Skip to main content

rndc status failed, connect failed: 127.0.0.1#953: timed out

Comments

8 comments

  • cPanelMichael
    Hello :) Check to see if local connections to port 953 are possible from your server's command line. EX:
    telnet 127.0.0.1 953
    You may need to review any firewall rules you have enabled if the connection is blocked. Thank you.
    0
  • postcd
    thx, no, Yours mentioned command returns this: :( telnet: connect to address 127.0.0.1: Connection timed out
    # netstat -penta|grep named tcp 0 0 SERVERIPHERE:53 0.0.0.0:* LISTEN 25 1558635645 7805/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25 1558635643 7805/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25 1558635648 7805/named
    # cat /etc/rndc.conf|grep port default-port 953; # inet 127.0.0.1 port 953
    csf -p|grep named 53/tcp 4/- - (7805/named) /usr/sbin/named -u named /usr/sbin/named 53/udp 4/- - (7805/named) /usr/sbin/named -u named /usr/sbin/named
    (port 53 is within allowed ports in CSFirewall and 953 is not there) When i pause CSF (firewall) and do # service named status WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf) version: 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.7 (Not disclosed) CPUs found: 9 worker threads: 9 number of zones: * debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 1/100 server is up and running named (pid 7805) is running...
    What/why went wrong please? Seems that after CSFirewall was enabled again, timeout no longer appears but newly created cPanels DNS fails to work. I do command "host newcpaneldomain.tld" and result is "Host newcpaneldomain.tld not found: 2(SERVFAIL)" but after i manually reload DNS zone, i see it start working/resolving and WHM says this upon reloading: "Bind reloading on hostname using rndc: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf) server reload successful"
    0
  • storminternet
    It looks to be csf firewall was blocking there connection on port 53. After restarting it that has been sorted out.
    0
  • cPanelMichael
    but newly created cPanels DNS fails to work. I do command "host newcpaneldomain.tld" and result is "Host newcpaneldomain.tld not found: 2(SERVFAIL)" but after i manually reload DNS zone, i see it start working/resolving and WHM says this upon reloading: "Bind reloading on hostname using rndc: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf) server reload successful"

    Does DNS fail externally as well, or is it just the local server that returns the "not found" error when using the "host" command? Thank you.
    0
  • postcd
    I can"t confirm if DNS fails externally, i already reloaded that DNS Zone manually. I followed cpanel support suggestion (Add 127.0.0.0/8 to /etc/csf/csf.allow and also to /etc/csf/csf.ignore.) and restarted CSF (firewall). But i still see timeout when telnet localhost and port 953 or 80 (example: telnet 127.0.0.1 953) service named status and rndc reload is timeouting too
    0
  • cPanelMichael
    it seems solved, appears like CSF (firewall) misconfiguration so far.

    I am happy to see the issue is now addressed. Thank you for updating us with the outcome.
    0
  • postcd
    yes, it seemd like that, but reallity is different, i updated my post as it is not solved.
    0
  • cPanelMichael
    I followed cpanel support suggestion (Add 127.0.0.0/8 to /etc/csf/csf.allow and also to /etc/csf/csf.ignore.) and restarted CSF (firewall). But i still see timeout when telnet localhost and port 953 or 80 (example: telnet 127.0.0.1 953) service named status and rndc reload is timeouting too

    To update, it looks like the issue was isolated to your firewall rules, per the support ticket. I suggest updating your custom firewall rules, or going through each custom rule one by one to narrow down the culprit. Thank you.
    0

Please sign in to leave a comment.