rndc unable to connect to named inside jail

byrnejb

Member


Messages: 98

FreeBSD-12.0p7

We created a jail using ezjail-admin and configured it for bind 911 using ipv4 [192.168.209.133] (DNS02). Everything works including rndc. We then shut down the jail and archived it using ezjail-admin. We transferred the archived jail to another server and used ezjail-admin to create a clone jail with different ip address [192.168.209.134](DNS04).

We re-configured the various configuration files ( hosts, resolv.conf, named.conf, rndc.conf) and verified file ownership and permissions of namedb/*conf. We started named in the new jail [192.168.209.134] and it started without error and is resolving as expected as shown below.
Code:
[root@dns04 ~]# drill harte-lyne.ca @192.168.209.134
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 39423
;; flags: qr aa rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
. . .
The named service is running and seems to be listening on 127.0.134.1:
Code:
[root@dns04 ~]# netstat -an | grep -i listen
tcp4       0      0 192.168.209.134.22     *.*                    LISTEN    
tcp4       0      0 127.0.134.1.953        *.*                    LISTEN    
tcp4       0      0 192.168.209.134.53     *.*                    LISTEN
However, we cannot connect to the named service using rndc:
Code:
[root@dns04 ~]# rndc -V status
create memory context
. . .
connect
rndc: connect failed: 127.0.134.1#953: timed out
We cannot telnet to 127.0.134.1#953 either. (telnet 127.0.134.1 953) just hangs.
It seems that even thugh the named daemon is reported as listening on 953, it actually is not.

Has any any idea what is going on and how t fix this?
 
Top