rndc
Georgeson, Evan [NCSUS Non J&J]
EGeorges at NCSUS.JNJ.COM
Wed Jul 17 15:02:49 UTC 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Here's what's on my box...no 953
UDP: IPv4
Local Address Remote Address State
- -------------------- -------------------- -------
*.42 Idle
*.514 Idle
148.177.2.1.53 Idle
10.28.8.1.53 Idle
*.33951 Idle
*.* Unbound
UDP: IPv6
Local Address Remote Address
State If
- --------------------------------- ---------------------------------
- ---------- -----
*.33951
Idle
TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q
State
- -------------------- -------------------- ----- ------ ----- ------
- -------
*.* *.* 0 0 24576 0
IDLE
*.21 *.* 0 0 24576 0
LISTEN
*.23 *.* 0 0 24576 0
LISTEN
*.22 *.* 0 0 24576 0
LISTEN
148.177.2.1.53 *.* 0 0 24576 0
LISTEN
10.28.8.1.53 *.* 0 0 24576 0
LISTEN
10.28.8.1.23 10.28.9.254.60840 16279 0 24840 0
ESTABLISHED
10.28.8.1.23 10.28.9.254.61012 16443 1 24840 0
ESTABLISHED
*.* *.* 0 0 24576 0
IDLE
TCP: IPv6
Local Address Remote Address
Swind Send-Q Rwind Recv-Q State If
- --------------------------------- ---------------------------------
- ----- ------ ----- ------ ----------- -----
*.* *.*
0 0 24576 0 IDLE
*.21 *.*
0 0 24576 0 LISTEN
*.23 *.*
0 0 24576 0 LISTEN
- -----Original Message-----
From: Kevin Darcy [mailto:kcd at daimlerchrysler.com]
Sent: Wednesday, July 17, 2002 10:57 AM
To: BIND Users (bind-users at isc.org)
Subject: Re: rndc
"Georgeson, Evan [NCSUS Non J&J]" wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Okay, this will probably draw some critcism but here goes....I'm
> trying to get rndc to work on 9.1.3. From what I can gather from
> DNS/BIND, as a minimum I need info in both my named.conf and a file
> called rndc.conf. Here's what I've tried to do. Please feel free
> to comment on areas where I should fix because I keep getting
> "connection refused" errors when running rndc.
>
> * Create a key pair # dnssec-keygen -a hmac-md5 -b 512 -n
> host rndc.key
> * Rename the generated key/private files created by
> dnssec-keygen to "rndc.key" and "rndc.private". I also relocated
> these files to /etc. * Modified my named.conf with the
> following:
> include "/etc/rndc.key";
> };
> controls {
> inet * allow {any;} keys {"rndc.key";};
> };
>
> key "rndc.key" {
> algorithm hmac-md5;
> secret
> "yS5NyCsVKZGc/G/8D5p0dtVyZnbbugZbxnOTHr1aXt1GH6Kk8A17dVe9
> svk9HFyE81oKjJrKboyilekmVYfznA==";
> };
> * Created /etc/rndc.conf and added the following:
> options {
> default-server localhost;
> default-key "rndc.key";
> };
>
> key "rndc.key" {
> algorithm hmac-md5;
> secret
> "yS5NyCsVKZGc/G/8D5p0dtVyZnbbugZbxnOTHr1aXt1GH6Kk8A17dVe9
> svk9HFyE81oKjJrKboyilekmVYfznA==";
> };
>
> The contents of my rndc.key is this:
>
> rndc.key. IN KEY 512 3 157
> yS5NyCsVKZGc/G/8D5p0dtVyZnbbugZbxnOTHr1aXt1GH6Kk8A17dVe9
> svk9HFyE81oKjJrKboyilekmVYfznA==
>
> What am I doing wrong? It seems basic that I should want to be able
> to run rndc just like ndc. This is a caching server and requires
> no zone signing nor do I require encryption of any sort. I just
> want to be able to run cache dumps and stats and all the fun
> little things like that. Thank you in advance for any constructive
> criticism you can provide.
Do you seen anything listening on port 953?
Are there any relevant error messages in your logs?
- - Kevin
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBPTWHf2cmEMqSL6AwEQJv3wCg+Q66T+INPUnbYO1v5ZP0/R0pn6gAn1/C
nGG/YDn7bJn6ZL0qFm76CcIR
=EAd2
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list