Error could not bind to port 43. Is another irrd running?

Nick Hilliard nick at
Sat Aug 16 17:11:20 UTC 2014

On 15/08/2014 22:26, Randy Bush wrote:
> neither am i.  but i do not know the correct one.  clue bat please.

last posting 2010.

>> I just fired up a test irrd instance on an fbsd10 dev box of mine and
>> it seemed to work fine running as nonroot.
> whoppens if you
>     # grep irrd /etc/rc.conf
>     # for irrd
>     irrd_enable=YES
>     irrd_user=irrd
>     irrd_group=staff

maybe i see what's going on here.

${daemon}_user and ${daemon}_group are defined in /etc/rc.subr to use su to
change the UID.  If you use your config with irrd, then it will execute
something like:

su -m irrd -c 'sh -c "/usr/local/sbin/irrd"'

This will fail because irrd needs to run as root and then drop privs.

What you probably want to do is have the following in /etc/rc.conf:

irrd_flags="-l irrd -g staff"

This will run irrd as root, but will cause it to drop privs to irrd:staff
after bind().


More information about the irrtoolset mailing list