Error reloading bind on server1: rndc: connect failed: connection refused

alrock

Active Member
May 31, 2004
34
0
156
When attempting to add an A entry for the hostname, this is the error I get:

Error reloading bind on server1: rndc: connect failed: connection refused

None of the available fixes work.

I tried:

cd /scripts
./updatenow
./fixndc

Twice. It did not work. So I tried:

cd /scripts
./upcp --force

It did not work either.

I verified that the 'rndc' key file existed.

Restarted the server. Still not working.

I am at a loss. This is the second freshly loaded Cpanel server in the last day that has had this problem. The other one I fixed by manually adding the hostname to the named.conf file. That did not work with this server and I am out of ideas.
 

alrock

Active Member
May 31, 2004
34
0
156
I already tried those fixes, as I stated. They did not work.

I am running CentOs 3.3
 

sawbuck

Well-Known Member
Jan 18, 2004
1,365
10
168
cPanel Access Level
Root Administrator
See that you got it solved at WHT. Have pasted that info here for someone else to use.

Here is the first portion of named.conf

// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "/var/named/named.ca";
};

zone "localhost" IN {
type master;
file "/var/named/localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "/var/named/named.local";
allow-update { none; };
};



Make a backup
cp /etc/named.conf /etc/named.conf-old

Open it up and take this out

controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

save it, then type

service named restart

then run /scripts/fixndc

see if that helps

also make sure it has the right permissions sometimes cpanel mucks that up example

-rw-r--r-- 1 root root 22037 Dec 8 20:00 /etc/named.conf
 

xWho

Well-Known Member
Apr 23, 2003
112
0
166
This method did not fix my occurance of this problem.

Fedora Core 2. " rndc: connect failed: connection refused " every time I try to create new accounts, make dns changes, etc...

sawbuck said:
See that you got it solved at WHT. Have pasted that info here for someone else to use.

Here is the first portion of named.conf

// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "/var/named/named.ca";
};

zone "localhost" IN {
type master;
file "/var/named/localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "/var/named/named.local";
allow-update { none; };
};



Make a backup
cp /etc/named.conf /etc/named.conf-old

Open it up and take this out

controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

save it, then type

service named restart

then run /scripts/fixndc

see if that helps

also make sure it has the right permissions sometimes cpanel mucks that up example

-rw-r--r-- 1 root root 22037 Dec 8 20:00 /etc/named.conf
 

nitroburn

Registered
Dec 8, 2004
1
0
151
I too have the same thing, have never been able to fix it
Fedora core 2 also

tryed all stated methods ive seen.

another thing is in the /var/log/messages there is

Feb 14 00:36:40 ds named[16716]: couldn't add command channel 127.0.0.1#953: not found
Feb 14 00:36:40 ds named[16716]: couldn't add command channel ::1#953: not found
Feb 14 00:36:40 ds named[16716]: running
Feb 13 16:36:40 ds named: named startup succeeded

---
FOUND THE FIX!!
Looks like cpanel is managing the chroot'ed named wrong.

http://www.fedoraforum.org/forum/archive/index.php/t-2998.html

If you're running bind in a chroot, you need to give the location of the chroot directory in /etc/sysconfig/named:

ROOTDIR=/var/named/chroot

The simplest way to handle the rndc key is to put it in its own file, and include that file in both named.conf and rndc.conf. To avoid confusion between files in /etc and files in /var/named/chroot/etc, make some symlinks:

/etc/named.conf should be a symlink to /var/named/chroot/etc/named.conf.
/etc/rndc.key should be a symlink to /var/named/chroot/etc/rndc.key.
/etc/rndc.conf doesn't involve chroot, so it stays put.

rndc.key should look like this:


key "rndckey" {
algorithm hmac-md5;
secret "q3k3SzpxASgKHCZpG1LeMw==";
};


/etc/rndc.conf should look like this:


options {
default-server localhost;
default-key "rndckey";
};

server localhost {
key "rndckey";
};

// This should be a symlink to the chrooted key file:
include "/etc/rndc.key";


named.conf should look like this:


controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

include "/etc/named.custom";

include "/etc/rndc.key";

zone "0.0.127.in-addr.arpa" {
type master;
file "0.0.127.in-addr.arpa.zone";
};

...
after the symlinks and editing the empty files in /var/named/chroot it worked.

##BEFORE##
[email protected] [/scripts]# service named restart
Stopping named: rndc: connect failed: connection refused
[ OK ]
Starting named: [ OK ]

##AFTER##
[email protected] [/scripts]# service named restart
Stopping named: [ OK ]
Starting named: [ OK ]
[email protected] [/scripts]#
 
Last edited:

Apocalyptic

Member
Apr 17, 2005
7
0
151
This seems to be dup thread or something, but to get a reply, I'll dup my reply.........sorry :confused:
I see a lot of same type problems accross the net and always points back to "Cpanel/WHM.
Shouldn't cPanel put in a fix for this so all people using their software dont have to go to SSH to do a fix?, I mean, isn't that why we use a GUI?, so it will be easier to manage your server.
This package sure costs enough. If cPanel has corrected this type error, then which release will it be found in, and "IF Not" then "why"
This was my only holdup, snag, whatever so far using cPanel, and I hope this is the most of it.
These instructions vary slightly from post to post, and which one is truly correct. I dont want a bunch of headaches, trying this and that till it gets fixed or have to Pay someone to do it after I have paid dearly for this software.
I appoligize for sounding a little gruff, but I spent my weekend trying to setup the server for my hosting Co. and ofcourse, no tech support from the data center on weekends, less its an emergency, like crashing, then to find that seems to be a cPanel fault.
How do I get this fixed without having to SSH the server, is their a patch for this problem?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
You will have to go to the shell to fix it. Remember that cPanel is not a server management tool, you still have to do that yourself, cPanel is an application that allows you to easily provide web hosting on a server that you maintain. The problem with bind not working is usually down to a faulty installation from the OS vendor. You still need to understand how DNS and bind work to run a DNS name server on the internet.

If you have a reproducable bug on a particualr OS, then log a bugzilla entry so that cPanel are aware of the problem if one doesn't already exist.
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,217
4
193
Minneapolis, MN
As Jonathan said, you must SSH to your server and tweak few conf files. If you don't know how, I suggest hiring a sys admin.
 

Apocalyptic

Member
Apr 17, 2005
7
0
151
you must SSH to your server and tweak few conf files. If you don't know how, I suggest hiring a sys admin.
Well today I learned :) it fixed this problem :D
funny thing was I mentioned this to people who installed everything, man did they get upset :mad:
The problem with bind not working is usually down to a faulty installation from the OS vendor.