help with rndc fail

pyh at mail.nsbeta.info pyh at mail.nsbeta.info
Sat Jan 15 04:48:08 UTC 2011 

I don't know what's the problem.
Just copied the config files to another host and run bind master on it, 
everything works fine, including the zone transfer for multi-views. 

Thanks. 

pyh at mail.nsbeta.info writes: 

> 
> And, the named version is:  
> 
> # named -v
> BIND 9.6.1-P2  
> 
> I'm pretty sure the secret in both named.conf and rndc.conf are the same.
> Thanks.  
> 
> 
> pyh at mail.nsbeta.info writes:  
> 
>> 
>> Hello gurus,   
>> 
>> my rndc related commands in bind master with multi-views run fail,but in 
>> slave it's running correctly.   
>> 
>> # rndc status
>> rndc: connection to remote host closed
>> This may indicate that
>> * the remote server is using an older version of the command protocol,
>> * this host is not authorized to connect,
>> * the clocks are not synchronized, or
>> * the key is invalid.   
>> 
>> Here is the named.conf for master.
>> Please help,thanks in advance.   
>> 
>> -------------
>> options {
>>      directory "/var/cache/bind";
>>      recursion no;
>> };   
>> 
>> 
>> # ACLs begin
>> include "/etc/bind/tel.acl";
>> include "/etc/bind/uni.acl";
>> include "/etc/bind/edu.acl";
>> # ACLs end   
>> 
>> 
>> # views for ISP begin
>> view "uni" {
>>      match-clients {
>>          key "unikey";
>>          UNI;
>>      };
>>      allow-update {key "unikey";};
>>      allow-transfer { key "unikey"; };
>>      server 202.104.186.180 { keys "unikey"; };
>> # zone begin uni
>>      zone "test.nsbeta.info" {
>>           type master;
>>           file "test.nsbeta.info.uni.db";
>>      };
>> # zone end uni
>> };   
>> 
>> view "edu" {
>>      match-clients {
>>          key "edukey";
>>          EDU;
>>      };
>>      allow-update {key "edukey";};
>>      allow-transfer { key "edukey"; };
>>      server 202.104.186.180 { keys "edukey"; };
>> # zone begin edu
>>      zone "test.nsbeta.info" {
>>           type master;
>>           file "test.nsbeta.info.edu.db";
>>      };
>> # zone end edu
>> };   
>> 
>> view "tel" {
>>      match-clients {
>>          key "telkey";
>>          any;
>>      };
>>      allow-update {key "telkey";};
>>      allow-transfer { key "telkey"; };
>>      server 202.104.186.180 { keys "telkey"; };
>> # zone begin tel
>>      zone "test.nsbeta.info" {
>>           type master;
>>           file "test.nsbeta.info.tel.db";
>>      };
>> # zone end tel
>> };
>> # views for ISP end   
>> 
>> 
>> # rndc key begin
>> key "rndc-key" {
>>      algorithm hmac-md5;
>>      secret "SUpgZRkpZVeteRiTIxQw6w==";
>> };   
>> 
>> controls {
>>      inet 127.0.0.1 port 953
>>              allow { 127.0.0.1; } keys { "rndc-key"; };
>> };
>> # rndc key end   
>> 
>> # customized keys begin
>> key "edukey" {
>>      algorithm hmac-md5;
>>      secret "***";
>> };
>> key "unikey" {
>>      algorithm hmac-md5;
>>      secret "***";
>> };
>> key "telkey" {
>>      algorithm hmac-md5;
>>      secret "***";
>> };
>> # customized keys end
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list