help with rndc fail

Joseph S D Yao jsdy at
Sat Jan 15 16:51:22 UTC 2011

(1) I include the rndc.key file and have it readable only to named group
named.  Then I don't have to worry about having the same secret in two
files.  The rndc.conf file is only needed if you're going to do
something out of the ordinary, e.g., use rndc from a remote server.
[But see #3]

(2) I don't like sending secrets out in e-mail, YMMV.

(3) I've had problems where something [I never took the time to figure
out what] came up using port 953 before 'named' did, but on the box's
twin, it didn't.  I changed the port for both 'named' and 'rndc'.  For
this, you do need the "rndc.conf" file, IIRC.

** Joe Yao				jsdy at - Joseph S. D. Yao

More information about the bind-users mailing list