I’m trying to get new boxes set up as the prim & sec namservers but keep running into RPC errors.
I can get them setup in webmin servers ( by hand, won’t scan) but when I try to setup as a BIND cluster I get RPC errors. Either invalid user or password etc, even if I turn RPC off.
This is CentOS 4.4 with BIND under CHROOT. Who is the cluster looking for?
Tried this morning with my eyes open and realized chroot needs to log in as root.
But the big question is, do I want to operate under CHROOT? Somehow (ignorant too) I don’t feel comfortable with all the servers tied together with root access. I would prefer running BIND clusters as a BINDuser exclusively, or am I wrong on that?
OK, The question then is, how do I create a CHROOT binduser? I don’t want to be logging in the nameservers as root. But every webmin user I create gives RPC errors…
You’re mixing up the notion of BIND chroot and RPC and Webmin RPC.
In this case, edit whatever Webmin user you’ve created for managing the BIND slave zones, and open out the Global ACL page. Find the option labeled “Can accept RPC calls?”, which will allow RPC calls.
Note that Webmin RPC is not subject to ACLs, as it provides direct access to all of the Webmin API.
Thanks, Joe. That did the trick.
I guess I’ll have to do some extensive reading this weekend on the cluster Mod
Have a look at the new Webmin wiki here:
There are a few Cluster chapters there (imported from Jamie’s book…which was written before most of the Cluster modules existed). I think it also misses the BIND DNS Cluster Slaves feature, which I believe was developed for Virtualmin (and just happens to be wonderfully useful on its own). If you get the inclination, you could always add what you’ve learned to the wiki.
Anyway, it’s a start on a good solid collection of documentation for Webmin. We plan to spend a lot of time/money/effort on it over the next few months, but our todo list is extraordinarily long.
Well I fixed the RPC errors by opening up the linux firewall to a unique port range of the base plus 100.
But it didn’t fix the solve server problem. Again, we’re creating a slave entry on the primary and secondary nameservers but not wrting the record to the HOSTS file. A quick look at named.conf and each entry has the correct path, but the MASTER address is entered as local “184.108.40.206” So essentially the nameserver is looking at itself to find the record to transfer.
I have in the webmin BIND setup "Default master server IP for remote slave zones IP address of hostname "
So I’m at a loss as to why named.conf keeps entering it as local. Any life saving wave of hands the anybody knows? I really would hat to re-enter all of these by hand.
To take my own advise and follow up on this for closer,
DOn’t rely on the hostname delivering the host ip, enter the actual IP address for the default nameserver.