From owner-freebsd-stable@FreeBSD.ORG  Wed Mar 18 00:13:14 2009
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E6D1E1065673
	for <freebsd-stable@freebsd.org>; Wed, 18 Mar 2009 00:13:14 +0000 (UTC)
	(envelope-from peter@simons-rock.edu)
Received: from hedwig.simons-rock.edu (hedwig.simons-rock.edu [208.81.88.14])
	by mx1.freebsd.org (Postfix) with ESMTP id A26878FC16
	for <freebsd-stable@freebsd.org>; Wed, 18 Mar 2009 00:13:14 +0000 (UTC)
	(envelope-from peter@simons-rock.edu)
Received: from cesium.hyperfine.info (c2.8d.5646.static.theplanet.com
	[70.86.141.194])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hedwig.simons-rock.edu (Postfix) with ESMTP id 9CADC2BB346;
	Tue, 17 Mar 2009 20:13:13 -0400 (EDT)
Date: Tue, 17 Mar 2009 20:13:12 -0400
From: "Peter C. Lai" <peter@simons-rock.edu>
To: Squirrel <squirrel@mail.isot.com>
Message-ID: <20090318001311.GW13398@cesium.hyperfine.info>
References: <62de997279f74262f2f10e7f96604867@mail.isot.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <62de997279f74262f2f10e7f96604867@mail.isot.com>
User-Agent: Mutt/1.5.17 (2007-11-01)
Cc: Mark Andrews <Mark_Andrews@isc.org>,
	freebsd-stable <freebsd-stable@freebsd.org>
Subject: Re: rndc: connect failed: 127.0.0.1#953: connection refused
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Mar 2009 00:13:15 -0000

Yes that is exactly the point. RNDC is supposed to run on 953 and the name
service itself is on 53. Think about it, if tcp/53 is used for real DNS
(jumbo RR) traffic, how can rndc be listening for commands on the same
channel?

On 2009-03-17 06:10:44PM -0600, Squirrel wrote:
> I realized that default for RNDC was 953, and forced it to 53, but was still getting the same error.
> 
> As you recommended, I used the '-g' and noticed only unusual thing was:
> 
>    /etc/namedb/named.conf:23: couldn't add command channel 127.0.0.1#53: address in use
> 
> So I took out the port 53 out of the named.conf and let it use the default.  But left port 53 on rdnc.conf.  When I restarted with '-g', that message above is gone and all looks good.  Strangely, two doesn't make sense are:
> 
>    listening on IPv4 interface rl0, 66.187.80.4#53
>    command channel listening on 127.0.0.1#953
> 
> By default is #53, and in rndc.conf forced to port #53, but the named displays port #953 for command channel.  Is the RNDC supposed run on port 953 in addition to named running on 53?  I can't seem to get rndc to run on #53.   I've also tried removoing port to default on rndc.conf.
> 
> And reboot still won't load named.  And manual rndc load still errors with original message.
> 
> Below are the current messages:
> 
> root@ns2# named -4 -S 1024 -c /etc/namedb/named.conf -g
> 17-Mar-2009 19:04:50.001 starting BIND 9.6.0-P1 -4 -S 1024 -c /etc/namedb/named.conf -g
> 17-Mar-2009 19:04:50.001 built with '--localstatedir=/var' '--disable-linux-caps' '--with-randomdev=/dev/random' '--with-openssl=/usr/local' '--with-libxml2=/usr/local' '--without-idn' 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--disable-threads' '--sysconfdir=/etc/namedb' '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info/' '--build=i386-portbld-freebsd6.2' 'build_alias=i386-portbld-freebsd6.2' 'CC=cc' 'CFLAGS=-O2 -fno-strict-aliasing -pipe' 'LDFLAGS= -rpath=/usr/local/lib' 'CXX=c++' 'CXXFLAGS=-O2 -fno-strict-aliasing -pipe'
> 17-Mar-2009 19:04:50.001 using up to 1024 sockets
> 17-Mar-2009 19:04:50.068 loading configuration from '/etc/namedb/named.conf'
> 17-Mar-2009 19:04:50.124 using default UDP/IPv4 port range: [49152, 65535]
> 17-Mar-2009 19:04:50.124 using default UDP/IPv6 port range: [49152, 65535]
> 17-Mar-2009 19:04:50.127 no IPv6 interfaces found
> 17-Mar-2009 19:04:50.127 listening on IPv4 interface rl0, aa.bb.cc.4#53
> 17-Mar-2009 19:04:50.128 listening on IPv4 interface rl0, aa.bb.cc.10#53
> 17-Mar-2009 19:04:50.128 listening on IPv4 interface lo0, 127.0.0.1#53
> 17-Mar-2009 19:04:50.143 automatic empty zone: 0.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.143 automatic empty zone: 127.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 254.169.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 2.0.192.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: D.F.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 8.E.F.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 9.E.F.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: A.E.F.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: B.E.F.IP6.ARPA
> 17-Mar-2009 19:04:50.146 command channel listening on 127.0.0.1#953
> 17-Mar-2009 19:04:50.147 ignoring config file logging statement due to -g option
> 17-Mar-2009 19:04:50.168 zone 0.0.127.IN-ADDR.ARPA/IN: loaded serial 20060213
> ....
> 
> 
> -----Original message-----
> From: Mark Andrews Mark_Andrews@isc.org
> Date: Wed, 18 Mar 2009 00:21:52 -0600
> To: Squirrel squirrel@mail.isot.com
> Subject: Re: rndc: connect failed: 127.0.0.1#953: connection refused
> 
> > 
> > In message <a035ff0bce7803787bd454078722a2a9@mail.isot.com>, Squirrel writes:
> > > My BIND9.6.0 on FreeBSD 6.2 works fine when I manually start with:
> > > 
> > >    root@ns2# named -4 -S 1024 -c /etc/namedb/named.conf
> > > 
> > > But it won't start on boot and no error messages or log.  And it won't start 
> > > using rndc, it cause error message.  Why does the error shows port 953 when I
> > > specified for port 53 in the config?
> > 
> > 	Port 53 is for DNS.
> > 	Port 952 is the default port for RNDC.
> >  
> > >    rndc: connect failed: 127.0.0.1#953: connection refused
> > 	
> > 	Run "named -4 -S 1024 -c /etc/namedb/named.conf -g" and read the
> > 	messages.
> > 
> > > Below are parts of my configs:
> > > 
> > > /etc/rc.conf:
> > >    named_enable="YES"
> > >    named_flags="-4 -S 1024 -c /etc/namedb/named.conf"
> > >    ....
> > > 
> > > /etc/rndc.key:
> > >    key "rndc-key" {
> > >         algorithm hmac-md5;
> > >         secret "y9eca/WZydNfi.......................";
> > >    };
> > > 
> > > /etc/namedb/rndc.conf:
> > >    include "/etc/namedb/rndc.key";  
> > >    options {
> > >         default-server  localhost;
> > >         default-key     "rndc-key";
> > >    };
> > >    server localhost {
> > >         key     "rndc-key";
> > >    };
> > >    ...
> > > 
> > > /etc/namedb/named.conf:
> > >    include "/etc/namedb/rndc.key";
> > >    acl internals {  
> > >                aa.bb.cc.0/20;
> > >                192.168.1.0/24;
> > >                127.0.0.0/8;
> > >    };
> > >    controls {
> > >         inet 127.0.0.1 port 53 allow { 127.0.0.1; } keys { rndc-key; };
> > >    };
> > >    options {
> > >         pid-file "/var/run/named.pid";
> > >         directory "/etc/namedb";
> > >         statistics-file "/var/log/named/named.stats";
> > >         dump-file "/var/log/named/named.dump";
> > >         zone-statistics yes;
> > >         allow-query { 127.0.0.1; 66.187.80.0/20; };
> > >    };
> > >    logging {
> > >         category "default"   { simple_log; };
> > >         channel simple_log {
> > >                 file "/var/log/named/named.log" versions 5 size 20m;
> > >                 severity warning;
> > >                 print-time yes;
> > >                 print-category yes;
> > >                 print-severity yes;
> > >    };
> > >    ...
> > > 
> > > 
> > > -----------------------
> > > PCShare.Com
> > > 
> > > _______________________________________________
> > > freebsd-stable@freebsd.org mailing list
> > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
> > -- 
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org
> > _______________________________________________
> > freebsd-stable@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
> > 
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"

-- 
===========================================================
Peter C. Lai                 | Bard College at Simon's Rock
Systems Administrator        | 84 Alford Rd.
Information Technology Svcs. | Gt. Barrington, MA 01230 USA
peter AT simons-rock.edu     | (413) 528-7428
===========================================================