I have seen a couple of posts about a Bind reloading problem and are currently having the same errors. I read through all the posts and tried to follow the tweaks to do to fix the problem but I am still having a problem. If some could please help me out on trying to fix this I would greatly appreciate it. Here is what I have done so far.

reloaded fixndc
reloaded named.conf
checked status on named.conf

I have also done a few other tweaks that i saw but can't remember right now. Thanks in advanced for the help.

jason

There are multiple problems that bind can have, perhaps you can state your exact problem.

Just create rndc.key
rndc-keygen -d /dev/urandom

I get this error when trying to add an A entry for a nameserver. Also when creating new accounts.

IP=XX.XXX.XXX.XXX Bind reloading on sls-eb17p18 using rndc zone: [zerotechnology.org] Error reloading bind on sls-eb17p18: rndc: connect failed: connection refused Add Complete

I tried to run that command but returned command not found.

Thanks,

Jason

# /scripts/fixndc can fix broken bind on Cpanel Servers.

Fixndc using rh9/rhes3/fedora support
Found controls in named.conf ..
Adding key...
Restarting bind.....Waiting for named to restart..............finished.


named has failed, please contact the sysadmin (result was "named is not running").
Oct 3 11:47:56 sls-eb17p18 named: named shutdown failed
Oct 3 11:47:56 sls-eb17p18 named[8580]: starting BIND 9.2.3 -u named
Oct 3 11:47:56 sls-eb17p18 named[8580]: using 1 CPU
Oct 3 11:47:56 sls-eb17p18 named[8580]: loading configuration from '/etc/named.conf'
Oct 3 11:47:56 sls-eb17p18 named[8580]: /etc/named.conf:36: missing ';' before '}'
Oct 3 11:47:56 sls-eb17p18 named[8580]: /etc/named.conf:42: missing ';' before '}'
Oct 3 11:47:56 sls-eb17p18 named[8580]: loading configuration: failure
Oct 3 11:47:56 sls-eb17p18 named[8580]: exiting (due to fatal error)
Oct 3 11:47:56 sls-eb17p18 named: named startup succeeded
Oct 3 11:48:07 sls-eb17p18 named: named shutdown failed
Oct 3 11:48:07 sls-eb17p18 named[8623]: starting BIND 9.2.3 -u named
Oct 3 11:48:07 sls-eb17p18 named[8623]: using 1 CPU
Oct 3 11:48:07 sls-eb17p18 named[8623]: loading configuration from '/etc/named.conf'
Oct 3 11:48:07 sls-eb17p18 named[8623]: /etc/named.conf:36: missing ';' before '}'
Oct 3 11:48:07 sls-eb17p18 named[8623]: /etc/named.conf:42: missing ';' before '}'
Oct 3 11:48:07 sls-eb17p18 named[8623]: loading configuration: failure
Oct 3 11:48:07 sls-eb17p18 named[8623]: exiting (due to fatal error)
Oct 3 11:48:07 sls-eb17p18 named: named startup succeeded
Done
All fixed
This is what I get when I run it. I still get the same errors in cPanel under Edit Setup and Add an A entry for this nameserver.

This is what named.conf looks like:

key "rndckey" {
algorithm hmac-md5;
secret "SECRET REMOVED";
};


// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port XX, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port XX;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
type hint;
file "/var/named/named.ca";
};

zone "0.0.127/in-addr.arpa" IN {
type master;
file "/var/named/named.local";
allow-update {none};
};

zone "localhost" IN {
type master;
file "/var/named/localhost.zone";
allow-update {none};
};

zone "blinblineo.net" {
type master;
file "/var/named/blinblineo.net.db";
};

zone "choiradiox.net" {
type master;
file "/var/named/choiradiox.net.db";
};

Give this one a try.


key "rndckey" {
algorithm hmac-md5;
secret "SECRET REMOVED";
};


// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port XX, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port XX;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
type hint;
file "/var/named/named.ca";
};

zone "0.0.127/in-addr.arpa" IN {
type master;
file "/var/named/named.local";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "/var/named/localhost.zone";
allow-update { none; };
};

zone "blinblineo.net" {
type master;
file "/var/named/blinblineo.net.db";
};

zone "choiradiox.net" {
type master;
file "/var/named/choiradiox.net.db";
};

Perfecto. Thanks a whole lot.

Jason

I'm also getting this error, I tried the fixndc command but that still didnt fix it

pico /etc/named.conf

gives me the following ouput


key "rndckey" {
algorithm hmac-md5;
secret "my secret";
};


// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;

Which error?

I thought that updating the script might work, but I still get this message when trying to update to the a record

IP=xxxxx.xxxx.xxx Bind reloading on admin using rndc zone: [abc.com] Error reloading bind on admin: rndc: connect failed: connection refused Add Complete

Hi,

If you have issues with starting named because of rndc errors there is an easy way to overcome that, follow the steps,

mv /etc/named.conf /etc/named.conf.bak

touch /etc/named.conf

/scripts/fixndc

This will only work for cpanel servers.

<<Signature to be setup in your profile>>

thanks I'm running whm/cpanel, and followed your instructions, but I still get the same error message as before
when tyring to add the a record to my nameserver

Fixndc using rh9/rhes3/fedora support
Adding key...
Adding controls...
Adding hint zone...
Restarting bind.....Waiting for named to restart..............finished.

named 8217 0.0 0.5 36672 2588 ? S 04:36 0:00 /usr/sbin/named -u named -t /var/named/chroot

named started ok
Oct 15 08:36:02 new named[1293]: shutting down
Oct 15 08:36:02 new named[1293]: no longer listening on 127.0.0.1#53

Oct 15 08:36:02 new named[1293]: no longer listening on xx6.xxx.xxx.xxx#53
Oct 15 08:36:02 new named[1293]: no longer listening on xx.xxx.xxx.xxx#53
Oct 15 08:36:02 new named[1293]: exiting
Oct 15 04:36:02 new named: named shutdown succeeded
Oct 15 08:36:02 new named[8217]: starting BIND 9.2.3 -u named -t /var/named/chroot
Oct 15 08:36:02 new named[8217]: using 1 CPU
Oct 15 08:36:02 new named[8217]: loading configuration from '/etc/named.conf'
Oct 15 08:36:02 new named[8217]: listening on IPv4 interface lo, 127.0.0.1#53
Oct 15 08:36:02 new named[8217]: listening on IPv4 interface eth0, xx.xxx.xxx.xxxx#53
Oct 15 08:36:02 new named[8217]: listening on IPv4 interface eth0:1, xx.xxx.xxx.xxx#53
Oct 15 08:36:02 new named[8217]: couldn't add command channel 127.0.0.1#953: not found
Oct 15 08:36:02 new named[8217]: couldn't add command channel ::1#953: not found
Oct 15 08:36:02 new named[8217]: running
Oct 15 04:36:03 new named: named startup succeeded
Done
All fixed

Can you post the entire named.conf

key "rndckey" {
algorithm hmac-md5;
secret "my secret ";
};


controls {
inet 127.0.0.1 allow { localhost; } keys { "rndckey"; };
};




zone "." {
type hint;
file "/var/named/named.ca";
};

after pico /etc/named.conf
this is what it comes up with now

Sorry, when i recheck your error message, you are running the bind on chroot environment.

Can you check your config files are included also in the chroot directory? Copy this files to or create symbolic links for, the targets specified and than restart the service. Kill all running named processes or for a fresh test, reboot the server.

/etc/named.conf -> /var/named/chroot/etc/named.conf
/etc/rndc.key -> /var/named/chroot/etc/rndc.key
/var/named/named.ca -> /var/named/chroot/var/named/named.ca


If you are not familiar with chroot environment, see /etc/init.d/named:

Somewhere in start () tag, you can see daemon...... change the running daemon command line to "named -u named" This will start the bind normally. Use at your own risk. ;)

Originally posted by fcarsenal
Sorry, when i recheck your error message, you are running the bind on chroot environment.

Can you check your config files are included also in the chroot directory? Copy this files to or create symbolic links for, the targets specified and than restart the service. Kill all running named processes or for a fresh test, reboot the server.

/etc/named.conf -> /var/named/chroot/etc/named.conf
/etc/rndc.key -> /var/named/chroot/etc/rndc.key
/var/named/named.ca -> /var/named/chroot/var/named/named.ca


If you are not familiar with chroot environment, see /etc/init.d/named:

Somewhere in start () tag, you can see daemon...... change the running daemon command line to "named -u named" This will start the bind normally. Use at your own risk. ;)

I copied over /etc/named.conf over to /var/named/chroot/etc/named.conf

and i checked /etc/rndc.key, but that file didnt contain any lines,

/var/named/named.ca was the same on chroot.

I restarted the service, but I still get the same error, Im not sure how to change the running daemon
as /etc/init.d/named: doesnt contain any lines either

Try
# ps -ax | grep named
# kill -9 PID
# named -u named

This is for normal start. Are you getting the same error now?


For chroot copy rndc.conf and key to the /var/named/chroot/etc/ and reboot the server.

Ok I've found a fix for it

If you are using Fedora you should also pico /etc/sysconfig/named and comment out the 'ROOTDIR=' (put a # in front of it)

That worked for me and now adding the a record for the nameserver works

yippeee, thanks everyone for your advice though
kept me going and looking for the eventual solution.