Hi All, My Bind9 DNS won't start... I am getting the following error when restarting it. At some point DNS was working fine. I have both primary/secondary DNS setup.

ns2:/etc/bind# /etc/init.d/bind9 restart
Stopping domain name service...: bindrndc: connect failed: 127.0.0.1#953: connection refused
failed!
Starting domain name service...: bind failed!

Thanks for any help!
Joe

Do you have primary and secondary zones for the same domain on the same server? If yes, remove the secondary zones. The are not nescessary and Bind will not start if the same domain is defined as primary and secondary on the same server.

Till, I am using the 2 in one dns how-to:
http://howtoforge.com/two_in_one_dns_bind9_views

I followed the instructions as per the how-to for the primary DNS for the secondary I just duplicated the setup the same.

Here's my named.conf.local for my Primary and Secondary Name Servers.
NOTE: I've changed the domain name and IP's.

Primary named.conf.local:
// Primary NS - named.conf.local


//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

acl internals {
127.0.0.0/8;
192.168.10.0/24;
};

view "internal" {
match-clients { internals; };
recursion yes;
zone "doamin-a.com" {
type master;
file "/etc/bind/db.internals.doamin-a.com";
};

// Reverse DNS for doamin-a.com
zone "10.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.internals.doamin-a.com.inv";
forwarders{};
};
};

view "external" {
match-clients { any; };
recursion no;
zone "doamin-a.com" {
type master;
file "/etc/bind/db.externals.doamin-a.com";
allow-transfer { slaves; };
};

// Reverse DNS for doamin-a.com
zone "201.20.200.in-addr.arpa" {
type master;
file "/etc/bind/db.externals.doamin-a.com.inv";
forwarders{};
};
};


Secondary named.conf.local:
// Secondary NS - named.conf.local

root@ns2:/etc/bind# more named.conf.local
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

acl internals {
127.0.0.0/8;
192.168.10.0/24;
};

view "internal" {
match-clients { internals; };
recursion yes;
zone "doamin-a.com" {
type slave;
transfer-source 192.168.10.102;
file "/etc/bind/db.internals.doamin-a.com.slv";
masters { 192.168.10.101; };
};

// Reverse DNS for doamin-a.com
zone "10.168.192.in-addr.arpa" {
type slave;
transfer-source 192.168.10.102;
file "/etc/bind/db.internals.doamin-a.com.slv.inv";
masters { 192.168.10.101; };
forwarders{};
};
};
view "external" {
match-clients { any; };
recursion no;
zone "doamin-a.com" {
type slave;
transfer-source 192.168.10.102;
file "/etc/bind/db.externals.doamin-a.com.slv";
allow-transfer { slaves; };
masters { 192.168.10.101; };
};

// Reverse DNS for doamin-a.com
zone "120.20.200.in-addr.arpa" {
type slave;
transfer-source 192.168.10.102;
file "/etc/bind/db.externals.doamin-a.com.slv.inv";
allow-transfer { slaves; };
masters { 192.168.10.101; };
forwarders{};
};
};



I hope there's something that can be seen from the above 2 files. If not, I guess I can send attachments of my zone files if needed. I am really trying to figure out problem - Hope you or someone can help further!

Joe

Take a look at the comments on http://www.howtoforge.com/howto_bind_chroot_debian

Falko, As you suggested, I took a look at the comments from this link:
http://www.howtoforge.com/howto_bind_chroot_debian

There are several different comments posted there and I am not sure which one to refer to directly. Also, I've installed BIND9 on Debian Etch and the comments are refering to Sarge. I am not sure if those comments also applies to Debian Etch.

However, I do suppose the comments you want me to refer to is this:
namedrndc: connect failed (http://www.howtoforge.com/howto_bind_chroot_debian#comment-370)
Submitted by Anonymous (http://www.howtoforge.com/forums/member.php?u=4090) on Fri, 2005-11-18 23:11.
If you notice in the tutorial, it says - for Sarge - to modify the /etc/default/bind9 so bind runs as the unprivileged user 'bind'. Problem is, later on we chroot everything to the user 'nobody' I changed the opts= line in /etc/default/bind9 as per the instructions but used 'nobody' instead of 'bind' and it all worked fine - got rid of both the 'connect failed' AND the 'named.pid' error in syslog !. btw: Great howto - but I guess even the greatest stuff can have errors :)

If you can confirm for me if I should change user to nobody as appose to bind. FYI, I did try changing to user bind but still get the errors initially reported.

Joe

For Etch, bind is the correct user. Did you install BIND as shown here? http://www.howtoforge.com/perfect_setup_debian_etch_p4

Falko, thanks... I found the problem and fixed. It was a silly sintax error.

Joe