Bind9 Error on Debian Etch-2

By crmanski

For those of you running a bind dns server you may have come across this error only when trying to restart your DNS server

Reloading domain name service… : bindrndc: connect failed: 127.0.0.1#953: connection refused

This has to do with the configuration of (or lack there of) in /etc/bind/rndc.conf

I noticed while searching the system for references to rndc that there was a program called: /usr/sbin/rndc-confgen
Running this gives you the correct text to put in your rdnc.conf file as well as a couple lines to add to your named.conf

Mine looked something like this…

 /usr/sbin/rndc-confgen
# Start of rndc.conf
key "rndc-key" {
    algorithm hmac-md5;
    secret "imnottelling==";
};

options {
    default-key "rndc-key";
    default-server 127.0.0.1;
    default-port 953;
};
# End of rndc.conf

# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
#     algorithm hmac-md5;
#     secret "imnottelling==";
# };
#
# controls {
#     inet 127.0.0.1 port 953
#         allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf

Note: Remove the # fromt the config lines for the second part that goes into the /etc/bind/named.conf file.

After adding these few lines to names.conf and creating rdnc.conf (make sure the user bind can read this file) I was able to restart/reload the bind9 service without error.

Technology: