Article ID: 129812, created on Nov 7, 2016, last review on Jan 24, 2017

  • Applies to:
  • Operations Automation

Symptoms

named zone update tasks fail with the following error:

Multiple errors during NS update: Destination host 'ns1.provider.tld' (#xxx), IP '<BACKNET>' : Internal error: /usr/sbin/rndc /usr/sbin/rndc reconfig failed with code 1 saying: STDOUT: '' STDERR 'rndc: connect failed: 127.0.0.1#953: connection refused

Named cannot be started inside the container:

# /etc/init.d/named status
rndc: connect failed: 127.0.0.1#953: connection refused
named is stopped

Checkconf shows the following message:

[root@ns1 ~]# /usr/sbin/named-checkconf -z -t /var/named/run-root /etc/named.conf > /dev/null
_default/example.com./IN: syntax error

Cause

There can be 2 reasons known so far:

  1. existence of TXT record, which length exceeds 255 characters
  2. MX records of some DNS zones can point to IP addresses instead of FQDNs.

Resolution

Follow the action plan below to resolve the problem:

  1. Disable the zone checking and start the named service.

    # grep "DISABLE_ZONE_CHECKING" /etc/sysconfig/named
    DISABLE_ZONE_CHECKING="yes"
    
    # /etc/init.d/named start
    Starting named:                                            [  OK  ]
    
  2. Find the DNS zone with TXT record exceeding 255 characters and and ask the customer to reduce it. The below script can be used to check existence of such records:

    # for x in `find /var/named -type f`; do res=`perl -e 'while ($ln = <STDIN>) { if ($ln =~ /TXT.*"[^"]{255,}"/) { print "Bad record: $ln"; }}' < $x`; if test -n "$res"; then echo "Zone $x: $res"; fi; done
    
  3. Check if there are domain zones files pointing to IP addresses instead of FQDNs:

    # /etc/init.d/named restart | grep "MX is an address"
    

    If there are, ask customers to point the MX records to FQDN. Then enable the Zone checking in /etc/sysconfig/named and restart the named service. Such warning is not really crtical and will not block named service from being started so you can ignore

  4. How to fix the problimatic TXT record where charachters are higher than 255 ? Long record should be split in 2 without new line, Example :

    Before:
    
    example.com.             TXT     "012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789
    012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789
    012345678901234567890123456789012345678901234567890123456789"
    
    After:
    
    example.com.             TXT     "012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789
    012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789
    0123456789" "01234567890123456789012345678901234567890123456789"
    

Search Words

Internal error: /usr/sbin/rndc /usr/sbin/rndc reconfig failed with code 1

named failing to start

-

rndc: connect failed: 127.0.0.1#953: connection refused named is stopped

zone provider.tld/IN: loaded serial 843709 provider.tld.:1: no TTL specified; using SOA MINTTL instead

named fails to start

named dns server cannot start service

Multiple errors during NS update: Destination host 'ns1.provider.tld' (#7), IP '<BACKNET>' : Internal error: /usr/sbin/rndc /usr/sbin/rndc reconfig failed with code 1 saying: STDOUT: '' STDERR 'rndc: connect failed: 127.0.0.1#953: connection refused

named Error

5356b422f65bdad1c3e9edca5d74a1ae caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07

Email subscription for changes to this article
Save as PDF