[SOLVED] Re: bind listening on UDP port 53 using 2 fd

Matus UHLAR - fantomas uhlar at fantomas.sk
Tue Jan 26 13:32:44 UTC 2021


On 26.01.21 12:04, Bernardo wrote:
>Again, the problem here is that perfectly valid configuration lines in
>/etc/named.conf would cause serious trouble.

again, the "port 53" is what causes the problem.

The rest is okay.
Using those options without "port 53" is okay too.


>El lun, 25 ene 2021 a las 14:33, Matus UHLAR - fantomas (<uhlar at fantomas.sk>)
>escribió:
>
>> On 25.01.21 14:05, Bernardo wrote:
>> >Yes. This causes serious problems.
>> >
>> >The problem is that these perfectly valid configuration lines in
>> >/etc/named.conf file (provided that 192.168.10.100 is the IPv4 address of
>> >your DNS server, it doesn't matter if it is a primary or secondary) will
>> >cause you a lot of trouble.
>> >
>> >query-source address 192.168.10.100;
>> >notify-source 192.168.10.100 port 53;
>> >transfer-source 192.168.10.100 port 53;
>> >
>> >These configuration lines will cause you problems as described in my post
>> (
>> >BIND ignores "packets received correctly" ) from January 2020.
>> >
>> >It seems that this is a know issue since BIND 9.16.1 version: UDP network
>> >ports used for listening can no longer simultaneously be used for sending
>> >traffic.
>>
>> which means, that the "port 53" is what causes problems and the rest can
>> stay there.
>>
>> If you only have interace address "192.168.10.100" (except loopback, if
>> course), or if that is the primary address of your interface, those
>> defitions are useless, otherwise you should keep them there.
>>
>> >El lun, 25 ene 2021 a las 11:13, Matus UHLAR - fantomas (<
>> uhlar at fantomas.sk>)
>> >escribió:
>> >
>> >> On 23.01.21 12:44, Bernardo wrote:
>> >> >Finally I've found the solution.
>> >> >The problem seems to be caused by a known issue since BIND version
>> 9.16.1
>> >> >
>> >> >Commenting out these lines in /etc/named.conf solves the issue:
>> >> >
>> >> >query-source address 192.168.10.100;
>> >> >notify-source 192.168.10.100 port 53;
>> >> >transfer-source 192.168.10.100 port 53;
>> >>
>> >> this should not cause a problem and may cause troubles when
>> 192.168.10.100
>> >> is not the primary address.
>> >>
>> >> the "port 53" is usually useless (unless you have stateless firewall)
>> and
>> >> may be what caused your problem.


-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"They say when you play that M$ CD backward you can hear satanic messages."
"That's nothing. If you play it forward it will install Windows."


More information about the bind-users mailing list