BIND rndc problem

Kevin Darcy kcd at daimlerchrysler.com
Fri Aug 8 23:33:58 UTC 2003


Mike Kinzie wrote:

> Hi,
>  I "think" my problem is that the SOA when I " dig any mydomain" brings up
> my IP's or secondary name server's address rather than mine ie: my.ip's.
> domain.   hostmaster.my.ip's.domain.

I'm not sure what you mean by this. Do you literally mean there's an IP address
there? If so, then apparently you accidentally used IP addresses in your
SOA record instead of names.

> I can ping my domain from a web browser site but not when I am logged on via
> a terminal

I asked you earlier whether your machine was configured to resolve names via
DNS. I don't think you've answered that yet.

> I have gone over and over the named.conf and zone files but have not found
> the problem.
> the syntax via named-checkzone comes up fine.
>
> Could this be the main reason with the "localhost" referring to my ip's
> address rather than my machine's?

Seems more and more like your machine is not configured to use DNS for name
resolution.

See http://www.europe.redhat.com/documentation/man-pages/man5/nsswitch.5.php3


- Kevin

> "Kevin Darcy" <kcd at daimlerchrysler.com> wrote in message
> news:bgufgb$1rjg$1 at sf1.isc.org...
> > Mike Kinzie wrote:
> >
> > > hello,
> > > I have Redhat 8 with BIND 9.2.1
> > > rndc has stopped working and I cannot ping my domain or 127.0.01
> > > I have checked my /va/log/messages and found the following with regard
> to
> > > the named server startup on a reboot:
> > >
> > > -couldn't find rndc key for use with command channel: 127.0.0.1#953
> > > I have the following in named.conf:
> > >
> > > controls {
> > >         inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
> > > };
> > >
> > > all the zone files loaded okay.
> > >
> > > I do not understand the command channel and how to correct the rndc
> failure.
> >
> > The BIND 9 documentation tells how to set up rndc. Basically you need to
> > generate a key.
> >
> > The failure to set up an rndc channel shouldn't have any direct
> relationship to
> > your inability to resolve names, though. Although it's encouraging that
> you are
> > looking in the log file for error messages (so many people forget that
> step) do
> > you have any other information about that problem beyond "I cannot ping my
> > domain or 127.0.01" and "all the zone files loaded okay"? Have you tried
> > querying the nameserver with a DNS lookup tool like "dig"? Is your machine
> even
> > configured to use DNS for name resolution? If you turn on query logging,
> do you
> > see the query attempts being logged? Does a "netstat" show anything
> listening
> > on port 53?
> >
> >
> > - Kevin
> >
> >
> >
> >



More information about the bind-users mailing list