[dns-operations] Bind v6 TCP listen?

Jared Mauch jared at puck.nether.net
Thu Nov 27 01:49:00 UTC 2014


> On Nov 26, 2014, at 8:25 PM, Mark Andrews <marka at isc.org> wrote:
> 
> There are some OS where named can't enumerate the IPv6 interfaces
> usually due to stupid OS hacks which means the listen-on-v6 ACL
> above has nothing to match against.  What was wrong with providing
> this information via the socket interface?  Why put it in the
> filesystem which then has to be duplicated when you are running
> chroot’d?

my use case is not chroot()’ed and it sounds like others have hit this as well.

I’ve solved my immediate issue.  Happy to troubleshoot more with another host elsewhere that doesn’t have 8.5k zones seeing queries so it’s easier to tell what occurred.  (aside: really wish bind would launch faster when loading these zones, or background the loading of the zones and answer those it can).

> That said this isn't the issue here as the process was bound on the
> IPv6 UDP port.  I suspect a accept() failure caused named to close
> the socket or something else was listening on the TCP port when
> named was started or ...

This is possible, I will dig through logs looking for any relevant messages.. once I changed to any; things immediately resolved with a rndc reload.

- Jared



More information about the dns-operations mailing list