Problem with bind and or dns cluster

tomdchi

Well-Known Member
Feb 24, 2008
140
3
68
Atlanta, GA
cPanel Access Level
DataCenter Provider
I recently upgraded several of our servers to 11.32.2 and I am running Centos 6.2. On one of the servers when I edit dns zones I get the error:

Code:
Bind reloading on rps-server using rndc: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
rndc: connect failed: 127.0.0.1#953: connection refused
Error reloading bind on rps-server: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
rndc: connect failed: 127.0.0.1#953: connection refused
We use seperate dns servers so bind is disabled on all of our hosting servers. This only occurs on one of several servers that all use the same OS and WHM version.

Anyone know how to fix this? Is it any cause for concern?
 

feijao

Member
Sep 5, 2004
17
0
151
Yes, We also have the exact same problem with a CentOS 5.8.

/scripts/fixndc did't fixed it too - I get no output from it.
 

mikelegg

Well-Known Member
Mar 29, 2005
330
3
166
The same thing is happening on all of our 11.32.2 cPanel servers.

It's not actually a problem because the real nameservers are still being updated - it's just that cPanel is trying to update a local DNS server that is disabled. It is disconcerting to see an error message every time you edit a DNS zone though.
 

rustamt

Registered
May 9, 2012
1
0
51
cPanel Access Level
Root Administrator
I resolved this problem by deleting the file /etc/binddisable, it appear to cause this problem and I see no such file on the newly installed servers with CloudLinux 6.x and cPanel 11.32.2.
 

Michael-MS

Well-Known Member
Apr 16, 2003
144
0
166
I resolved this problem by deleting the file /etc/binddisable, it appear to cause this problem and I see no such file on the newly installed servers with CloudLinux 6.x and cPanel 11.32.2.
I have this same problem on a brand new server. All I did was enable DNS cluster and now I get the same error in the OP. I have a ticket open for it, and the cPanel tech said it's because the clustering wasn't setup properly. I don't remember this ever being an issue in the past and the /scripts/rndcfix used to always fix it. Is the new solution just to delete the binddisable file???
 

JnB

Registered
Jul 10, 2012
4
0
1
cPanel Access Level
Root Administrator
I have the same issue. Installed tuesday en set up the clustering yesterdag.

The /etc/binddisable file isn't there so any more idea's ?
 

NetMantis

BANNED
Apr 22, 2012
116
1
66
Utah
cPanel Access Level
DataCenter Provider
It's a security related warning. It means your DNS is partially default config which means it may be possible for someone out there to compromise or gain access to the control side of your DNS server.

You need a unique key generated that isn't the standard unconfigured Bind 'default' installation.

That's basically it!

Your DNS should still function normally even with the current security warning messages and without you really needing to do anything at all whatsoever and you could just simply choose to ignore the messages but anyone with knowledge of the default configuration for bind might be able to make use of that knowledge for nefarious purposes and that in itself is the reason why the newer versions are issuing the alert.