LaMont Jones wrote: > On Fri, Sep 26, 2008 at 10:19:06PM +0200, Shams Fantar wrote: > >> If I want to stop or to restart bind9, I can't by default. I get this >> message : >> Stopping domain name service...: bindrndc: connect failed: 127.0.0.1#953: >> connection refused >> failed! >> Starting domain name service...: bind failed! >> So that bind9 starts, I have to kill the "named" process before, and after I >> can do "/etc/init.d/apache2 start". >> I tried some solutions, and so it's the only solution. Perhaps, this is a >> bug. I think... >> > > Please send me a copy of your named configuration - it appears that you > have configured BIND in a way that prevents rndc from working - I'd love > do better document the ways that people break it. > > thanks, > lamont > >
Here are the two files you need in attachment. Regards, -- http://snurf.info "Civil Engineering section" project : http://civil-e-section.org « A book is like a garden carried in the pocket. »
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
#options {
# pid-file "/var/run/named/named.pid";
#}
#key "rndc-key" {
# algorithm hmac-md5;
# secret "DJ/kgU72Zwe2ucsgl2Gf4Q==;
#}
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };
// From the release notes:
// Because many of our users are uncomfortable receiving undelegated answers
// from root or top level domains, other than a few for whom that behaviour
// has been trusted and expected for quite some length of time, we have now
// introduced the "root-delegations-only" feature which applies delegation-only
// logic to all top level domains, and to the root domain. An exception list
// should be specified, including "MUSEUM" and "DE", and any other top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };
include "/etc/bind/named.conf.local";
rndc.key
Description: application/pgp-keys
