Mac

If your bind restart fails with the following symptoms:

dax:/etc/bind# /etc/init.d/bind9 restart
Stopping domain name service…: bindrndc: connect failed: 127.0.0.1#953: connection refused
failed!
Starting domain name service…: bind failed!

Check in /var/log/daemon.log - I suspect you’ll have something along those lines:

Nov 12 13:08:22 dax named[25989]: loading configuration from ‘/etc/bind/named.conf’
Nov 12 13:08:22 dax named[25989]: listening on IPv4 interface lo, 127.0.0.1#53
Nov 12 13:08:22 dax named[25989]: listening on IPv4 interface eth0, 88.191.12.184#53
Nov 12 13:08:22 dax named[25989]: none:0: open: /etc/bind/rndc.key: permission denied
Nov 12 13:08:22 dax named[25989]: couldn’t add command channel 127.0.0.1#953: permission denied
Nov 12 13:08:22 dax named[25989]: none:0: open: /etc/bind/rndc.key: permission denied
Nov 12 13:08:22 dax named[25989]: couldn’t add command channel ::1#953: permission denied

That’s a known Debian bug (bug #500277), the fix is the folllowing:

rm -f /etc/bind/rndc.key
touch /etc/bind/rndc.key
chown bind.bind /etc/bind/rndc.key
chmod 640 /etc/bind/rndc.key
killall named
/etc/init.d/bind9 restart