remove bind from loopback interface
Kevin Darcy
kcd at daimlerchrysler.com
Mon Feb 7 20:17:48 UTC 2000
Duane Cox wrote:
> Is it a wise idea to NOT use the loopback interface ip 127.0.0.1 in /etc/resolv.conf and to also bind bind to the ip address of eth0 (and any other interfaces if you wish) to remove it from listening to the looback.. or is this best left alone?
>
> Duane Cox
Despite the cautions of _DNS_and_BIND_, I've never had any problems using 127.0.0.1 in /etc/resolv.conf, and it is nice and portable to configure things that way.
As for *disabling* named's listening on 127.0.0.1, the only way I know of to accomplish that is to specify a listen-on statement, since named will by default listen on all interfaces. Possibly you could use the negation syntax to have it listen on
all interfaces *except* 127.0.0.1 (remember that interfaces can be dynamically created and destroyed, so it might not be desirable in some cases to exclude loopback by giving a fixed set of addresses in listen-on). I've never used a negation
syntax for loopback in listen-on, however -- other than testing, the only times I've used listen-on is on firewalls which don't have any dynamic interface configuration going on.
- Kevin
P.S. Was "BING List" intentional? It's hilarious...
More information about the bind-users
mailing list