rndc problem
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Sat Feb 16 10:32:54 UTC 2002
Daniel Holden <dholden at idsb.net> wrote:
> Hi
> First, thanks to phn at icke-reklam.ipsec.nu for the pointer to the
> documentation (good stuff). That was a big help. My problem now is that I
> get the following error when running "rndc stats":
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> [root at localhost bin]# /usr/local/sbin/rndc stats
> rndc: connection to remote host closed
> This may indicate that the remote server is using an older version of
> the command protocol, this host is not authorized to connect,
> or the key is invalid.
> [root at localhost bin]#
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> Here is my rndc.conf:
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> # Start of rndc.conf
> key "rndc-key" {
> algorithm hmac-md5;
> secret "same as in rndc.key";
> };
I think you nees to quote hmac-md5 > "hmac-md5"
> options {
> default-key "rndc-key";
> default-server "127.0.0.1";
> default-port 953;
> };
> # End of rndc.conf
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> Here is my rndc.key
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> key "rndc-key" {
> algorithm hmac-md5;
> secret "same as in rndc.conf";
> };
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> Here is what I added to my named.conf
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> key "rndc-key" {
> algorithm hmac-md5;
> secret "same as in rndc.key and rndc.conf";
> };
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; } keys { "rndc-key"; };
> };
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> PS - phn at icke-reklam.ipsec.nu there seems to be some problem with your DNS.
> I tried replying to your address and I got the following error message:
If you examined my signature you would find "remove "icke-reklam" " It's
a spam trap that directs mail to 127.0.0.1
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> ----- The following addresses had permanent fatal errors -----
> <phn at icke-reklam.ipsec.nu>
> (reason: 553 5.3.5 system config error)
> ----- Transcript of session follows -----
> 553 5.3.5 icke-reklam.ipsec.nu. config error: mail loops back to me (MX
> problem?)
> 554 5.3.5 Local configuration error
> ////////////////////////////////////////////////////////////////////////////
> /////////////////////////////////////////////////////////////////////
> Daniel Holden
> dholden at idsb.net
> http://www.idsb.net
--
Peter Håkanson
IPSec Sverige (At the Riverside of Gothenburg, home of Volvo)
Sorry about my e-mail address, but i'm trying to keep spam out.
Remove "icke-reklam" and it works.
More information about the bind-users
mailing list