My Introduction and current issues -

Nick Tait nick at tait.net.nz
Sun May 11 05:50:14 UTC 2025 

Sorry let me try again. I missed your other questions...

On 11/05/2025 17:17, Fred Morris wrote:
> BIND insists on addresses bound to interfaces (at least, that's my 
> contention, based on experience yesterday, which may or may not 
> reflect some reality which has been manufactured today).
>
> resolved uses a loopback address which is not bound to an interface 
> (at least that's my experience, which may or may not reflect some 
> reality which has been manufactured today).
>
> Nick, I'll ask before the fold: how do I explicitly bind 127.0.0.53 to 
> the lo interface before systemd starts?

Not sure why you're asking. Systemd does this without you having to 
explicitly do anything.

>
> You know what? I'd like some features too. But I don't go around 
> binding to addresses which are not bound to interfaces. Never. I just 
> don't do that. Venturing close to the "political" line: I don't see 
> anything in BIND which even hints at a whiff of dbus.
>
>> ...
>
> From where I sit it looks like it sits on an unbound address to shim 
> into established, conformant, admittedly baroque and crenellated 
> mechanisms for managing name resolution... I actually laughed when you 
> mentioned NSS (thanks)... while staying as catastrophically 
> inscrutable as wiring the red wire to ground; and that this works to 
> its advantage, making it difficult to remove by people who would 
> never, ever imagine that core software would abrogate established 
> contractual mechanisms without copious documentation... and that the 
> best we would do would be apologaeia from the likes of Fred Morris or 
> Nick Tait!
>
>> ...
>
> libc. Granted, your mileage may vary with your implementation, tire 
> inflation, RAM color and CPU orientation... but charm never matters.
>
> Rhetorically, how much does it take to get your stack explicitly 
> unloved? I don't know exactly, we don't have a lot of data points. 
> https://security.opensuse.org/2025/05/07/deepin-desktop-removal.html
>
> As far as I know, BIND has never chosen "DNS eins" as a molehill to 
> die on.

Like I said, I wasn't trying to start a holy war, and I wasn't saying 
that systemd-resolved is good or bad. I just wanted to correct a few 
misconceptions, so that people are provided with accurate information 
and can make their own informed choices. :-)

Nick.

More information about the bind-users mailing list