+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: System Setup & Installation (/forum-32.html)
+--- Thread: Bind configuration (/thread-8768.html)
Bind configuration - coper - 12-15-2009 08:17 AM
Hi,
I did this:
Code:
To keep the secondary nameserver in sync with the primary you can follow these steps.
NS1
Edit /etc/bind/named.conf and add this to the top:
options {
directory "/var/cache/bind";
forwarders {
[DNS.FROM.ISP];};
auth-nxdomain no;
dnssec-enable yes;
};
key "TRANSFER" {
algorithm hmac-md5;
secret "[HASHKEY]";
};
server [YOUR.NS2.IP] {
keys {
TRANSFER;
};
};
Parts of this used to be in named.conf.options, but we will not use that file. Remove the include line to. It should include a nameserver from your isp as forwarder and we use dnssec-enable to do encrypted zone-transfers. Also remove ALL comments! You need a key for secure zonetransfers on both nameservers. You can create a key with: (its in the <bla>.private file, only needed once and only on your NS1)
# dnssec-keygen -a hmac-md5 -b 512 -n host [YOUR.NS1.FQDN]
Restart bind.and when I try to restart bind I get this:
Code:
ws1:/etc/bind# /etc/init.d/bind9 restart
Stopping domain name service...: bind9rndc: connect failed: 127.0.0.1#953: connection refusedWhy I have that error if I did exactly the tutorial steps? (Firewall is open).
Thanks for any help.
RE: BIND CONFIGURATION - gOOvER - 12-15-2009 03:58 PM
Maybe wring permissions
BTW: please change your Topic to Normal Letters !!!