On Tue, Apr 18, 2006 at 11:31:37PM -0400, sberaud wrote:
> Apr 18 23:16:07 www named[1426]: couldn't add command channel
> 127..0.1#953: not found
>
> I have looked all over but can not see where the #953 is coming from
> (port?), and I do have a zone file.
953 is a port, yes. This is the "command channel", used by the
utility "rndc" to communicate with BIND for things like reloading,
stopping, flushing caches, debugging, etc.
I have no idea why it would say "not found".
I looked at my own server, and it seems I use port 1953. Not sure if
it came that way by default, or if I did that.
In named.conf:
controls {
inet 127.0.0.1 port 1953 allow { localhost6; };
};
acl localhost6 {
127.0.0.1;
::1;
};
In rndc.conf:
options {
default-server localhost;
default-port 1953;
default-key rndc-key;
};
> Then, this is what I get every few minutes when tailing messages:
>
> Apr 18 23:20:24 www named[1426]: client 206.248.xxx.xxx#1669: updating
> zone 'myprimarydomain.net/IN': update failed: 'RRset exists (value
> dependent)' prerequisite not satisfied (NXRRSET)
> Apr 18 23:20:24 www named[1426]: client 206.248.xxx.xx#1670: query
> 'myotherhost.myprimarydomain.net/IN' denied
These are (failed) attempts to add a reverse lookup record. So the
client is trying to make its own IP address resolve into its own
hostname. Since the server is not configured to allow that, it fails.
Windows servers do this by default (annoyingly). If you own the
server that is trying to do the updating, look around for the DNS
update option and turn it off. Otherwise, just ignore them.
Attachment:
signature.asc
Description: Digital signature