Bind configuration

[coper]

Hi,
I did this:

Code:

To keep the secondary nameserver in sync with the primary you can follow these steps.

NS1

Edit /etc/bind/named.conf and add this to the top:

options {
        directory "/var/cache/bind";
        forwarders {
                [DNS.FROM.ISP];};
        auth-nxdomain no;
        dnssec-enable yes;
};
key "TRANSFER" {
        algorithm hmac-md5;
        secret "[HASHKEY]";
};
server [YOUR.NS2.IP] {
        keys {
                TRANSFER;
        };
};
Parts of this used to be in named.conf.options, but we will not use that file. Remove the include line to. It should include a nameserver from your isp as forwarder and we use dnssec-enable to do encrypted zone-transfers. Also remove ALL comments! You need a key for secure zonetransfers on both nameservers. You can create a key with: (its in the <bla>.private file, only needed once and only on your NS1)


# dnssec-keygen -a hmac-md5 -b 512 -n host [YOUR.NS1.FQDN]

Restart bind.

and when I try to restart bind I get this:

Code:

ws1:/etc/bind# /etc/init.d/bind9 restart
Stopping domain name service...: bind9rndc: connect failed: 127.0.0.1#953: connection refused

Why I have that error if I did exactly the tutorial steps? (Firewall is open).

Thanks for any help.

[gOOvER]

Maybe wring permissions

BTW: please change your Topic to Normal Letters !!!