using 127.0.0.1 in resolv.conf
continualuse2u at gmail.com
Mon Jul 23 22:17:19 UTC 2012
I also use loopback regularly if running a localhost resolver; in fact I
use a script that goes as far as changing resolv.conf if it detects an
interface address instead of loopback. [Our rules require listening on
loopback minimally here]
If you do use it, I recommend you make sure you don't have "options rotate"
set as that'll cause confusion as it's most likely not your intent if
you're running a nameserver locally.
On Mon, Jul 23, 2012 at 5:13 PM, John Miller <johnmill at brandeis.edu> wrote:
> Hey there folks,
> I was just going back through the good ol' cricket book, and ran into the
> "If you use multiple nameserver directives, don't use the loopback
> address! There's a bug in some Berkeley-derived TCP/IP implementations
> that can cause problems with BIND if the local nameserver is down. The
> resolver's connected datagram socket won't rebind to a new local address if
> the local nameserver isn't running, and consequently the resolver sends
> query packets to the fallback remote nameservers with a source address of
> 127.0.0.1. When the remote nameservers try to reply, they end up sending
> the reply packets to themselves."
> Given that this same text is in the fourth edition of Cricket & Paul's
> book as well, I'm assuming this was an old bug (pre-BIND 9) and has long
> since been fixed. Could someone point me to a bug report and/or changelog
> for this? A quick Google search for 'bind resolver source address bug'
> didn't yield much.
> John Miller
> Systems Engineer
> Brandeis University
> johnmill at brandeis.edu
> Please visit https://lists.isc.org/mailman/**listinfo/bind-users<https://lists.isc.org/mailman/listinfo/bind-users>to unsubscribe from this list
> bind-users mailing list
> bind-users at lists.isc.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users