From: ccostelloe at domain flogas.ie
Date: Mon 01 Oct 2001 - 13:44:33 IST
> On Mon, Oct 01, 2001 at 04:10:57AM +0100, Paul Jakma came forth with: > On Mon, 1 Oct 2001, Ciaran Costelloe wrote:
> > > the Windows desktop a poor second-best. However, can anyone give me a clue
> > as to what new gremlins have been introduced in Red Hat 7.1 which are > > causing my connectivity problems?
> > for BIND: is named actually running?
> have a look at the bind website (www.isc.org), and grab one of their pdf docs.
named is listening on lo and eth0 per the logs. It is having a touch of indigestion with some of the entries in my zone files (I know Bind 9 is humpier than Bind 8 in this respect). Believe it or not, I have read through plenty, the zone files seem fine. I cannot resolve these because the damn machine still won't talk to me - dig is not getting answers (NXDOMAIN / auth-nxdomain errors - I am suspicious that for some reason, it does not consider itself authoritative for it's own domain) and the other weapon, rndc, is equally humpy (see below). My previous aid, nslookup, is deprecated and dumb on Red Hat 7.1 - where it used to show the nameserver, it now tells you that you should not be using it.
> IIRC (I'll have to check when I get home), rndc is the bind 9 equivalent > of ndc from bind 8. And it's a little more secure. If bind is running, > then have a look at /etc/rndc.conf which should list keys it's going > to use, and /etc/named.conf (or wherever RH puts them). That should > list either an acl of localhost, or one with a key. You need to make > sure that key is the one than rndc.conf will send.
I did stumble across rndc and thought that this was going to sort me out, but no such luck - I wanted to use "rndc dumpdb" to see exactly what named was loading and what it was discarding. I even read up about it! Both the key names and values in rndc.conf and named.conf are the same, both are using MD5, and are exactly as per the docs. However, rndc also gets it's connection refused.
By the way, I meant to post previously that both hosts.allow and hosts.deny have no uncommented lines, as usual.
I am not worried about sorting out bind itself once I can get the box to talk to me :-)
> see, it's easy, really <g>
Only if you have the right halo, which I don't appear to have :-)
Thanks for the replies!
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:12:24 GMT