remote rndc server administration; Please Help!

joe shaboo jshaboo at hotmail.com
Tue Apr 27 15:32:26 UTC 2004


Hi,

I have a problem which has been plaguing me for a while.

I have a master server (ns1) which I can run rndc reload locally on,
and it works, no problem. I have a slave server (ns2) which I can run
rndc reload locally, and it works.

What I would like to do, is run rndc -y ns2-key -s ns2.domain.com
reload from the master, for the slave. This would be a huge help.

I have configured my rndc.keys correctly, or at least they appear to
be correct. This key is on both ns1 and ns2.

key "ns2-key" {
   algorithm hmac-md5;
   secret "xxxxx";
};
In my etc/named.conf on ns2 I have the following

controls {
   inet 127.0.0.1 port 953
         allow  { 127.0.0.1; ip of ns1; ip of ns2; }
         keys  { "ns1-key"; };
};


In my rndc.conf file, I have the
key "ns1-key" {
   algorithm hmac-md5;
   secret "xxxxx";
};

key "ns2-key" {
   algorithm hmac-md5;
   secret "xxxxx";
};


server ip.of.ns2 {key "ns2-key";};

options {
   default-key "ns1-key";
   default-server 127.0.0.1;
   default-port  953;
}

The keys for ns1 and ns2 are the same, so the fact that I have the
ns1-key shouldn't matter, should it?

When I run rndc -y ns1-key (or ns2-key) -s ns2.domain.com  (or the ip
address) reload

I get a rndc: connect failed: connection refused

Can someone help me out with this please? I am sure it is something
simple that I am missing but for the life of me, can not get this to
work.

Thanks,

Joe


More information about the bind-users mailing list