rndc confusion.
Ian Diddams
didds2 at excite.com
Thu Mar 11 16:06:29 UTC 2004
Scenario : sol9, bind 9.2.3, system named t101-nic1, ip x.x.x.x
Requirement : external resolver
I can do it with bind 8, but rndc is causing me so much hassle I can't
make it work under bind 9. I've read until my eyes bleed but it ain;t
not making not no difference guvnor!
Desperately seeking enlightenment!
Ian
==========================================================================
Rndc.key :
key "rndc-key" {
algorithm hmac-md5;
secret "05BPU+hM5PmE+oPJKVY6vw==";
};
named.conf :
include "/etc/rndc.key";
options {
directory "/var/named";
};
controls {
inet * allow { localhost; } keys { "rndc-key"; };
};
key "rndc-key" {
algorithm hmac-md5;
secret "05BPU+hM5PmE+oPJKVY6vw==";
};
zone "." {
type hint;
file "root.hints";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "127.0.0";
};
127.0.0 :
$TTL 86400
@ IN SOA ian.co.uk. root.ian.co.uk. (
1 ; Serial
28800 ; Refresh
7200 ; Retry
604800 ; Expire
86400) ; Minimum TTL
NS t101-nic1.
1 PTR localhost.
Root.hints :
; <<>> DiG 8.1 <<>> @A.ROOT-SERVERS.NET.
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
;; QUERY SECTION:
;; ., type = NS, class = IN
;; ANSWER SECTION:
. 6D IN NS G.ROOT-SERVERS.NET.
. 6D IN NS J.ROOT-SERVERS.NET.
. 6D IN NS K.ROOT-SERVERS.NET.
. 6D IN NS L.ROOT-SERVERS.NET.
. 6D IN NS M.ROOT-SERVERS.NET.
. 6D IN NS A.ROOT-SERVERS.NET.
. 6D IN NS H.ROOT-SERVERS.NET.
. 6D IN NS B.ROOT-SERVERS.NET.
. 6D IN NS C.ROOT-SERVERS.NET.
. 6D IN NS D.ROOT-SERVERS.NET.
. 6D IN NS E.ROOT-SERVERS.NET.
. 6D IN NS I.ROOT-SERVERS.NET.
. 6D IN NS I.ROOT-SERVERS.NET.
. 6D IN NS F.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
G.ROOT-SERVERS.NET. 5w6d16h IN A 192.112.36.4
J.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.10
K.ROOT-SERVERS.NET. 5w6d16h IN A 193.0.14.129
L.ROOT-SERVERS.NET. 5w6d16h IN A 198.32.64.12
M.ROOT-SERVERS.NET. 5w6d16h IN A 202.12.27.33
A.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.4
H.ROOT-SERVERS.NET. 5w6d16h IN A 128.63.2.53
B.ROOT-SERVERS.NET. 5w6d16h IN A 128.9.0.107
C.ROOT-SERVERS.NET. 5w6d16h IN A 192.33.4.12
D.ROOT-SERVERS.NET. 5w6d16h IN A 128.8.10.90
E.ROOT-SERVERS.NET. 5w6d16h IN A 192.203.230.10
I.ROOT-SERVERS.NET. 5w6d16h IN A 192.36.148.17
F.ROOT-SERVERS.NET. 5w6d16h IN A 192.5.5.241
;; Total query time: 215 msec
;; FROM: roke.uio.no to SERVER: A.ROOT-SERVERS.NET. 198.41.0.4
;; WHEN: Sun Feb 15 01:22:51 1998
;; MSG SIZE sent: 17 rcvd: 436
resolv.conf
domain ian.co.uk
nameserver 127.0.0.1
nameserver x.x.x.x
when I try to actually use the service though...
root at t101 # nslookup
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup
with
the `-sil[ent]' option to prevent this message from appearing.
> www.cisco.com
;; connection timed out; no servers could be reached
> localhost
;; connection timed out; no servers could be reached
> 127.0.0.1
Server: 127.0.0.1
Address: 127.0.0.1#53
1.0.0.127.in-addr.arpa name = localhost.
everything points to this rndc thing.
if I restart named the messages file has the following few lines
Mar 11 16:04:42 t101 named[20768]: [ID 873579 daemon.notice] starting
BIND 9.2.3
Mar 11 16:04:42 t101 named[20768]: [ID 873579 daemon.notice] command
channel lis
tening on 0.0.0.0#953
ian
More information about the bind-users
mailing list