[dnsdist] send command from command line

Alejandro Adroher Mellado alejandro.adroher at omniaccess.com
Thu Mar 17 11:03:00 UTC 2016


The only thin g see in the log is 

When I execute the command.

Mar 17 10:56:34 rec-01 dnsdist[27434]: Got control connection from 127.0.0.1:33588
Mar 17 10:56:34 rec-01 dnsdist[10290]: Fatal error: EOF while reading message
Mar 17 10:56:34 rec-01 dnsdist[27434]: Closed control connection from 127.0.0.1:33588
And 

Mar 17 10:56:34 rec-01 dnsdist[10290]: Read configuration from '/etc/dnsdist/dnsdist.conf'

Nothing regarding exceptions or similar.

-----Original Message-----
From: Remi Gacogne [mailto:remi.gacogne+dnsdist at powerdns.com] 
Sent: jueves, 17 de marzo de 2016 10:23
To: Alejandro Adroher Mellado <alejandro.adroher at omniaccess.com>; dnsdist at mailman.powerdns.com
Subject: Re: [dnsdist] send command from command line

On 03/17/2016 10:09 AM, Alejandro Adroher Mellado wrote:
> Also if I'm executing the command on the server I need so set that 
> key? I thought that the use of setKey and makeKey was not really 
> important if I had no plan to set secured communication with dnsdist.
> Maybe I'm wrong.

No, you are right, if the console is only accessible from the local host (and this host is not shared), you don't need to worry too much about using a secret key. Of course, you still have to make sure you have the same configuration on the client and on the server.

> Question: There is possible to access dnsdist from another computer?
> I execute the client connection always from the server computer.

Yes, you can use controlSocket() to bind the console socket to a remotely accessible address, but please make sure that you have dnsdist compiled with libsodium support enabled and that you use a secure secret key before doing that.

> I have just installed libsodium-1.0.8 and restarted dnsdist, but I'm 
> still getting the same result.
>> makeKey()
> setKey("plaintext")

Ok, your dnsdist version is compiled without libsodium support, so your issue is not a key mismatch because console encryption is not supported at all. Don't you have anything in your logs?


--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/



More information about the dnsdist mailing list