I've done something a while back that has messed with my named.conf and
prevents me from restarting named service normally...
My problem...
# service named restart
Stopping named: [FAILED]
Starting named: named: already running [FAILED]
nothing gets logged in /var/log/messages
obviously, I can do this to restart it...
[root at srv1 etc]# ps aux|grep named
named 26598 0.1 0.3 72168 3732 ? Ssl 15:41
0:00 /usr/sbin/named -u named -4 -t /var/named/chroot
root 26687 0.0 0.0 3880 696 pts/18 S+ 15:43 0:00 grep
named
[root at srv1 etc]# kill 26598
[root at srv1 etc]# service named restart
Stopping named: [FAILED]
Starting named: [ OK ]
and the pid of named seems to be where it belongs...
# ls -l /var/named/chroot/var/run/named/named.pid
-rw-r--r-- 1 named named 6 Sep 21
15:43 /var/named/chroot/var/run/named/named.pid
if I try...
# service named status
rndc: connection to remote host closed
This may indicate that the remote server is using an older version of
the command protocol, this host is not authorized to connect,
or the key is invalid.
but looking at my named.conf, I'm directly including rndc.key
# grep rndc named.conf
inet 127.0.0.1 allow { localhost; } keys { DYNAMIC_DNS_KEY;
rndc.key; };
include "/etc/rndc.key";
and obviously, I am running named-chroot...
# tail -n 3 /etc/sysconfig/named
ROOTDIR=/var/named/chroot
OPTIONS=-4
ENABLE_ZONE_WRITE=yes
# rpm -qa|grep bind
bind-chroot-9.3.3-9.0.1.el5
bind-9.3.3-9.0.1.el5
bind-libs-9.3.3-9.0.1.el5
bind-utils-9.3.3-9.0.1.el5
what did I do to break it?
--
Craig White <craig at tobyhouse.com>
On Fri September 21 2007 18:50, Craig White wrote:> [root at srv1 etc]# kill 26598 > [root at srv1 etc]# service named restart > Stopping named: [FAILED] > Starting named: [ OK ]After you have killed named start it with 'start' not 'restart'.> if I try... > # service named status > rndc: connection to remote host closed > This may indicate that the remote server is using an older version of > the command protocol, this host is not authorized to connect, > or the key is invalid. > > but looking at my named.conf, I'm directly including rndc.key > # grep rndc named.conf > inet 127.0.0.1 allow { localhost; } keys { DYNAMIC_DNS_KEY; > rndc.key; }; > include "/etc/rndc.key";This doesn't look right. My control section in named.conf is : controls { inet 127.0.0.1 allow { any; } keys { rndc-key; }; No need for 'include '. Your rndc.conf should also be located in your chroot /etc dir. Take notice to what is in between {} in the keys statement. This has to match what is in your rndc.conf file. server localhost { key "rndc-key"; }; -- Regards Robert Smile... it increases your face value!
Salam, Tell me one thing, you killed the service, means service not running..... when u start the service then why are u using this command!!! service named restart???????? should be "service named start" or /etc/init.d/named start if you are running secondary DNS, then your rndc key should be copied to the other server as well, actually your rndc key not matching, i worked on DNS more than year back, faced the same issue, donot know exactly the files to be remember.... please search Regards, Umair Shakil ETD On 9/22/07, Craig White <craig at tobyhouse.com> wrote:> > I've done something a while back that has messed with my named.conf and > prevents me from restarting named service normally... > > My problem... > # service named restart > Stopping named: [FAILED] > Starting named: named: already running [FAILED] > > nothing gets logged in /var/log/messages > > obviously, I can do this to restart it... > > [root at srv1 etc]# ps aux|grep named > named 26598 0.1 0.3 72168 3732 ? Ssl 15:41 > 0:00 /usr/sbin/named -u named -4 -t /var/named/chroot > root 26687 0.0 0.0 3880 696 pts/18 S+ 15:43 0:00 grep > named > [root at srv1 etc]# kill 26598 > [root at srv1 etc]# service named restart > Stopping named: [FAILED] > Starting named: [ OK ] > > and the pid of named seems to be where it belongs... > # ls -l /var/named/chroot/var/run/named/named.pid > -rw-r--r-- 1 named named 6 Sep 21 > 15:43 /var/named/chroot/var/run/named/named.pid > > if I try... > # service named status > rndc: connection to remote host closed > This may indicate that the remote server is using an older version of > the command protocol, this host is not authorized to connect, > or the key is invalid. > > but looking at my named.conf, I'm directly including rndc.key > # grep rndc named.conf > inet 127.0.0.1 allow { localhost; } keys { DYNAMIC_DNS_KEY; > rndc.key; }; > include "/etc/rndc.key"; > > and obviously, I am running named-chroot... > # tail -n 3 /etc/sysconfig/named > ROOTDIR=/var/named/chroot > OPTIONS=-4 > ENABLE_ZONE_WRITE=yes > > # rpm -qa|grep bind > bind-chroot-9.3.3-9.0.1.el5 > bind-9.3.3-9.0.1.el5 > bind-libs-9.3.3-9.0.1.el5 > bind-utils-9.3.3-9.0.1.el5 > > what did I do to break it? > > -- > Craig White <craig at tobyhouse.com> > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20070922/0f8e2061/attachment-0001.html>
On Saturday 22 September 2007, umair shakil wrote:> Salam, > > Tell me one thing, you killed the service, means service not running..... > when u start the > service then why are u using this command!!! > > service named restart???????? > > should be "service named start" or /etc/init.d/named startBecause restart executes stop and then start. Even if the process has been killed, there may be other things like lock files, shared memory segments and so on around that will be properly removed by stop. Therefore using restart instead of start is a correct and good practice. Peter.