Objective
In order to administer DNS server (bind) from a command line, the RNDC utility needs to be correctly configured to avoid error message such as “rndc connect failed 127.0.0.1 connection refused“. The objective is to configure RNDC for Bind DNS server on CentOS 7 Linux.
Operating System and Software Versions
- Operating System: – CentOS Linux release 7.4.1708 (Core) Linux
- Software: – Bind 9
Requirements
Privileged access to your Ubuntu System as root or via sudo
command is required.
Difficulty
EASY
Conventions
- # – requires given linux commands to be executed with root privileges either directly as a root user or by use of
sudo
command - $ – requires given linux commands to be executed as a regular non-privileged user
Instructions
Generate RNDC Configuration
Start by execution of the rndc-confgen
command to generate appropriate configuration settings:
# rndc-confgen
Configure RNDC
Insert the previously generated RNDC configuration stanza into the file /etc/rndc.key
. Your code will be different:
key "rndc-key" {
algorithm hmac-md5;
secret "1KJjYVuDxsJpcmGIJs/0Uw==";
};
Confirm the file and ownership of the /etc/rndc.key
file. The correct permissions will be:
# ls -l /etc/rndc.key -rw-r-----. 1 root named 91 May 7 14:15 /etc/rndc.key
Configure Bind service
Next, insert the following lines to the existing /etc/named.conf
file:
include "/etc/rndc.key";
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
Restart Bind DNS server
Lastly, restart named daemon:
# service named restart Redirecting to /bin/systemctl restart named.service