndc so I can reload
configurations and zones.  Here is my precise error:
  [root at spike bin]# named -p 53
  [root at spike bin]# rndc -p 53 -s 10.1.1.3 reload 
  rndc: connect: unexpected error

Can someone mail me a sample named.conf, named.boot, and rndc.conf that
they know works with bind9 and think might be useful to me?

Thanks a lot for any help.
-Ian



I've included my versions of those files below, but I expect they aren't
configured properly.

------------------------------named.boot------------------------------
;
; a caching only nameserver config
;
directory                              /var/named
cache           .                      named.ca
primary         0.0.127.in-addr.arpa   named.local


------------------------------named.conf------------------------------
// generated by named-bootconf.pl and modified by Ian Downard

key iankey {
  algorithm hmac-md5;
  secret "qoDCVaqZbcrPRcnrB0gHTA==";
};

options {
	directory "/var/named";
};

controls {
    inet 127.0.0.1 allow { localhost; } keys { iankey; };
};

zone "." {
	type hint;
	file "root.hints";
};

zone "0.0.127.in-addr.arpa" {
	type master;
	file "/var/named/zone/127.0.0";
};

zone "bebop.edu" {
        type master;
        notify no;
        file "/var/named/zone/bebop.edu";
};

// reverse zones
zone "1.1.10.in-addr.arpa" {
        type master;
        notify no;
        file "/var/named/zone/10.1.1";
};


------------------------------rndc.conf-------------------------------
// generated by Ian Downard based off of the rndc.conf.5 man page

options {
    default-server localhost;
    default-key    iankey;
};

server localhost {
    key     iankey;
};

key iankey {
    algorithm hmac-md5;
    secret "qoDCVaqZbcrPRcnrB0gHTA==";
};





More information about the bind-users mailing list