ipv6 bind to single v6-address

Florian tslbai at agilolfinger.de
Mon Jun 11 06:40:21 UTC 2007 

Hi Arul,

thanks for your answer.  I read the Administrator reference manual on
the isc site.
There is the listen-on-v6 option described as follows:
---
A list of particular IPv6 addresses can also be specified, in which case
the server listens on a separate socket for each specified address,
regardless of whether the desired API is supported by the system.
Multiple listen-on-v6 options can be used. For example,
listen-on-v6 { any; };
listen-on-v6 port 1234 { !2001:db8::/32; any; };
will enable the name server on port 53 for any IPv6 addresses (with a
single wildcard socket), and on port 1234 of IPv6 addresses that is not
in the prefix 2001:db8::/32 (with separate sockets for each matched
address.)

I'm a little confused /:-)

Regards, Florian
---------------------------------------------

Arul Murugan schrieb:
> Hi Florian,
>                Listen-on-v6 Specifies the ports on which the server
> listens for incoming
> queries sent using IPv6. The server does not bind a separate socket to
> each IPv6 interface address as it does for IPv4. Instead, it always
> listens on the IPv6 wildcard address. Therefore, the values allowed
> for the address_match_list argument to the listen-on-v6 option are:
> • any
> • none
> Multiple listen-on-v6 options can be used to listen on
> multiple ports. For example:
> listen-on-v6 port 53 { any; };
> listen-on-v6 port 1234 { any; };
> To make the server not listen on any IPv6 address, specify
> the following:
> listen-on-v6 { none; };
> If the listen-on-v6 option is not specified, the server does not
> listen on any IPv6 address.
>  
>  
> Regards
> Arul
> India
>
>
>  
> On 6/9/07, *Florian* <tslbai at agilolfinger.de
> <mailto:tslbai at agilolfinger.de>> wrote:
>
>     Hello list,
>
>     i'm running bind 9.3.4 on trustix 3.0.5. I'm using the precompiled
>     trustix-packages.
>     bind-libs-9.3.4-3tr
>     bind-9.3.4-3tr
>     bind-utils-9.3.4-3tr
>
>     I have more ip-v6-adresses on my interface and want to bind the
>     named on
>     a certain address like :
>     /etc/named.conf
>     -------------------
>     listen-on-v6 {
>                    ::1;
>                    2001:470:1f00:484::2;
>            };
>     -------------------
>     #dig @2001:470:1f00:484::2 -6 -t aaaa www6.agilolfinger.de
>     <http://www6.agilolfinger.de>
>     dig is timing out
>
>     #netstat -an | grep -E "(:53|:953|:32)"
>     tcp  0  0 194.77.3.34:53
>     <http://194.77.3.34:53>    0.0.0.0:*       LISTEN
>     tcp  0  0 127.0.0.1:53 <http://127.0.0.1:53>      0.0.0.0:*       
>     LISTEN
>     tcp  0  0 127.0.0.1:953 <http://127.0.0.1:953>     0.0.0.0:*      
>     LISTEN
>     tcp  0  0 127.0.0.1:51762 <http://127.0.0.1:51762>   127.0.0.1:953
>     <http://127.0.0.1:953>   TIME_WAIT
>     tcp  0  0 127.0.0.1:51763 <http://127.0.0.1:51763>   127.0.0.1:953
>     <http://127.0.0.1:953>   TIME_WAIT
>     tcp  0  0 ::1:953           :::*            LISTEN
>     udp  0  0 0.0.0.0:32772 <http://0.0.0.0:32772>     0.0.0.0:*
>     udp  0  0 0.0.0.0:32773 <http://0.0.0.0:32773>     0.0.0.0:*
>     udp  0  0 0.0.0.0:32912 <http://0.0.0.0:32912>     0.0.0.0:*
>     udp  0  0 194.77.3.34:53 <http://194.77.3.34:53>    0.0.0.0:*
>     udp  0  0 127.0.0.1:53 <http://127.0.0.1:53>      0.0.0.0:*
>     udp  0  0 :::32913          :::*
>
>     #tail /var/log/messages
>     starting BIND 9.3.4 -u named -c /etc/named.conf -t
>     /var/lib/named/chroot
>     loading configuration from '/etc/named.conf'
>     listening on IPv4 interface lo, 127.0.0.1#53
>     listening on IPv4 interface eth0, 194.77.3.34#53
>     command channel listening on 127.0.0.1#953
>     command channel listening on ::1#953
>     named startup succeeded
>
>
>
>     Bind is only starting an working with ipv6 if i do the following in
>     /etc/named.conf:
>     -------------------
>     listen-on-v6 {
>        any;
>     };
>     -------------------
>     #dig @2001:470:1f00:484::2 -6 -t aaaa www6.agilolfinger.de
>     <http://www6.agilolfinger.de>
>     is resolving; ok
>
>     #netstat -an | grep -E "(:53|:953|:32)"
>     tcp   0  0 194.77.3.34:53
>     <http://194.77.3.34:53>    0.0.0.0:*  LISTEN
>     tcp   0  0 127.0.0.1:53 <http://127.0.0.1:53>      0.0.0.0:*  LISTEN
>     tcp   0  0 127.0.0.1:953 <http://127.0.0.1:953>     0.0.0.0:*  LISTEN
>     tcp   0  0 :::53             :::*       LISTEN
>     tcp   0  0 ::1:953           :::*       LISTEN
>     udp   0  0 0.0.0.0:32772 <http://0.0.0.0:32772>     0.0.0.0:*
>     udp   0  0 0.0.0.0:32773 <http://0.0.0.0:32773>     0.0.0.0:*
>     udp   0  0 0.0.0.0:32938 <http://0.0.0.0:32938>     0.0.0.0:*
>     udp   0  0 194.77.3.34:53 <http://194.77.3.34:53>    0.0.0.0:*
>     udp   0  0 127.0.0.1:53 <http://127.0.0.1:53>      0.0.0.0:*
>     udp   0  0 :::32939          :::*
>     udp   0  0 :::53             :::*
>
>
>     It seems, that bind doesn't bind with port 53 to a single
>     ip-v6-address.
>     I can't find anything about it in the isc-doku, the archives or
>     in google. Does anyone know a way to bind named:53 to a single
>     ipv6-address?
>     Is it my fault, a trustix-problem or a bind issu?
>
>     Thanks, Florian
>
>
>
>

More information about the bind-users mailing list