Current time: 12-23-2024, 04:14 PM Hello There, Guest! (LoginRegister)


Post Reply 
Bind configuration
Author Message
coper Offline
Junior Member
*

Posts: 91
Joined: Nov 2008
Reputation: 0
Post: #1
Bind configuration
Hi,
I did this:
Code:
To keep the secondary nameserver in sync with the primary you can follow these steps.

NS1

Edit /etc/bind/named.conf and add this to the top:

options {
        directory "/var/cache/bind";
        forwarders {
                [DNS.FROM.ISP];};
        auth-nxdomain no;
        dnssec-enable yes;
};
key "TRANSFER" {
        algorithm hmac-md5;
        secret "[HASHKEY]";
};
server [YOUR.NS2.IP] {
        keys {
                TRANSFER;
        };
};
Parts of this used to be in named.conf.options, but we will not use that file. Remove the include line to. It should include a nameserver from your isp as forwarder and we use dnssec-enable to do encrypted zone-transfers. Also remove ALL comments! You need a key for secure zonetransfers on both nameservers. You can create a key with: (its in the <bla>.private file, only needed once and only on your NS1)


# dnssec-keygen -a hmac-md5 -b 512 -n host [YOUR.NS1.FQDN]

Restart bind.

and when I try to restart bind I get this:
Code:
ws1:/etc/bind# /etc/init.d/bind9 restart
Stopping domain name service...: bind9rndc: connect failed: 127.0.0.1#953: connection refused

Why I have that error if I did exactly the tutorial steps? (Firewall is open).

Thanks for any help.
(This post was last modified: 12-19-2009 08:44 AM by coper.)
12-15-2009 08:17 AM
Find all posts by this user Quote this message in a reply
gOOvER Offline
Banned

Posts: 3,561
Joined: Jul 2007
Post: #2
RE: BIND CONFIGURATION
Maybe wring permissions Wink

BTW: please change your Topic to Normal Letters !!!
12-15-2009 03:58 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)