Bind9 Error on Debian Etch

For those of you running a bind dns server you may have come across this error only when trying to restart your DNS server

Reloading domain name service… : bindrndc: connect failed: connection refused

This has to do with the configuration of (or lack there of) in /etc/bind/rndc.conf

I noticed while searching the system for references to rndc that there was a program called:  /usr/sbin/rndc-confgen
Running this gives you the correct text to put in your rdnc.conf file as well as a couple lines to add to your named.conf

Mine looked something like this…

# Start of rndc.conf
key "rndc-key" {
    algorithm hmac-md5;
    secret "imnottelling==";

options {
    default-key "rndc-key";
    default-port 953;
# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
#     algorithm hmac-md5;
#     secret "imnottelling==";
# };
# controls {
#     inet port 953
#         allow {; } keys { "rndc-key"; };
# };
# End of named.conf

Note: Remove the # fromt the config lines for the second part that goes into the /etc/bind/named.conf file.

After adding these few lines to names.conf and creating rdnc.conf (make sure the user bind can read this file) I was able to restart/reload the bind9 service without error.



About Craig Szymanski

Systems Administrator Photography Enthusiast
This entry was posted in Bind, Linux, Network Administration. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s