strange rndc behavior
Kevin Darcy
kcd at daimlerchrysler.com
Thu Apr 22 23:03:13 UTC 2004
hbyl at 2911.net wrote:
>Hi, friends.
>
>Bind 9.2.2
>
>Running 'rndc status' got time out.
>Configure file is ok, the weird thing is the netstat -an output:
>
>bash-2.03# netstat -an|grep 953
>127.0.0.1.953 *.* 0 0 24576 0 LISTEN
>10.2.172.36.37433 127.0.0.1.953 0 0 24820 0 SYN_SENT
>
>look out , the connection comes from 10.2.172.36, the ip address of my
>hme0 interface, not 127.0.0.1 ! When I'm looking at a working server,
>the rndc socket come from 127.0.0.1.
>
>So, I think this is the culprit, if you remember, the default
>configurations of named.conf is only accept connections from
>127.0.0.1.
>
>But I have no idea why rndc connect named through ip address of the
>interface , while not 127.0.0.1. anybody have hints/suggestion/advice?
>
In a casual glance at the "rndc" and associated library code, it looks
like rndc is just issuing a socket() call, followed by a connect() using
that socket. There is no bind() call in between, so rndc appears to be
making no effort to set the source address. In my man page for connect()
(this is on Solaris), it says: "if [the socket referred to in the
function invocation] is not bound, then it will be bound to an address
selected by the underlying transport provider". So, basically what
this boils down to is -- assuming that your platform is similar to
Solaris in this respect -- that the networking stack on your box is
responsible for picking the source address in this type of situation. If
it's picking a "wrong" address then it might be because your box is
configured strangely or because of some sort of OS- or driver-level bug.
- Kevin
More information about the bind-users
mailing list