format of /etc/rndc.conf
Kevin Darcy
kcd at daimlerchrysler.com
Thu Oct 17 14:53:56 UTC 2002
"Christopher L. Barnard" wrote:
> This may be an odd one. I tried to search the archive, but I may not
> have worded my query correctly.
>
> I am setting up a nameserver (Bind 9.2) for our Disaster site. So a
> server that I am configuring needs to respond to "pprdint3.prices.cbot.com",
> "pprdint3.dr.cbot.com", *and* "pprdint3.cbot.com". In ordinary day-to-day
> work, it responds to both pprdint3.prices and pprdint3.dr; I just have an A
> record in both maps. In case of disaster, It will become our company
> primary nameserver and also will become "pprdint3.cbot.com". I believe I have
> documented the named.conf and bootstrap cache file so that anyone can do
> this in case it is ever needed, but I would like to configure the
> /etc/rndc.conf file so that it does not need to be touched. So right
> now I have as the /etc/rndc.conf file
>
> options {
> default-server pprdint3.dr.cbot.com;
> default-key pprdint3key;
> };
>
> server pprdint3.dr.cbot.com {
> key pprdint3key;
> };
>
> server pprdint3.cbot.com {
> key pprdint3key;
> };
>
> server pprdint3.prices.cbot.com {
> key pprdint3key;
> };
>
> key pprdint3key {
> algorithm hmac-md5;
> secret "xxxxx";
> };
>
> However, when I try to run rndc I get a
> rndc: connect failed: connection refused
> So something above is sufficiently bogus for rndc to refuse to even
> start.
> Is it possible for three "servers" to be allowed to send rndc commands
> and share the same key? If so, what am I doing wrong? Thanks much.
Well, "connection refused" sounds like named isn't listening on port 953. What
are your "controls" and/or "key" configurations in /etc/named.conf? If it were a
key problem, I'd expect a "connection to remote host closed" error instead of
"connection refused".
- Kevin
More information about the bind-users
mailing list