rndc status failed, connect failed: 127.0.0.1#953: timed out

[postcd]

Hello,

i found this in cpanel error log:

[2016-04-04 08:39:03 +0000] warn [restartsrv_base] /usr/sbin/rndc status failed: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)rndc: connect failed: 127.0.0.1#953: timed out at /usr/local/cpanel/Cpanel/DNSLib.pm line 263.
Cpanel::DNSLib::checkrndc(Cpanel::DNSLib=HASH(0x2134380)) called at /usr/local/cpanel/Cpanel/ServiceManager/Services/Named.pm line 84
Cpanel::ServiceManager::Services::Named::check(Cpanel::ServiceManager::Services::Named=HASH(0x1afc4f8)) called at /usr/local/cpanel/Cpanel/ServiceManager/Base.pm line 552
Cpanel::ServiceManager::Base::run_from_argv(Cpanel::ServiceManager::Services::Named=HASH(0x1afc4f8), "--verbose", "named", "--check", "--notconfigured-ok") called at bin/restartsrv_base.pl line 81
main::__ANON__() called at /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/Try/Tiny.pm line 80
eval {...} called at /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/Try/Tiny.pm line 71
Try::Tiny::try(CODE(0x1ef3ee8), Try::Tiny::Catch=REF(0x15fa418)) called at bin/restartsrv_base.pl line 110
[2016-04-04 08:39:03 +0000] warn [restartsrv_base] named: call to rndc failed
at /usr/local/cpanel/Cpanel/ServiceManager/Services/Named.pm line 85.
Cpanel::ServiceManager::Services::Named::check(Cpanel::ServiceManager::Services::Named=HASH(0x1afc4f8)) called at /usr/local/cpanel/Cpanel/ServiceManager/Base.pm line 552
Cpanel::ServiceManager::Base::run_from_argv(Cpanel::ServiceManager::Services::Named=HASH(0x1afc4f8), "--verbose", "named", "--check", "--notconfigured-ok") called at bin/restartsrv_base.pl line 81
main::__ANON__() called at /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/Try/Tiny.pm line 80
eval {...} called at /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/Try/Tiny.pm line 71
Try::Tiny::try(CODE(0x1ef3ee8), Try::Tiny::Catch=REF(0x15fa418)) called at bin/restartsrv_base.pl line 110
[2016-04-04 08:39:15 +0000] info [restartsrv_base] Domming remaining dovecot processes
[2016-04-04 08:39:16 +0000] info [tailwatchd] chkservd::Notify Notification => [email protected]***** via EMAIL [eventimportance => High (1)]
[2016-04-04 08:39:28 +0000] info [tailwatchd] chkservd::Notify Notification => [email protected]***** via EMAIL [eventimportance => High (1)]
[2016-04-04 08:39:39 +0000] info [tailwatchd] chkservd::Notify Notification => [email protected]***** via EMAIL [eventimportance => High (1)]
[2016-04-04 08:39:48 +0000] info [cpsrvd] Restarting cpsrvd daemon process 1820 via /usr/local/cpanel/cpsrvd
==> cpsrvd 11.54.0.21 started
==> cpsrvd: loading security policy....Done
==> cpsrvd: Setting up native SSL support ... Done
==> cpsrvd: transferred port bindings
==> cpsrvd: bound to ports
[2016-04-04 08:39:50 +0000] info [tailwatchd] chkservd::Notify Notification => [email protected]***** via EMAIL [eventimportance => High (1)]

Please which commands / steps to do to discover cause and fix it? Thank You

 

[cPanelMichael]

Hello

Check to see if local connections to port 953 are possible from your server's command line. EX:

telnet 127.0.0.1 953

You may need to review any firewall rules you have enabled if the connection is blocked.

Thank you.

 

[postcd]

thx, no, Yours mentioned command returns this:

telnet: connect to address 127.0.0.1: Connection timed out

# netstat -penta|grep named

tcp 0 0 SERVERIPHERE:53 0.0.0.0:* LISTEN 25 1558635645 7805/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 1558635643 7805/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 1558635648 7805/named

# cat /etc/rndc.conf|grep port

default-port 953;
# inet 127.0.0.1 port 953

csf -p|grep named

53/tcp 4/- - (7805/named) /usr/sbin/named -u named /usr/sbin/named
53/udp 4/- - (7805/named) /usr/sbin/named -u named /usr/sbin/named

(port 53 is within allowed ports in CSFirewall and 953 is not there)

When i pause CSF (firewall) and do # service named status

WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
version: 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.7 (Not disclosed)
CPUs found: 9
worker threads: 9
number of zones: *
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 1/100
server is up and running
named (pid 7805) is running...

What/why went wrong please?
Seems that after CSFirewall was enabled again, timeout no longer appears

but newly created cPanels DNS fails to work. I do command "host newcpaneldomain.tld" and result is "Host newcpaneldomain.tld not found: 2(SERVFAIL)"
but after i manually reload DNS zone, i see it start working/resolving and WHM says this upon reloading:
"Bind reloading on hostname using rndc: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
server reload successful"

 

[storminternet]

It looks to be csf firewall was blocking there connection on port 53. After restarting it that has been sorted out.

 

[cPanelMichael]

but newly created cPanels DNS fails to work. I do command "host newcpaneldomain.tld" and result is "Host newcpaneldomain.tld not found: 2(SERVFAIL)"
but after i manually reload DNS zone, i see it start working/resolving and WHM says this upon reloading:
"Bind reloading on hostname using rndc: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf)
server reload successful"

Does DNS fail externally as well, or is it just the local server that returns the "not found" error when using the "host" command?

Thank you.

 

[postcd]

I can"t confirm if DNS fails externally, i already reloaded that DNS Zone manually.

I followed cpanel support suggestion (Add 127.0.0.0/8 to /etc/csf/csf.allow and also to /etc/csf/csf.ignore.) and restarted CSF (firewall).

But i still see timeout when telnet localhost and port 953 or 80

(example: telnet 127.0.0.1 953)

service named status and rndc reload
is timeouting too

 

[cPanelMichael]

it seems solved, appears like CSF (firewall) misconfiguration so far.

I am happy to see the issue is now addressed. Thank you for updating us with the outcome.

 

[postcd]

yes, it seemd like that, but reallity is different, i updated my post as it is not solved.

 

[cPanelMichael]

I followed cpanel support suggestion (Add 127.0.0.0/8 to /etc/csf/csf.allow and also to /etc/csf/csf.ignore.) and restarted CSF (firewall).

But i still see timeout when telnet localhost and port 953 or 80

(example: telnet 127.0.0.1 953)

service named status and rndc reload
is timeouting too

To update, it looks like the issue was isolated to your firewall rules, per the support ticket. I suggest updating your custom firewall rules, or going through each custom rule one by one to narrow down the culprit.

Thank you.