Hi!

I've now repeatedly had serious problems with rndc and bind! If I restart the server, everything works fine (for a while), but I am unable to restart the server with either "rndc -s localhost stop/start" or "/etc/init.d/named restart".
In my bind log I get "bad auth" and the typical message appears on screen: "Something about wrong protocol etc..."

I've tried ALL the tips out there, but nothing is working.
And since this dns server is on my own local LAN (with no unautorized traffic), I want to remove ALL references to rndc!
It might be working for some of you, but it breaks my dns server every month, and then I'm back searching for solutions...

I'm using gentoo, so is there a way I can emerge with a USE flag to remove rndc control? Or is there a way to compile bind manually without rndc control? Or is it as simple as removing all references to rndc in the .conf files? (I believe I've tried the latter without success).

I just need a way to remove RNDC as the source of my nightmares!
I know I can use other DNS servers, but that's not an option! (As I'm dependant on the BIND structure for other scripts/programs.)

Cheers!

I don't think that you can compile bind from source without rndc.
You can disable rndc using:
in /etc/named.conf
If you want you can comment out any other reference to rndc, but it's not important.

Regards

Lol!

Thanks m8! I owe you one!
Hmm... that simple...

Now I can at least get "rndc -s localhost status" to work.
But one problem remains: I have to physically restart the server to restart bind.

How can I setup things to restart the usual way? (like: "/etc/init.d/named restart")

If I try "rndc -s localhost reload" or whatever, I get "connection refused"...

And if I do "ps auxww | grep named" + kill -9 pid + remove the pid file, I still get "Named is already running" when I try to start it...

Cheers!

Ahhh....

Seems like I found the problem that has been haunting me for all this time!

I was missing my server definition in the rndc.conf:
This caused the server to run properly, but left me unable to control it!

I find this a bit strange though, cause I have gone through all the documentation I could find. Plus I've posted my config files numerous times on several forums, but no one else has seen it either...

Well, at least it is working now!
C'ya in a month or so

Another possible solution to this problem:

I had something that seemed exactly like this problem today.

I have two separate servers, serving their separate sites, at separate physical location. Actually, the only thing they have in common, is their administrator (me) and OS (Gentoo Linux).

As I have only one public IP at each of these sites, and need two physically independent servers to be able to handle my DNS for either site in a regulatory fashion, these sites are going to be master and slave DNS servers for each other. You get the picture.

They have both run Bind9 from the start, but not properly set up with primary and secondary zones and zone transfers.

Today, I was not able to _stop_ named without using 'killall named'. I found this thread here, tried that, didn't work. However, while trying desperately to find out what was wrong, somewhere in the logs, I got an error concerning user rights. I checked, and found that somewhere along the line, ownership of most of the files in /chroot/dns/etc/bind/ were set to root.root, not named.named.

I ran 'chown named.named -R /chroot/dns/etc/bind/*', and everything seemed a lot better.

And i got a bonus as well, since I learned a bit more about securing the server with rndc-keys. Thanks, and I hope this can help others as well.