IPv4 control socket binding failure with BIND 9.9.4-P1 on RHEL6

Jay Ford jay-ford at uiowa.edu
Thu Dec 5 16:49:19 UTC 2013


I'm testing BIND 9.9.4-P1 on a RHEL6 system & am getting this log message:

    /etc/named.conf:56: couldn't add command channel 127.0.0.1#953: address in use

That's with an rndc.key file in place & no "controls" config, which implies
TCP 953 on 127.0.0.1 & ::1.

Control via IPv6 (::1 port 953) works fine, but IPv4 doesn't:
    % netstat -an -A inet | fgrep :953
    % netstat -an -A inet6 | fgrep :953
    tcp        0      0 ::1:953        :::*         LISTEN

Even if I try to configure the controls to listen on a different port for
IPv6, such as:
    controls {
     	 inet ::1 port 954 allow { localhost; };
     	 inet 127.0.0.1 allow { localhost; };
    };
the IPv4 bind still fails, while the IPv6 bind works.

Interestingly, the bindings for the query ports (TCP & UDP 53 IPv4 & IPv6)
work fine, with just this under "options":
    listen-on-v6 { "any"; };

This is all using BIND built from ISC source (not a RedHat package).  Here's 
the "named -V" output:

    BIND 9.9.4-RedHat-9.9.4-P1_UIOWA.el6 (Extended Support Version)
    <id:8f9657aa> built with '--host=x86_64-redhat-linux-gnu'
    '--build=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr'
    '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin'
    '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include'
    '--libdir=/usr/lib64' '--libexecdir=/usr/libexec'
    '--sharedstatedir=/var/lib' '--mandir=/usr/share/man'
    '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var'
    '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static'
    '--disable-openssl-version-check' '--enable-rrl' '--with-gssapi=yes'
    '--disable-isc-spnego'
    '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets'
    '--enable-fixed-rrset' 'build_alias=x86_64-redhat-linux-gnu'
    'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g' 'CPPFLAGS=
    -DDIG_SIGCHASE'
    using OpenSSL version: OpenSSL 1.0.1e 11 Feb 2013
    using libxml2 version: 2.7.6

RHEL6 has kernel variable net.ipv6.bindv6only set to 0, which might or might
not be related.  BIND 9.8.5-P2 works correctly on a RHEL5 system which also
has it set to 0.  There are some comments in some of the 9.9 release notes
about bindv6only, but I couldn't find anything specific to this situation.

Is this a configuration problem or something more in the bug category?

________________________________________________________________________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-ford at uiowa.edu, phone: 319-335-5555


More information about the bind-users mailing list