This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.
How to do this exactly depends on your distro -- but I'm curious what you see if you restart BIND using the init scripts, and then look in the logs... perhaps /var/log/messages and/or /var/log/syslog. Do you see any error messages?
hm, I'm receiving the same issue. I just cleared my logs, then stopped bind and started it again using init scripts. I get nothing in the logs?
Any other ideas. From what I've googled, I see a lot of people talking about permissions issues. This is a new installation so I didn't make any changes with bind and its config files permissions.
I meant that I wanted to see "/etc/bind/named.conf.options".
I'm not quite sure what the issue is yet, but I was going to compare what's in there to what I have, hopefully something will stand out as being the issue!
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
Updated Bind today on Ubuntu 8.0.4 LTS, was getting the same issue. Update had changed ownership of /etc/bin/rndc.key file from root:bind to bind:bind. Chowned file back to root:bind, and restarted daemon and all is well.
I'm sorry to pick up this line 3 years after it was closed.
I'm having the same problem.
I accidentally enabled (and installed) RNDC but it doesn't seem to work. Now I can't get rid of it. Updating my nameserver does not work.
Help?
More info:
CentOS 6.2
Bind 9
/etc/rndc.conf:
options { directory "/var/named"; version "Nope."; };
zone "domain1.net" in { type master; file "domain1.net.zone"; }; zone "." { type hint; file "/var/named/root.zone"; }; zone "domein2.net" { type master; file "/var/named/domain2.net.hosts"; }; zone "domein3.com" { type master; file "/var/named/domain3.com.hosts"; };
Howdy,
How to do this exactly depends on your distro -- but I'm curious what you see if you restart BIND using the init scripts, and then look in the logs... perhaps /var/log/messages and/or /var/log/syslog. Do you see any error messages?
-Eric
hm, I'm receiving the same issue. I just cleared my logs, then stopped bind and started it again using init scripts. I get nothing in the logs?
Any other ideas. From what I've googled, I see a lot of people talking about permissions issues. This is a new installation so I didn't make any changes with bind and its config files permissions.
Which distro are you using?
And, what output do you see if you type this:
netstat -an | grep :953
Thanks!
-Eric
Distro Below
root@server1.davidsalazar.com:~
→ cat /etc/debian_version
5.0.2
netstat grep returns nothing.
here is my full netstat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:20000 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 216.245.199.43:80 10.1.0.62:35926 SYN_RECV
tcp 0 0 216.245.199.43:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
tcp 0 272 216.245.199.43:22 24.243.28.202:61023 ESTABLISHED
tcp 0 0 216.245.199.43:22 24.243.28.202:60539 ESTABLISHED
tcp 0 0 216.245.199.43:3306 24.243.28.202:61729 ESTABLISHED
tcp6 0 0 :::53 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
udp 0 0 0.0.0.0:10000 0.0.0.0:*
udp 0 0 0.0.0.0:20000 0.0.0.0:*
udp 0 0 216.245.199.43:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp6 0 0 :::517 :::*
udp6 0 0 :::518 :::*
udp6 0 0 :::53 :::*
Yeah, it doesn't appear to be listening on port 953. Can you post your /etc/bind/named.conf and /etc/bind/named.conf.local files?
Thanks,
-Eric
named.conf
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
include "/etc/bind/named.conf.local";
/etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "git.davidsalazar.com" {
type master;
file "/etc/bind/git.davidsalazar.com.hosts";
allow-transfer {
127.0.0.1;
localnets;
};
};
Blast, I'm sorry, I said the wrong file :-)
I meant that I wanted to see "/etc/bind/named.conf.options".
I'm not quite sure what the issue is yet, but I was going to compare what's in there to what I have, hopefully something will stand out as being the issue!
Thanks,
-Eric
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
Updated Bind today on Ubuntu 8.0.4 LTS, was getting the same issue. Update had changed ownership of /etc/bin/rndc.key file from root:bind to bind:bind. Chowned file back to root:bind, and restarted daemon and all is well.
-nate
that fixed it thanks.
I'm sorry to pick up this line 3 years after it was closed. I'm having the same problem. I accidentally enabled (and installed) RNDC but it doesn't seem to work. Now I can't get rid of it. Updating my nameserver does not work. Help? More info: CentOS 6.2 Bind 9 /etc/rndc.conf:
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "2E4Axlg7oZCxNoV1/cvW/w==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
/etc/named.conf
options {
directory "/var/named";
version "Nope.";
};
zone "domain1.net" in {
type master;
file "domain1.net.zone";
};
zone "." {
type hint;
file "/var/named/root.zone";
};
zone "domein2.net" {
type master;
file "/var/named/domain2.net.hosts";
};
zone "domein3.com" {
type master;
file "/var/named/domain3.com.hosts";
};
Netstat -lnptu output:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 18857/memcached
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 7153/pure-ftpd (SER
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3239/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3239/named
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1510/master
tcp 0 0 127.0.0.1:443 0.0.0.0:* LISTEN 14850/httpd
tcp 0 0 :::80 :::* LISTEN 14850/httpd
tcp 0 0 :::21 :::* LISTEN 7153/pure-ftpd (SER
tcp 0 0 ::1:25 :::* LISTEN 1510/master
udp 0 0 127.0.0.1:53 0.0.0.0:* 6954/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 6954/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 3266/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 3266/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 3239/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 3239/named
udp 0 0 127.0.0.1:11211 0.0.0.0:* 18857/memcached
Thanks so much!
reinstalling RNDC did the trick.