1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem with bind and or dns cluster

Discussion in 'Bind / DNS / Nameserver Issues' started by tomdchi, Apr 10, 2012.

  1. tomdchi

    tomdchi Member

    Joined:
    Feb 24, 2008
    Messages:
    104
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    I recently upgraded several of our servers to 11.32.2 and I am running Centos 6.2. On one of the servers when I edit dns zones I get the error:

    Code:
    Bind reloading on rps-server using rndc: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
    rndc: connect failed: 127.0.0.1#953: connection refused
    Error reloading bind on rps-server: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
    rndc: connect failed: 127.0.0.1#953: connection refused
    We use seperate dns servers so bind is disabled on all of our hosting servers. This only occurs on one of several servers that all use the same OS and WHM version.

    Anyone know how to fix this? Is it any cause for concern?
     
  2. mohitmoudgil

    mohitmoudgil New Member

    Joined:
    Oct 24, 2008
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Same issue here. Looking for solution
     
  3. feijao

    feijao New Member

    Joined:
    Sep 5, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Yes, We also have the exact same problem with a CentOS 5.8.

    /scripts/fixndc did't fixed it too - I get no output from it.
     
  4. kalid

    kalid New Member

    Joined:
    Jul 26, 2011
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    /dev/null
    Any solution..?
     
  5. mikelegg

    mikelegg Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    The same thing is happening on all of our 11.32.2 cPanel servers.

    It's not actually a problem because the real nameservers are still being updated - it's just that cPanel is trying to update a local DNS server that is disabled. It is disconcerting to see an error message every time you edit a DNS zone though.
     
  6. rustamt

    rustamt New Member

    Joined:
    May 9, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    I resolved this problem by deleting the file /etc/binddisable, it appear to cause this problem and I see no such file on the newly installed servers with CloudLinux 6.x and cPanel 11.32.2.
     
  7. Michael-MS

    Michael-MS Member

    Joined:
    Apr 16, 2003
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    I have this same problem on a brand new server. All I did was enable DNS cluster and now I get the same error in the OP. I have a ticket open for it, and the cPanel tech said it's because the clustering wasn't setup properly. I don't remember this ever being an issue in the past and the /scripts/rndcfix used to always fix it. Is the new solution just to delete the binddisable file???
     
  8. JnB

    JnB New Member

    Joined:
    Jul 10, 2012
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I have the same issue. Installed tuesday en set up the clustering yesterdag.

    The /etc/binddisable file isn't there so any more idea's ?
     
  9. NetMantis

    NetMantis BANNED

    Joined:
    Apr 22, 2012
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Utah
    It's a security related warning. It means your DNS is partially default config which means it may be possible for someone out there to compromise or gain access to the control side of your DNS server.

    You need a unique key generated that isn't the standard unconfigured Bind 'default' installation.

    That's basically it!

    Your DNS should still function normally even with the current security warning messages and without you really needing to do anything at all whatsoever and you could just simply choose to ignore the messages but anyone with knowledge of the default configuration for bind might be able to make use of that knowledge for nefarious purposes and that in itself is the reason why the newer versions are issuing the alert.
     

Share This Page