Hi All, My Bind9 DNS won't start... I am getting the following error when restarting it. At some point DNS was working fine. I have both primary/secondary DNS setup. ns2:/etc/bind# /etc/init.d/bind9 restart Stopping domain name service...: bindrndc: connect failed: 127.0.0.1#953: connection refused failed! Starting domain name service...: bind failed! Thanks for any help! Joe
Do you have primary and secondary zones for the same domain on the same server? If yes, remove the secondary zones. The are not nescessary and Bind will not start if the same domain is defined as primary and secondary on the same server.
Till, I am using the 2 in one dns how-to: http://howtoforge.com/two_in_one_dns_bind9_views I followed the instructions as per the how-to for the primary DNS for the secondary I just duplicated the setup the same. Here's my named.conf.local for my Primary and Secondary Name Servers. NOTE: I've changed the domain name and IP's. Primary named.conf.local: Code: // Primary NS - named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; acl internals { 127.0.0.0/8; 192.168.10.0/24; }; view "internal" { match-clients { internals; }; recursion yes; zone "doamin-a.com" { type master; file "/etc/bind/db.internals.doamin-a.com"; }; // Reverse DNS for doamin-a.com zone "10.168.192.in-addr.arpa" { type master; file "/etc/bind/db.internals.doamin-a.com.inv"; forwarders{}; }; }; view "external" { match-clients { any; }; recursion no; zone "doamin-a.com" { type master; file "/etc/bind/db.externals.doamin-a.com"; allow-transfer { slaves; }; }; // Reverse DNS for doamin-a.com zone "201.20.200.in-addr.arpa" { type master; file "/etc/bind/db.externals.doamin-a.com.inv"; forwarders{}; }; }; Secondary named.conf.local: Code: // Secondary NS - named.conf.local root@ns2:/etc/bind# more named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; acl internals { 127.0.0.0/8; 192.168.10.0/24; }; view "internal" { match-clients { internals; }; recursion yes; zone "doamin-a.com" { type slave; transfer-source 192.168.10.102; file "/etc/bind/db.internals.doamin-a.com.slv"; masters { 192.168.10.101; }; }; // Reverse DNS for doamin-a.com zone "10.168.192.in-addr.arpa" { type slave; transfer-source 192.168.10.102; file "/etc/bind/db.internals.doamin-a.com.slv.inv"; masters { 192.168.10.101; }; forwarders{}; }; }; view "external" { match-clients { any; }; recursion no; zone "doamin-a.com" { type slave; transfer-source 192.168.10.102; file "/etc/bind/db.externals.doamin-a.com.slv"; allow-transfer { slaves; }; masters { 192.168.10.101; }; }; // Reverse DNS for doamin-a.com zone "120.20.200.in-addr.arpa" { type slave; transfer-source 192.168.10.102; file "/etc/bind/db.externals.doamin-a.com.slv.inv"; allow-transfer { slaves; }; masters { 192.168.10.101; }; forwarders{}; }; }; I hope there's something that can be seen from the above 2 files. If not, I guess I can send attachments of my zone files if needed. I am really trying to figure out problem - Hope you or someone can help further! Joe
Falko, As you suggested, I took a look at the comments from this link: http://www.howtoforge.com/howto_bind_chroot_debian There are several different comments posted there and I am not sure which one to refer to directly. Also, I've installed BIND9 on Debian Etch and the comments are refering to Sarge. I am not sure if those comments also applies to Debian Etch. However, I do suppose the comments you want me to refer to is this: Code: [URL="http://www.howtoforge.com/howto_bind_chroot_debian#comment-370"]namedrndc: connect failed[/URL] Submitted by [URL="http://www.howtoforge.com/forums/member.php?u=4090"]Anonymous[/URL] on Fri, 2005-11-18 23:11. If you notice in the tutorial, it says - for Sarge - to modify the /etc/default/bind9 so bind runs as the unprivileged user 'bind'. Problem is, later on we chroot everything to the user 'nobody' I changed the opts= line in /etc/default/bind9 as per the instructions but used 'nobody' instead of 'bind' and it all worked fine - got rid of both the 'connect failed' AND the 'named.pid' error in syslog !. btw: Great howto - but I guess even the greatest stuff can have errors :) If you can confirm for me if I should change user to nobody as appose to bind. FYI, I did try changing to user bind but still get the errors initially reported. Joe
For Etch, bind is the correct user. Did you install BIND as shown here? http://www.howtoforge.com/perfect_setup_debian_etch_p4