9.4.2-P2 and listen-on directive

Andrey G. Sergeev (AKA Andris) andris at aernet.ru
Mon Aug 11 11:13:40 UTC 2008


Hello,


Mon, 11 Aug 2008 15:03:28 +0400 Anatoly Pugachev wrote:

> ok, found error in my named.conf file:
> 
> if i use 
> 
>   listen-on { 192.168.1.1; 127.0.0.1; };
> 
> everything works as expected, and if only i use:
> 
>   listen-on { 192.168.1.1; localhost; };
> 
> named will start listening all available interfaces. Is this expected
> behaviour?

Yes. The "localhost" ACL is built-in and represents "the IPv4 and IPv6 
addresses of all network interfaces on the system".

May be it's time to suggest BIND developers to provide an additional 
built-in ACL "loopback":

acl loopback {
	127.0.0.1;
};


-- 

Yours sincerely,

Andrey G. Sergeev (AKA Andris)     http://www.andris.name/


More information about the bind-users mailing list