howto enable udp for bind8

[Kevin Darcy]

Nico Lembrechts wrote:

> Hi,
> I am setting up a name server on my openbsd 2.7 box. For my internal
> network it already works fine. Now i set up a slave server somwhere else
> and tried to do a zone transfer. with this the problems started. After a
> lot of digging i find out that the when i do a nslookup on the slave
> server, set the server to my master and try to look up a domain, this is
> done over udp. a netstat on my master server tells me that port 53 only
> listens for tcp connections. A have read trough all the documentation
> bud can't find howto setup the server to listen for udp connections
> also.

Well, UDP is a connectionless protocol, so technically there is no such
thing as listen()'ing on a UDP port. Instead, the nameserver bind()'s a
datagram socket to port 53 and then select()'s on that socket to see if
anything has arrived. When you do a netstat -an |  grep \.53 you should see
something like:

127.0.0.1.53                                Idle
129.9.209.47.53                             Idle
127.0.0.1.53               *.*                0      0     0      0 LISTEN
129.9.209.47.53            *.*                0      0     0      0 LISTEN

The "Idle" entries are UDP sockets which don't happen to be transferring
any data currently. named is in a sense "listen"ing on UDP port 53, but
it's technically not a listen() and therefore netstat doesn't show a
"LISTEN" state for the sockets.

> I suppose that the zone transfers are also done over udp ?

No, actually they are done over TCP. I think you're barking up the wrong
tree. Your zone transfer problems are probably caused by something
unrelated to the UDP protocol. Look at your logs. Oftentimes a syntax error
in the master file will cause it to answer non-authoritatively for the
zone, which in turn inhibits zone transfers.


- Kevin