Date: Tue, 17 Mar 2009 20:13:12 -0400 From: "Peter C. Lai" <peter@simons-rock.edu> To: Squirrel <squirrel@mail.isot.com> Cc: Mark Andrews <Mark_Andrews@isc.org>, freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: rndc: connect failed: 127.0.0.1#953: connection refused Message-ID: <20090318001311.GW13398@cesium.hyperfine.info> In-Reply-To: <62de997279f74262f2f10e7f96604867@mail.isot.com> References: <62de997279f74262f2f10e7f96604867@mail.isot.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Yes that is exactly the point. RNDC is supposed to run on 953 and the name
service itself is on 53. Think about it, if tcp/53 is used for real DNS
(jumbo RR) traffic, how can rndc be listening for commands on the same
channel?
On 2009-03-17 06:10:44PM -0600, Squirrel wrote:
> I realized that default for RNDC was 953, and forced it to 53, but was still getting the same error.
>
> As you recommended, I used the '-g' and noticed only unusual thing was:
>
> /etc/namedb/named.conf:23: couldn't add command channel 127.0.0.1#53: address in use
>
> So I took out the port 53 out of the named.conf and let it use the default. But left port 53 on rdnc.conf. When I restarted with '-g', that message above is gone and all looks good. Strangely, two doesn't make sense are:
>
> listening on IPv4 interface rl0, 66.187.80.4#53
> command channel listening on 127.0.0.1#953
>
> By default is #53, and in rndc.conf forced to port #53, but the named displays port #953 for command channel. Is the RNDC supposed run on port 953 in addition to named running on 53? I can't seem to get rndc to run on #53. I've also tried removoing port to default on rndc.conf.
>
> And reboot still won't load named. And manual rndc load still errors with original message.
>
> Below are the current messages:
>
> root@ns2# named -4 -S 1024 -c /etc/namedb/named.conf -g
> 17-Mar-2009 19:04:50.001 starting BIND 9.6.0-P1 -4 -S 1024 -c /etc/namedb/named.conf -g
> 17-Mar-2009 19:04:50.001 built with '--localstatedir=/var' '--disable-linux-caps' '--with-randomdev=/dev/random' '--with-openssl=/usr/local' '--with-libxml2=/usr/local' '--without-idn' 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--disable-threads' '--sysconfdir=/etc/namedb' '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info/' '--build=i386-portbld-freebsd6.2' 'build_alias=i386-portbld-freebsd6.2' 'CC=cc' 'CFLAGS=-O2 -fno-strict-aliasing -pipe' 'LDFLAGS= -rpath=/usr/local/lib' 'CXX=c++' 'CXXFLAGS=-O2 -fno-strict-aliasing -pipe'
> 17-Mar-2009 19:04:50.001 using up to 1024 sockets
> 17-Mar-2009 19:04:50.068 loading configuration from '/etc/namedb/named.conf'
> 17-Mar-2009 19:04:50.124 using default UDP/IPv4 port range: [49152, 65535]
> 17-Mar-2009 19:04:50.124 using default UDP/IPv6 port range: [49152, 65535]
> 17-Mar-2009 19:04:50.127 no IPv6 interfaces found
> 17-Mar-2009 19:04:50.127 listening on IPv4 interface rl0, aa.bb.cc.4#53
> 17-Mar-2009 19:04:50.128 listening on IPv4 interface rl0, aa.bb.cc.10#53
> 17-Mar-2009 19:04:50.128 listening on IPv4 interface lo0, 127.0.0.1#53
> 17-Mar-2009 19:04:50.143 automatic empty zone: 0.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.143 automatic empty zone: 127.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 254.169.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 2.0.192.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: D.F.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 8.E.F.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: 9.E.F.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: A.E.F.IP6.ARPA
> 17-Mar-2009 19:04:50.144 automatic empty zone: B.E.F.IP6.ARPA
> 17-Mar-2009 19:04:50.146 command channel listening on 127.0.0.1#953
> 17-Mar-2009 19:04:50.147 ignoring config file logging statement due to -g option
> 17-Mar-2009 19:04:50.168 zone 0.0.127.IN-ADDR.ARPA/IN: loaded serial 20060213
> ....
>
>
> -----Original message-----
> From: Mark Andrews Mark_Andrews@isc.org
> Date: Wed, 18 Mar 2009 00:21:52 -0600
> To: Squirrel squirrel@mail.isot.com
> Subject: Re: rndc: connect failed: 127.0.0.1#953: connection refused
>
> >
> > In message <a035ff0bce7803787bd454078722a2a9@mail.isot.com>, Squirrel writes:
> > > My BIND9.6.0 on FreeBSD 6.2 works fine when I manually start with:
> > >
> > > root@ns2# named -4 -S 1024 -c /etc/namedb/named.conf
> > >
> > > But it won't start on boot and no error messages or log. And it won't start
> > > using rndc, it cause error message. Why does the error shows port 953 when I
> > > specified for port 53 in the config?
> >
> > Port 53 is for DNS.
> > Port 952 is the default port for RNDC.
> >
> > > rndc: connect failed: 127.0.0.1#953: connection refused
> >
> > Run "named -4 -S 1024 -c /etc/namedb/named.conf -g" and read the
> > messages.
> >
> > > Below are parts of my configs:
> > >
> > > /etc/rc.conf:
> > > named_enable="YES"
> > > named_flags="-4 -S 1024 -c /etc/namedb/named.conf"
> > > ....
> > >
> > > /etc/rndc.key:
> > > key "rndc-key" {
> > > algorithm hmac-md5;
> > > secret "y9eca/WZydNfi.......................";
> > > };
> > >
> > > /etc/namedb/rndc.conf:
> > > include "/etc/namedb/rndc.key";
> > > options {
> > > default-server localhost;
> > > default-key "rndc-key";
> > > };
> > > server localhost {
> > > key "rndc-key";
> > > };
> > > ...
> > >
> > > /etc/namedb/named.conf:
> > > include "/etc/namedb/rndc.key";
> > > acl internals {
> > > aa.bb.cc.0/20;
> > > 192.168.1.0/24;
> > > 127.0.0.0/8;
> > > };
> > > controls {
> > > inet 127.0.0.1 port 53 allow { 127.0.0.1; } keys { rndc-key; };
> > > };
> > > options {
> > > pid-file "/var/run/named.pid";
> > > directory "/etc/namedb";
> > > statistics-file "/var/log/named/named.stats";
> > > dump-file "/var/log/named/named.dump";
> > > zone-statistics yes;
> > > allow-query { 127.0.0.1; 66.187.80.0/20; };
> > > };
> > > logging {
> > > category "default" { simple_log; };
> > > channel simple_log {
> > > file "/var/log/named/named.log" versions 5 size 20m;
> > > severity warning;
> > > print-time yes;
> > > print-category yes;
> > > print-severity yes;
> > > };
> > > ...
> > >
> > >
> > > -----------------------
> > > PCShare.Com
> > >
> > > _______________________________________________
> > > freebsd-stable@freebsd.org mailing list
> > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org
> > _______________________________________________
> > freebsd-stable@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
> >
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
--
===========================================================
Peter C. Lai | Bard College at Simon's Rock
Systems Administrator | 84 Alford Rd.
Information Technology Svcs. | Gt. Barrington, MA 01230 USA
peter AT simons-rock.edu | (413) 528-7428
===========================================================
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090318001311.GW13398>