Bind to INADDR_ANY

Doug Barton dougb at dougbarton.us
Wed Jan 11 01:53:57 UTC 2012


On 01/10/2012 17:34, Mark K. Pettit wrote:
> There are some caveats to trying to use "interface-interval" to pick up new IPs.  If your BIND drops privileges (e.g., by using the "-u" command-line option to named), you might have a problem getting BIND to bind() to the new IP addresses.
> 
> For example, on FreeBSD if you use "-u" to drop privileges, BIND will not be able to bind() to new addresses without modifying the kernel to allow non-root users to bind() to port 53.
> 
> On modern versions of Linux, BIND can bind() to new IP addresses even with the "-u" option because the kernel has a mechanism to allow it.
> 
> In my environment (FreeBSD) we've worked around this problem (just recently, in fact), and I can provide more details if there's any interest.

well I'm definitely interested. :)


-- 

	You can observe a lot just by watching.	-- Yogi Berra

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/




More information about the bind-users mailing list