------ I receive the digest of the mails, so I have copied/pasted the
original without the quoting (>) characters. ------
Date: Thu, 03 May 2007 13:50:40 -0700
From: Noah <[EMAIL PROTECTED]>
Subject: rndc.key auth issues and rndc.key file
To: User Questions <email@example.com>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hey there FreeBSD'ers,
So I am trying to figure out what is the best configuration for bind on
my FreeBSD6.2 system.
# pkg_info | grep bind
bind9-9.3.4 Completely new version of the BIND DNS suite with
# grep named /etc/rc.conf
something keeps not ending up correctly configured.
I made an rndc.key file
# ls -l /var/named/etc/namedb/rndc.key
-rw------- 1 root wheel 97 May 3 13:37
and then placed a copy of those contents in my
now when I restart (stop) named I receive an error:
# /etc/rc.d/named restart
Stopping named: rndc failed, trying killall: .
what on earth am I doing wrong?
FreeBSD 6.2-R gives you BIND 9.3.3. FreeBSD 6.2-STABLE gives you BIND
9.3.4. 9.4 (and patches) have been released from ISC, but I don't see
ANY difference between the version in the "world" and the one from
ports/packages. First question I have is is there something in the
world BIND that isn't available in the packages/ports?
the restart command tells BIND to stop via BIND's control channel
(typically 127.0.0.1:953 and maybe an IPv6 address). Since the command
in that script is only calling:
rndc stop 2>/dev/null;
I can see only two causes right now. 1) rndc itself will never work
(some config error or other problem). 2) the BIND control channel
(port 953) isn't listening, so rndc itself may be working, but it can't
Check for listening sockets. sockstat -l -p 953
if you get listening sockets, try a status. rndc status
if you fail on status, then it's time to investigate keys. rndc is not
very helpful on error messages. I kind of think rndc was built for the
software developers (ISC) and not very end-user consumer friendly.
I have a good feeling that this message is correct in it's entirety.
However, I am human and would accept corrections.
If opportunity doesn't knock, build a door.
"I can" is a way of life.
More and Bigger is not always Better.
The road to success is always uphill.
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"