On Sat, Oct 16, 2004 at 12:55:22PM +0200, UroÅ Gruber wrote: > Hello, > > Today I transfer my domain from bind8 to bind9. It works ok, except ndc. > I read bind9 administrator manual. But there is always about rndc. > > because bind is by default chrooted (which is great) ndc report an error > > ndc: error: ctl_client: evConnect(fd 3): No such file or directory > ndc: error: cannot connect to command channel (/var/run/ndc) > > I think I have to use rndc insted. But I want to know simple config to > allow controling local dns like ndc in old days.
If all you want is to be able to control an instance of named on your
local machine, you can use something like the following in your
named.conf:
// Authentication for communicating with rndc --- only listen on the loopback
// port 953 for control connections
key "rndc-key" {
algorithm hmac-md5;
secret "XXXXXXXXXXXXXXXXXXXXXX==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
inet ::1 port 953
allow { ::1; } keys { "rndc-key"; };
};
That's basically copied with some small modifications from
/usr/local/etc/rndc.conf, which you can automatically generate with a
random key by:
# rndc-confgen
and following the instructions.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgpMTT4MzzOmI.pgp
Description: PGP signature
