The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Nameservers

Discussion in 'Bind / DNS / Nameserver Issues' started by Chadley, Mar 25, 2005.

  1. Chadley

    Chadley Member

    Joined:
    Mar 25, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    I'm new to Cpanel/WHM; I've been trying to enable my private name servvers and it's been going nowhere. It just appears to stop, my browser doesn't continue, but it doesn't appear to be done.

    This is what happens when I click "Nameserver Setup" and hit Okay. Should it take another step?

    Name Server Activated
    Ensuring caching-nameserver is installed
    Gathering header information file(s) from server(s)
    Server: Fedora Core 1 - i386 - Base
    Server: Fedora Core 1 - i386 - Released Updates
    Finding updated packages
    Downloading needed headers
    No actions to take
    Activating nameserver monitoring
    Stopping chkservd: [ OK ]
    Starting chkservd: [ OK ]
    Starting Nameserver

    Attempting to restart named

    Waiting for named to restart....
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    finished.





    named status

    named 18639 0.0 0.6 11784 2852 ? S 11:26 0:00 /usr/sbin/named -u named -t /var/named/chroot
    named 18642 0.0 0.6 11784 2852 ? S 11:26 0:00 /usr/sbin/named -u named -t /var/named/chroot
    named 18643 2.2 0.6 11784 2852 ? S 11:26 0:00 /usr/sbin/named -u named -t /var/named/chroot
    named 18644 0.0 0.6 11784 2852 ? S 11:26 0:00 /usr/sbin/named -u named -t /var/named/chroot
    named 18645 0.0 0.6 11784 2852 ? S 11:26 0:00 /usr/sbin/named -u named -t /var/named/chroot




    named started ok
    Mar 25 11:25:59 tomdvy431 named[18334]: shutting down
    Mar 25 11:25:59 tomdvy431 named[18334]: no longer listening on 127.0.0.1#53
    Mar 25 11:25:59 tomdvy431 named[18334]: no longer listening on 209.97.205.87#53
    Mar 25 11:25:59 tomdvy431 named[18334]: no longer listening on 209.97.205.88#53
    Mar 25 11:25:59 tomdvy431 named[18330]: exiting
    Mar 25 11:25:59 tomdvy431 named: named shutdown succeeded
    Mar 25 11:26:02 tomdvy431 named: named startup succeeded
    Mar 25 11:26:02 tomdvy431 named[18639]: starting BIND 9.2.2-P3 -u named -t /var/named/chroot
    Mar 25 11:26:02 tomdvy431 named[18639]: using 1 CPU
    Mar 25 11:26:02 tomdvy431 named[18643]: loading configuration from '/etc/named.conf'
    Mar 25 11:26:02 tomdvy431 named[18643]: listening on IPv4 interface lo, 127.0.0.1#53
    Mar 25 11:26:02 tomdvy431 named[18643]: listening on IPv4 interface eth0, 209.97.205.87#53
    Mar 25 11:26:02 tomdvy431 named[18643]: listening on IPv4 interface eth0:1, 209.97.205.88#53
    Mar 25 11:26:02 tomdvy431 named[18643]: /etc/named.conf:2: couldn't install keys for command channel 127.0.0.1#953: not found
    Mar 25 11:26:02 tomdvy431 named[18643]: /etc/named.conf:2: couldn't add command channel 127.0.0.1#953: not found
    Mar 25 11:26:02 tomdvy431 named[18643]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
    Mar 25 11:26:02 tomdvy431 named[18643]: zone finglonger.com/IN: loaded serial 2005030201
    Mar 25 11:26:02 tomdvy431 named[18643]: zone ns1.finglonger.com/IN: loaded serial 2005021301
    Mar 25 11:26:02 tomdvy431 named[18643]: zone ns2.finglonger.com/IN: loaded serial 2005021301
    Mar 25 11:26:02 tomdvy431 named[18643]: zone localhost/IN: loaded serial 42
    Mar 25 11:26:02 tomdvy431 named[18643]: zone tomdvy431.easyvserver.net/IN: loaded serial 2005021301
    Mar 25 11:26:02 tomdvy431 named[18643]: zone finglonger.net/IN: loaded serial 2005032101
    Mar 25 11:26:02 tomdvy431 named[18643]: zone kicking-rad.net/IN: loaded serial 2005031701
    Mar 25 11:26:02 tomdvy431 named[18643]: zone finglonger.org/IN: loaded serial 2005031001
    Mar 25 11:26:02 tomdvy431 named[18643]: running
    Mar 25 11:26:02 tomdvy431 named[18643]: zone ns1.finglonger.com/IN: sending notifies (serial 2005021301)
    Mar 25 11:26:02 tomdvy431 named[18643]: zone finglonger.com/IN: sending notifies (serial 2005030201)
    Mar 25 11:26:02 tomdvy431 named[18643]: zone tomdvy431.easyvserver.net/IN: sending notifies (serial 2005021301)
    Mar 25 11:26:02 tomdvy431 named[18643]: zone ns2.finglonger.com/IN: sending notifies (serial 2005021301)
    Mar 25 11:26:02 tomdvy431 named[18643]: zone kicking-rad.net/IN: sending notifies (serial 2005031701)
    Mar 25 11:26:02 tomdvy431 named[18643]: zone finglonger.org/IN: sending notifies (serial 2005031001)
    Mar 25 11:26:02 tomdvy431 named[18643]: zone finglonger.net/IN: sending notifies (serial 2005032101)
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That should be it.

    To be sure type this at the root SSH shell:

    rndc status

    If that comes back with an error, runs this until it goes through cleanly:

    /scripts/fixndc

    Then do the rndc command again.
     
  3. Chadley

    Chadley Member

    Joined:
    Mar 25, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    I still get an error. My name server must not have been designed to run.

    root@tomdvy431 [/]# rndc status
    rndc: connect failed: connection refused
    root@tomdvy431 [/]# /scripts/fixndc
    Fixndc using rh9/rhes3/fedora support
    Found key in named.conf ..
    Found controls in named.conf ..
    named.conf has already been fixed!
    root@tomdvy431 [/]# rndc status
    rndc: connect failed: connection refused
     
    #3 Chadley, Mar 25, 2005
    Last edited: Mar 25, 2005
  4. procam

    procam Well-Known Member

    Joined:
    Nov 24, 2003
    Messages:
    123
    Likes Received:
    0
    Trophy Points:
    16
    This subject has probably been my biggest source of anger with any servers this happened on - And the solution cpanel offered didnt and never did work for me on any of the machines I tried this fix above on....

    So I went a searching and heres what I found - this did work -- and it worked very well and worked the first time!!

    Before you begin make sure file permissions are correct on named.conf rndc.conf and /var/run/named I set them to 755 and this worked for me and sometimes permissions alone will fix this - !
    If perms did not work to fix it for you - then proceed

    How to Repair rndc failed to load key or failed to reload bind


    Make backups --

    cp /etc/rndc.conf /etc/rndc.conf.backup
    cp /etc/named.conf /etc/named.conf.backup
    cp /etc/rndc.key /etc/rndc.key.backup



    The next step is to use rndc-confgen to create the key. Since you do not want named.conf to be altered, the command to type is:

    rndc-confgen -a

    The program will generate a key, which will be put in rndc.key. It will also put the necessary key information into rndc.conf, and named.conf.

    Be sure to use YOUR key you generate below NOT the one listed below!!! :cool:

    The next step is to modify the configuration files. Type the following command:

    pico -w /etc/rndc.conf
    Modify the file to read:

    options {
    default-server localhost;
    default-key rndc_key;
    };

    server localhost {
    key rndc_key;
    };

    key rndc_key {
    algorithm hmac-md5;
    secret "ViQerSyUBXwosrWGekrJpXuxTraFNaPDoQQESgtAFqkLhSGdgNdcAKsImEQX";
    };
    Type Ctrl-X and then Y and then Enter to save the file.



    Type the following command:

    pico -w /etc/named.conf
    Modify the file to read:


    key rndc_key {
    algorithm hmac-md5;
    secret "ViQerSyUBXwosrWGekrJpXuxTraFNaPDoQQESgtAFqkLhSGdgNdcAKsImEQX";
    };

    controls {
    inet 127.0.0.1 port 953
    allow { 127.0.0.1; } keys { rndc_key; };
    };
    Type Ctrl-X and then Y and then Enter to save the file.


    Type the following command:

    pico -w /etc/rndc.key
    Modify the file to read:

    key rndc_key {
    algorithm hmac-md5;
    secret "ViQerSyUBXwosrWGekrJpXuxTraFNaPDoQQESgtAFqkLhSGdgNdcAKsImEQX";
    };
    Type Ctrl-X and then Y and then Enter to save the file.



    Now that the configuration files have been modified, it is time to test them out. Restart named by typing the following command:

    service named restart
    Next, query the status of the service:

    service named status
    If all went well, there should be no errors, However you may see an error at this point in this even repeat procedure

    service named restart

    It should restart named now with no errors--

    Hint: If you are still having an issue - check this rndc_key << look for any instace of this that might be as follows
    rndc-key or rndckey in the rndc.conf and named.conf -- they should read rndc_key excluding file names


    Now this got it working correctly for ME -- with the exception that
    every night I get the following email --

    Hidden Pid detected! [pid 15874]
    hidden from ps: [yes]
    binary location: [/usr/sbin/named]

    Blah blah blah 3 times -- and I opened a ticket with cpanel on this took over a week going back and forth trying things they suggested - I followed their advice like a bible and did everything they said to the letter -- and still these emails continue --

    Ive run all the rootkits box is fine and its done this since its original build - but strangely 1 outta 3 new builds i run into this freaky dns issue.... and we do the installs exactly the same each and everytime..........Things that make you go hmmmmm
     
    #4 procam, Apr 14, 2005
    Last edited: Apr 14, 2005
  5. Chadley

    Chadley Member

    Joined:
    Mar 25, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    This is where I get stuck. There is no "/etc/rndc.key". When I try to run "rndc-confgen -a" the command doesn't exist?
     
  6. procam

    procam Well-Known Member

    Joined:
    Nov 24, 2003
    Messages:
    123
    Likes Received:
    0
    Trophy Points:
    16
    oh hell -- now thats just a bitch :mad:
     
  7. webhostnet

    webhostnet Member

    Joined:
    Apr 20, 2005
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    procam, thanx for shareing! Worked fine here (suse 9.0), with some OS-specific tweaks (SuSE 9.0 support for WHM/Cpanel looks really screwed).
     
  8. webhostnet

    webhostnet Member

    Joined:
    Apr 20, 2005
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Follow-up.
    The solution above works indeed. Just be aware of cpanel's scripts (I think it was 'fixeverything'... ironic, huh?) overwriting your files. Now, my /etc/rndc.key has 0 (Z-E-R-O) size. :mad:
     
Loading...

Share This Page