rndc confusion.

Ian Diddams didds2 at excite.com
Thu Mar 11 16:06:29 UTC 2004


Scenario :  sol9, bind 9.2.3, system named t101-nic1, ip x.x.x.x
Requirement : external resolver

I can do it with bind 8, but rndc is causing me so much hassle I can't
make it work under bind 9.  I've read until my eyes bleed but it ain;t
not making not no difference guvnor!

Desperately seeking enlightenment!

Ian

==========================================================================

Rndc.key : 

key "rndc-key" {
        algorithm hmac-md5;
        secret "05BPU+hM5PmE+oPJKVY6vw==";
};


named.conf :

include "/etc/rndc.key";
options {
directory "/var/named";
};

controls {
        inet * allow { localhost; } keys { "rndc-key"; };
};

key "rndc-key" {
                algorithm hmac-md5;
                secret "05BPU+hM5PmE+oPJKVY6vw==";
};

zone "." {
type hint;
file "root.hints";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "127.0.0";
};

127.0.0 :

$TTL    86400
@       IN      SOA     ian.co.uk. root.ian.co.uk. (
                        1 ; Serial
                        28800 ; Refresh
                        7200 ; Retry
                        604800 ; Expire
                        86400) ; Minimum TTL
                NS t101-nic1.

1               PTR     localhost.

Root.hints :

; <<>> DiG 8.1 <<>> @A.ROOT-SERVERS.NET.
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
;; QUERY SECTION:
;; ., type = NS, class = IN

;; ANSWER SECTION:
. 6D IN NS G.ROOT-SERVERS.NET.
. 6D IN NS J.ROOT-SERVERS.NET.
. 6D IN NS K.ROOT-SERVERS.NET.
. 6D IN NS L.ROOT-SERVERS.NET.
. 6D IN NS M.ROOT-SERVERS.NET.
. 6D IN NS A.ROOT-SERVERS.NET.
. 6D IN NS H.ROOT-SERVERS.NET.
. 6D IN NS B.ROOT-SERVERS.NET.
. 6D IN NS C.ROOT-SERVERS.NET.
. 6D IN NS D.ROOT-SERVERS.NET.
. 6D IN NS E.ROOT-SERVERS.NET.
. 6D IN NS I.ROOT-SERVERS.NET.
. 6D IN NS I.ROOT-SERVERS.NET.
. 6D IN NS F.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
G.ROOT-SERVERS.NET. 5w6d16h IN A 192.112.36.4
J.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.10
K.ROOT-SERVERS.NET. 5w6d16h IN A 193.0.14.129
L.ROOT-SERVERS.NET. 5w6d16h IN A 198.32.64.12
M.ROOT-SERVERS.NET. 5w6d16h IN A 202.12.27.33
A.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.4
H.ROOT-SERVERS.NET. 5w6d16h IN A 128.63.2.53
B.ROOT-SERVERS.NET. 5w6d16h IN A 128.9.0.107
C.ROOT-SERVERS.NET. 5w6d16h IN A 192.33.4.12
D.ROOT-SERVERS.NET. 5w6d16h IN A 128.8.10.90
E.ROOT-SERVERS.NET. 5w6d16h IN A 192.203.230.10
I.ROOT-SERVERS.NET. 5w6d16h IN A 192.36.148.17
F.ROOT-SERVERS.NET. 5w6d16h IN A 192.5.5.241

;; Total query time: 215 msec
;; FROM: roke.uio.no to SERVER: A.ROOT-SERVERS.NET. 198.41.0.4
;; WHEN: Sun Feb 15 01:22:51 1998
;; MSG SIZE sent: 17 rcvd: 436

resolv.conf

domain ian.co.uk
nameserver 127.0.0.1
nameserver x.x.x.x


when I try to actually use the service though...

root at t101 # nslookup
Note:  nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead.  Run nslookup
with
the `-sil[ent]' option to prevent this message from appearing.
> www.cisco.com
;; connection timed out; no servers could be reached
> localhost
;; connection timed out; no servers could be reached
> 127.0.0.1
Server:         127.0.0.1
Address:        127.0.0.1#53

1.0.0.127.in-addr.arpa  name = localhost.       

everything points to this rndc thing.


if I restart named the messages file has the following few lines

Mar 11 16:04:42 t101 named[20768]: [ID 873579 daemon.notice] starting
BIND 9.2.3
Mar 11 16:04:42 t101 named[20768]: [ID 873579 daemon.notice] command
channel lis
tening on 0.0.0.0#953         




ian


More information about the bind-users mailing list