remote rndc server administration; Please Help!

Barry Margolin barmar at alum.mit.edu
Tue Apr 27 19:56:49 UTC 2004


In article <c6mbo6$1jt5$1 at sf1.isc.org>,
 jshaboo at hotmail.com (joe shaboo) wrote:

> Hi,
> 
> I have a problem which has been plaguing me for a while.
> 
> I have a master server (ns1) which I can run rndc reload locally on,
> and it works, no problem. I have a slave server (ns2) which I can run
> rndc reload locally, and it works.
> 
> What I would like to do, is run rndc -y ns2-key -s ns2.domain.com
> reload from the master, for the slave. This would be a huge help.
> 
> I have configured my rndc.keys correctly, or at least they appear to
> be correct. This key is on both ns1 and ns2.
> 
> key "ns2-key" {
>    algorithm hmac-md5;
>    secret "xxxxx";
> };
> In my etc/named.conf on ns2 I have the following
> 
> controls {
>    inet 127.0.0.1 port 953
>          allow  { 127.0.0.1; ip of ns1; ip of ns2; }
>          keys  { "ns1-key"; };
> };

127.0.0.1 is the loopback address -- it can only be reached from the 
same machine.  You need to set up a control channel on the address of 
the machine's NIC so that it can accept remote commands.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***


More information about the bind-users mailing list