On Mon, 1 Dec 2003, Jamie Wilkinson wrote:
> This one time, at band camp, David wrote:
> >If anyone could tell me what i've stuffed up I would be eternally
> >grateful.
>
> Was bind listening on 127.0.0.1:953 ? Did you have anything about
> rndc.key in your named.conf?
>
hmmm... interesting...
the new installed version with the controls and key lines in named.conf
is listening on port 953. The version that is giving me the grief is NOT
listening on 953. I've changed the named.conf and rndc.conf files as shown
below, but obviously that isn't effective for the daemon that is already
running.
does this mean that I should kill named, then restart it? That doesn't
seem to make much sense to me, but at the moment I'm not seeing an
alternative. Neither the init script or rndc will let me stop named.
_____________________________________________
#cat named.conf
<snip>
controls {
inet 127.0.0.1 allow {localhost;} keys {rndc.key;} ;
};
key "key" {
algorithm hmac-md5;
secret "blah";
};
<snip>
# cat rndc.conf
options {
default-server localhost;
default-key "key";
};
key "key" {
algorithm hmac-md5;
secret "blah";
};
_____________________________________________
Where <blah> is a generated thus:
#rndc-confgen -r /dev/urandom -a
This is a production DNS which actually is working at the moment.
Unfortunately, I need to update the zone files. I'm reluctant to screw
around with a working authoritative dns until I know what's happening.
I'm thinking of following Jeff's advice and simply re-installing, but that
seems a bit of a drastic way of updating zone files :)
Many thanks.... David.
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
