Convice Bind to listen on IP alias with a range of IPs.

michoski michoski at
Tue May 1 22:08:12 UTC 2012

On 5/1/12 2:32 PM, "Augie Schwer" <augie.schwer at> wrote:
>> Contrary to what a lot of other people have suggested, it is in fact
>> possible using the socket API to bind() to IPs which aren't explicitly
>> created, due to special handling on the loopback interface. This can
>> certainly be done under Linux, for example., and I have just re-confirmed
>> that to myself.
> Thank you for confirming for others that this is a real feature.

The feature wasn't argued, I even showed it working with 127/8, but rather
what BIND will listen-on...

>> Unfortunately, it seems likely that named is using the normal socket APIs to
>> first enumerate the list of IPs on the box, and then filter those through
>> listen-on statements to get the final list of IPs to pass to a bind() socket
>> call - this would be a sensible way to implement the CIDR listen
>> functionality.
>> If so, then if the IP isn't *explicitly* on an interface, it won't appear in
>> the final output set, regardless of the fact a bind() call will succeed.
> OK, that makes sense, I have found that the following work-around does work:
> sudo ifconfig lo:1 netmask
> sudo ifconfig lo:2 netmask
> I get the full usable range on my loop-back interface, and Bind will
> happily now listen-on the address.

Exactly what was answered by multiple people...  you need an alias with the
IP you want BIND to listen-on!

Alas, the English language is such that some times the same thing needs said
several different ways to be fully understood.

Glad you got it working.

For men use, if they have an evil turn, to write it in marble:
and whoso doth us a good turn we write it in dust.
        -- Sir Thomas More

More information about the bind-users mailing list