BIND error in /var/adm/messages.

[StickyBit]

Folks,

Im running BIND 9.2.0 on my Solaris 8 box and I'm receiving the following notice error in /var/adm/messages when the daemon is started:

named[26765]: [ID 866145 daemon.notice] couldn't add command channel 127.0.0.1#953: not found

named[26765]: [ID 866145 daemon.notice] couldn't add command channel ::1#953: not found.

What does this mean? or how can I find out?

Thanks,

StickyBit.

 

[mgbeirne]

On page 44 of the fine manual, they mention the "controls" statement which is used by "rndc" to talk to the daemon and cause it to restart/reload. The increased security designed into BIND 9 requires a key to be generated for it to accept commands like "ndc reload" in BIND 8. Run 'rndc-confgen -a'
From the BIND 9 Administrator Reference Manual page 44:

If no controls statement is present, named will set up a default control channel listening on the loopback address 127.0.0.1 and its IPv6 counterpart ::1. In this case, and also when the controls statement is present but does not have a keys clause, named will attempt to load the command channel key from the file rndc.key in /etc (or whatever sysconfdir was specified as when BIND was built). To create a rndc.key file, run rndc-confgen -a.

The rndc.key feature was created to ease the transition of systems from BIND 8, which did not have digital signatures on its command channel messages and thus did not have a keys clause. It makes it possible to use an existing BIND 8 configuration file in BIND 9 unchanged, and still have rndc work the same way ndc worked in BIND 8, simply by executing the command rndc-keygen -a after BIND 9 is installed.

 

[StickyBit]

Thanks for the detailed explanation Mgberine!

Regards,

StickyBit.