Bind to INADDR_ANY
michoski
michoski at cisco.com
Tue Jan 10 19:42:51 UTC 2012
On 1/9/12 5:12 PM, "Bostjan Skufca" <bostjan at a2o.si> wrote:
> is binding to all interfaces at once already supported in bind9? I know named
> binds to each at-the-moment-available IP address but in HA environment with
> virtual interfaces a "rndc reload" is necessary for named to pick up a new
> interface, which leaves a bit of a window of unavailable service.
According to Bv9ARM.pdf p67 listen-on-v6 { any; }; does a wildcard bind on
supporting systems, while listen-on { any; }; behaves as you describe:
OPS:55 mhoskins at dev-ops-test1.vega:~$ grep listen-on /etc/namedb/named.conf
listen-on { any; };
listen-on-v6 { any; };
OPS:56 mhoskins at dev-ops-test1.vega:~$ netstat -an|grep 53
tcp 0 0 10.8.36.47:53 0.0.0.0:*
LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:*
LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:*
LISTEN
tcp 0 0 :::53 :::*
LISTEN
tcp 0 0 :::5308 :::*
LISTEN
udp 0 0 10.8.36.47:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 :::53 :::*
However (I usually just set it to 0), the caveat you might have missed is
that you can control how often (if at all) BIND rescans the list of
available interfaces (ARM p73):
"The server will scan the network interface list every interface-interval
minutes. The default is 60 minutes. The maximum value is 28 days (40320
minutes). If set to 0, interface scanning will only occur when the
configuration file is loaded. After the scan, the server will begin listen-
ing for queries on any newly discovered interfaces (provided they are
allowed by the listen-on configuration), and will stop listening on
interfaces that have gone away."
Setting interface-interval to a reasonably low value should keep you from
needing to rndc reconfig/reload.
http://www.isc.org/software/bind/documentation
--
Don't worry about avoiding temptation -- as you grow older, it starts
avoiding you. -- The Old Farmer's Almanac
More information about the bind-users
mailing list