Can't get rndc working - rndc: connect: connection refused
George Young
gyoung at gldata.com
Mon Nov 19 13:01:33 UTC 2001
I found a reference in the book - Linux DNS Server Administration by Craig
Hunt -
on pg 270 he says:
"the key statement precedes any reference to the key identifier. This is
necessary. name.conf does not allow forward references. Place the key
statement before any other configuration command that references it.
------------------------------------------------------------------
I believe that you have to specify the key before you use it.
The key statement needs to before the control statement in named.conf and
the first statement in the rndc.cfg file.
I vaguely remember this, or made it up in my sleep, but try it.
George Young / G-L Data, Inc / Morristown, NJ
<-----Original Message-----
<From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
<Behalf Of John Oliver
<Sent: Thursday, November 15, 2001 7:39 PM
<To: comp-protocols-dns-bind at moderators.isc.org
<Subject: Can't get rndc working - rndc: connect: connection refused
<
<
<
<I've been going back and forth between this group, Google, and
<the admin
<guide http://www.ipsec.nu/dns/bind9/Bv9ARM.ch04.html#AEN912 and just
<can't get it to work.
<
<named.conf:
<
<options {
< directory "/var/named";
<};
<
<controls {
< inet 127.0.0.1 allow { localhost; } keys { "key"; };
<};
<
<key "key" {
< algorithm hmac-md5;
< secret
<"ffOWZgpgvSkgQO0zMkzDIHELyQsKqNGBLcjVwWxpUEEkQECTtgTFnbSqdMXh";
<};
<
<
<
<rndc.conf:
<
<options {
< default-server localhost;
< default-key "key";
<};
<
<server localhost {
< key "key";
<};
<
<key "key" {
< algorithm hmac-md5;
< secret
<"ffOWZgpgvSkgQO0zMkzDIHELyQsKqNGBLcjVwWxpUEEkQECTtgTFnbSqdMXh";
<};
<
<
<
<I've tried removing/adding quotes, moving things around, etc. Keep
<getting rndc: connect: connection refused no matter what.
<
<Bind9 is weird... :-)
<
<--
<John Oliver
<System Administrator
<hosting.com, an Allegiance Telecom company
<mailto:john.oliver at hosting.com
<(858) 637-3600
<http://www.hosting.com/
<
<
More information about the bind-users
mailing list