The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem with bind and or dns cluster

Discussion in 'Bind / DNS / Nameserver Issues' started by tomdchi, Apr 10, 2012.

  1. tomdchi

    tomdchi Well-Known Member

    Joined:
    Feb 24, 2008
    Messages:
    112
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    cPanel Access Level:
    DataCenter Provider
    I recently upgraded several of our servers to 11.32.2 and I am running Centos 6.2. On one of the servers when I edit dns zones I get the error:

    Code:
    Bind reloading on rps-server using rndc: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
    rndc: connect failed: 127.0.0.1#953: connection refused
    Error reloading bind on rps-server: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
    rndc: connect failed: 127.0.0.1#953: connection refused
    We use seperate dns servers so bind is disabled on all of our hosting servers. This only occurs on one of several servers that all use the same OS and WHM version.

    Anyone know how to fix this? Is it any cause for concern?
     
  2. mohitmoudgil

    mohitmoudgil Member
    PartnerNOC

    Joined:
    Oct 24, 2008
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Same issue here. Looking for solution
     
  3. feijao

    feijao Member

    Joined:
    Sep 5, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Yes, We also have the exact same problem with a CentOS 5.8.

    /scripts/fixndc did't fixed it too - I get no output from it.
     
  4. kalid

    kalid Active Member

    Joined:
    Jul 26, 2011
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    > America/Mexico_City
    cPanel Access Level:
    Root Administrator
    Any solution..?
     
  5. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    The same thing is happening on all of our 11.32.2 cPanel servers.

    It's not actually a problem because the real nameservers are still being updated - it's just that cPanel is trying to update a local DNS server that is disabled. It is disconcerting to see an error message every time you edit a DNS zone though.
     
  6. rustamt

    rustamt Registered

    Joined:
    May 9, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I resolved this problem by deleting the file /etc/binddisable, it appear to cause this problem and I see no such file on the newly installed servers with CloudLinux 6.x and cPanel 11.32.2.
     
  7. Michael-MS

    Michael-MS Well-Known Member

    Joined:
    Apr 16, 2003
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    I have this same problem on a brand new server. All I did was enable DNS cluster and now I get the same error in the OP. I have a ticket open for it, and the cPanel tech said it's because the clustering wasn't setup properly. I don't remember this ever being an issue in the past and the /scripts/rndcfix used to always fix it. Is the new solution just to delete the binddisable file???
     
  8. JnB

    JnB Registered

    Joined:
    Jul 10, 2012
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I have the same issue. Installed tuesday en set up the clustering yesterdag.

    The /etc/binddisable file isn't there so any more idea's ?
     
  9. NetMantis

    NetMantis BANNED

    Joined:
    Apr 22, 2012
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Utah
    cPanel Access Level:
    DataCenter Provider
    It's a security related warning. It means your DNS is partially default config which means it may be possible for someone out there to compromise or gain access to the control side of your DNS server.

    You need a unique key generated that isn't the standard unconfigured Bind 'default' installation.

    That's basically it!

    Your DNS should still function normally even with the current security warning messages and without you really needing to do anything at all whatsoever and you could just simply choose to ignore the messages but anyone with knowledge of the default configuration for bind might be able to make use of that knowledge for nefarious purposes and that in itself is the reason why the newer versions are issuing the alert.
     
Loading...

Share This Page