Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.
Click here to check if anything new just came in.
September 09 2009
wtf / fun with bind
with "listen-on-v6 { any; };" my bind9 instance binds correctly to all Ipv6 addresses. But as this is bad style - one does not bind services to all Ips, especially not a DNS server - and as it would even cause problems - I have a dnscache on ::1, bind9 is only authoritative - I want it to bind on a specific address. A "listen-on-v6 { 2001:123:1234::1/128; };" should do that. Hrm, after a restart of bind it does not listen on IPv6 at all.
I start up named with "named -g -d 5 -c /etc/bind/named.conf -u bind" for debugging. Here, bind9 binds nicely on the v6 address. So what is that initscript in debian doing different? Hrm, obviously it uses "-t /var/lib/bind" to chroot the named, which is probably a good idea as bind is relatively complex. But that can't have anything todo with IPv6, can it? Firing up "named -g -d 5 -c /etc/bind/named.conf -u bind -t /var/lib/bind" I was negatively stunned: It does have something todo with IPv6. There is no error message or something, it just does not bind on IPv6. For what reason, I can only guess.
Isn't that bind how we now and love it?
I start up named with "named -g -d 5 -c /etc/bind/named.conf -u bind" for debugging. Here, bind9 binds nicely on the v6 address. So what is that initscript in debian doing different? Hrm, obviously it uses "-t /var/lib/bind" to chroot the named, which is probably a good idea as bind is relatively complex. But that can't have anything todo with IPv6, can it? Firing up "named -g -d 5 -c /etc/bind/named.conf -u bind -t /var/lib/bind" I was negatively stunned: It does have something todo with IPv6. There is no error message or something, it just does not bind on IPv6. For what reason, I can only guess.
Isn't that bind how we now and love it?
Reposted by
sublab
sublab
