bind 9.9.4 rndc: connection to remote host closed
Clash Royale CLAN TAG#URR8PPP
I have installed bind-9.9.4-72 on CentOS 7.6 and everything seems working i can query my local zone and remote address etc. but somehow rndc not working
This is what i did to configure rndc
rndc-confgen > /tmp/rndc.out
and created two files from above output.
rndc.conf
# Start of rndc.conf
key "rndc-key"
algorithm hmac-md5;
secret "9da1tS0degu3ZfVIVRO/Dg==";
;
options
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
;
# End of rndc.conf
rndc.key
key "rndc-key"
algorithm hmac-md5;
secret "9da1tS0degu3ZfVIVRO/Dg==";
;
named.conf
controls
inet 127.0.0.1 port 953 allow 127.0.0.1; 10.30.0.50; keys "rndc-key"; ;
;
include "/etc/rndc.key";
Getting following Error
[root@ns1 etc]# rndc status
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not synchronized,
* the the key signing algorithm is incorrect, or
* the key is invalid.
Detail outout
[root@ns1 etc]# rndc -V status
create memory context
create socket manager
create task manager
create task
create logging context
setting log tag
creating log channel
enabling log channel
create parser
get key
decode base64 secret
status
post event
using server 127.0.0.1 (127.0.0.1#953)
create socket
bind socket
connect
create message
render message
schedule recv
send message
rndc: connection to remote host closed
log file..
Dec 18 14:05:34 ns1 named[18947]: invalid command from 127.0.0.1#47203: failure
Dec 18 14:05:58 ns1 named[18947]: invalid command from 127.0.0.1#54722: failure
Dec 18 14:05:59 ns1 named[18947]: invalid command from 127.0.0.1#32822: failure
Dec 18 14:06:03 ns1 named[18947]: invalid command from 127.0.0.1#56079: failure
I have also verified rndc and bind running on same version.
linux dns bind domain
asked Dec 18 at 19:08
Satish
64311134
add a comment |
I have installed bind-9.9.4-72 on CentOS 7.6 and everything seems working i can query my local zone and remote address etc. but somehow rndc not working
This is what i did to configure rndc
rndc-confgen > /tmp/rndc.out
and created two files from above output.
rndc.conf
# Start of rndc.conf
key "rndc-key"
algorithm hmac-md5;
secret "9da1tS0degu3ZfVIVRO/Dg==";
;
options
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
;
# End of rndc.conf
rndc.key
key "rndc-key"
algorithm hmac-md5;
secret "9da1tS0degu3ZfVIVRO/Dg==";
;
named.conf
controls
inet 127.0.0.1 port 953 allow 127.0.0.1; 10.30.0.50; keys "rndc-key"; ;
;
include "/etc/rndc.key";
Getting following Error
[root@ns1 etc]# rndc status
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not synchronized,
* the the key signing algorithm is incorrect, or
* the key is invalid.
Detail outout
[root@ns1 etc]# rndc -V status
create memory context
create socket manager
create task manager
create task
create logging context
setting log tag
creating log channel
enabling log channel
create parser
get key
decode base64 secret
status
post event
using server 127.0.0.1 (127.0.0.1#953)
create socket
bind socket
connect
create message
render message
schedule recv
send message
rndc: connection to remote host closed
log file..
Dec 18 14:05:34 ns1 named[18947]: invalid command from 127.0.0.1#47203: failure
Dec 18 14:05:58 ns1 named[18947]: invalid command from 127.0.0.1#54722: failure
Dec 18 14:05:59 ns1 named[18947]: invalid command from 127.0.0.1#32822: failure
Dec 18 14:06:03 ns1 named[18947]: invalid command from 127.0.0.1#56079: failure
I have also verified rndc and bind running on same version.
linux dns bind domain
asked Dec 18 at 19:08
Satish
64311134
add a comment |
I have installed bind-9.9.4-72 on CentOS 7.6 and everything seems working i can query my local zone and remote address etc. but somehow rndc not working
This is what i did to configure rndc
rndc-confgen > /tmp/rndc.out
and created two files from above output.
rndc.conf
# Start of rndc.conf
key "rndc-key"
algorithm hmac-md5;
secret "9da1tS0degu3ZfVIVRO/Dg==";
;
options
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
;
# End of rndc.conf
rndc.key
key "rndc-key"
algorithm hmac-md5;
secret "9da1tS0degu3ZfVIVRO/Dg==";
;
named.conf
controls
inet 127.0.0.1 port 953 allow 127.0.0.1; 10.30.0.50; keys "rndc-key"; ;
;
include "/etc/rndc.key";
Getting following Error
[root@ns1 etc]# rndc status
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not synchronized,
* the the key signing algorithm is incorrect, or
* the key is invalid.
Detail outout
[root@ns1 etc]# rndc -V status
create memory context
create socket manager
create task manager
create task
create logging context
setting log tag
creating log channel
enabling log channel
create parser
get key
decode base64 secret
status
post event
using server 127.0.0.1 (127.0.0.1#953)
create socket
bind socket
connect
create message
render message
schedule recv
send message
rndc: connection to remote host closed
log file..
Dec 18 14:05:34 ns1 named[18947]: invalid command from 127.0.0.1#47203: failure
Dec 18 14:05:58 ns1 named[18947]: invalid command from 127.0.0.1#54722: failure
Dec 18 14:05:59 ns1 named[18947]: invalid command from 127.0.0.1#32822: failure
Dec 18 14:06:03 ns1 named[18947]: invalid command from 127.0.0.1#56079: failure
I have also verified rndc and bind running on same version.
linux dns bind domain
asked Dec 18 at 19:08
Satish
64311134
I have installed bind-9.9.4-72 on CentOS 7.6 and everything seems working i can query my local zone and remote address etc. but somehow rndc not working
This is what i did to configure rndc
rndc-confgen > /tmp/rndc.out
and created two files from above output.
rndc.conf
# Start of rndc.conf
key "rndc-key"
algorithm hmac-md5;
secret "9da1tS0degu3ZfVIVRO/Dg==";
;
options
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
;
# End of rndc.conf
rndc.key
key "rndc-key"
algorithm hmac-md5;
secret "9da1tS0degu3ZfVIVRO/Dg==";
;
named.conf
controls
inet 127.0.0.1 port 953 allow 127.0.0.1; 10.30.0.50; keys "rndc-key"; ;
;
include "/etc/rndc.key";
Getting following Error
[root@ns1 etc]# rndc status
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not synchronized,
* the the key signing algorithm is incorrect, or
* the key is invalid.
Detail outout
[root@ns1 etc]# rndc -V status
create memory context
create socket manager
create task manager
create task
create logging context
setting log tag
creating log channel
enabling log channel
create parser
get key
decode base64 secret
status
post event
using server 127.0.0.1 (127.0.0.1#953)
create socket
bind socket
connect
create message
render message
schedule recv
send message
rndc: connection to remote host closed
log file..
Dec 18 14:05:34 ns1 named[18947]: invalid command from 127.0.0.1#47203: failure
Dec 18 14:05:58 ns1 named[18947]: invalid command from 127.0.0.1#54722: failure
Dec 18 14:05:59 ns1 named[18947]: invalid command from 127.0.0.1#32822: failure
Dec 18 14:06:03 ns1 named[18947]: invalid command from 127.0.0.1#56079: failure
I have also verified rndc and bind running on same version.
linux dns bind domain
linux dns bind domain
asked Dec 18 at 19:08
Satish
64311134
asked Dec 18 at 19:08
Satish
64311134
asked Dec 18 at 19:08
Satish
64311134
asked Dec 18 at 19:08
Satish
64311134
asked Dec 18 at 19:08
Satish
64311134
64311134
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Solution:
If named cannot find the rndckey in /etc/rndc.key, it will report the error 'rndc: connection to remote host closed'.
When using rndc-confgen -a to create a new rndc key, the new key will be called rndc-key by default. Therefore, the /etc/rndc.key file will need to be edited and the key name changed to rndckey ( remove any - ) for the sake of named. Likewise the command:
rndc-confgen -a -k rndckey
make sure /etc/rndc.key is a soft link to /var/named/chroot/etc/rndc.key
ln -s /var/named/chroot/etc/rndc.key /etc/.
[root@ns1 etc]# rndc status
version: 9.9.4-RedHat-9.9.4-72.el7 <id:8f9657aa>
CPUs found: 2
worker threads: 2
UDP listeners per interface: 2
number of zones: 208
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
answered Dec 18 at 19:26
Satish
64311134
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f489748%2fbind-9-9-4-rndc-connection-to-remote-host-closed%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Solution:
If named cannot find the rndckey in /etc/rndc.key, it will report the error 'rndc: connection to remote host closed'.
When using rndc-confgen -a to create a new rndc key, the new key will be called rndc-key by default. Therefore, the /etc/rndc.key file will need to be edited and the key name changed to rndckey ( remove any - ) for the sake of named. Likewise the command:
rndc-confgen -a -k rndckey
make sure /etc/rndc.key is a soft link to /var/named/chroot/etc/rndc.key
ln -s /var/named/chroot/etc/rndc.key /etc/.
[root@ns1 etc]# rndc status
version: 9.9.4-RedHat-9.9.4-72.el7 <id:8f9657aa>
CPUs found: 2
worker threads: 2
UDP listeners per interface: 2
number of zones: 208
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
answered Dec 18 at 19:26
Satish
64311134
add a comment |
Solution:
If named cannot find the rndckey in /etc/rndc.key, it will report the error 'rndc: connection to remote host closed'.
When using rndc-confgen -a to create a new rndc key, the new key will be called rndc-key by default. Therefore, the /etc/rndc.key file will need to be edited and the key name changed to rndckey ( remove any - ) for the sake of named. Likewise the command:
rndc-confgen -a -k rndckey
make sure /etc/rndc.key is a soft link to /var/named/chroot/etc/rndc.key
ln -s /var/named/chroot/etc/rndc.key /etc/.
[root@ns1 etc]# rndc status
version: 9.9.4-RedHat-9.9.4-72.el7 <id:8f9657aa>
CPUs found: 2
worker threads: 2
UDP listeners per interface: 2
number of zones: 208
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
answered Dec 18 at 19:26
Satish
64311134
add a comment |
Solution:
If named cannot find the rndckey in /etc/rndc.key, it will report the error 'rndc: connection to remote host closed'.
When using rndc-confgen -a to create a new rndc key, the new key will be called rndc-key by default. Therefore, the /etc/rndc.key file will need to be edited and the key name changed to rndckey ( remove any - ) for the sake of named. Likewise the command:
rndc-confgen -a -k rndckey
make sure /etc/rndc.key is a soft link to /var/named/chroot/etc/rndc.key
ln -s /var/named/chroot/etc/rndc.key /etc/.
[root@ns1 etc]# rndc status
version: 9.9.4-RedHat-9.9.4-72.el7 <id:8f9657aa>
CPUs found: 2
worker threads: 2
UDP listeners per interface: 2
number of zones: 208
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
answered Dec 18 at 19:26
Satish
64311134
Solution:
If named cannot find the rndckey in /etc/rndc.key, it will report the error 'rndc: connection to remote host closed'.
When using rndc-confgen -a to create a new rndc key, the new key will be called rndc-key by default. Therefore, the /etc/rndc.key file will need to be edited and the key name changed to rndckey ( remove any - ) for the sake of named. Likewise the command:
rndc-confgen -a -k rndckey
make sure /etc/rndc.key is a soft link to /var/named/chroot/etc/rndc.key
ln -s /var/named/chroot/etc/rndc.key /etc/.
[root@ns1 etc]# rndc status
version: 9.9.4-RedHat-9.9.4-72.el7 <id:8f9657aa>
CPUs found: 2
worker threads: 2
UDP listeners per interface: 2
number of zones: 208
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
answered Dec 18 at 19:26
Satish
64311134
answered Dec 18 at 19:26
Satish
64311134
answered Dec 18 at 19:26
Satish
64311134
answered Dec 18 at 19:26
Satish
64311134
64311134
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f489748%2fbind-9-9-4-rndc-connection-to-remote-host-closed%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
