[RESOLVED] Re: No response from localhost with "allow-query { any; };"

Axel Rau Axel.Rau at chaos1.de
Fri Sep 4 09:24:51 UTC 2020

> Am 01.09.2020 um 22:28 schrieb Axel Rau <Axel.Rau at chaos1.de>:
> tcp queries are being answered, but udp queries receive no response.
> This is independent of client location (local, remote).
> A ktrace shows 8 bytes are written on fd 89, the 8 bytes read on fd 88.
> The next read gets an errno 35 (see below).

Commenting these out, seems to resolve the issue:

	query-source address;
	notify-source port 53;
	transfer-source port 53;

	query-source-v6 address    2a05:bec0:26:5::71;
	notify-source-v6 2a05:bec0:26:5::71 port 53;
	transfer-source-v6 2a05:bec0:26:5::71 port 53;

Queries to localhost shows that the response does not come from localhost:

root at ns5:/var/log # dig localhost @localhost
;; reply from unexpected source:, expected

;; reply from unexpected source:, expected

;; reply from unexpected source:, expected

; <<>> DiG 9.16.6 <<>> localhost @localhost
;; global options: +cmd
;; connection timed out; no servers could be reached

No issue with remote queries.


What has query-source address to do with a query response?
Why does the issue not happen on another server (same config, same OS&bind version) ?

PGP-Key: CDE74120  ☀  computing @ chaos claudius

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200904/0235a824/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200904/0235a824/attachment.bin>

More information about the bind-users mailing list