Convice Bind to listen on IP alias with a range of IPs.

Mark Andrews marka at isc.org
Tue May 1 05:17:49 UTC 2012 

In message <CBC4A14E.28BD2%michoski at cisco.com>, michoski writes:
> On 4/30/12 4:14 PM, "Augie Schwer" <augie.schwer at gmail.com> wrote:
> > I think you've all missed the netmask there, 10.0.0.2 is in that range.
> > 
> > augie at augnix:~$ sudo ifconfig lo:1 10.0.0.1 netmask 255.255.255.224
> > 
> > augie at augnix:~$ ifconfig lo:1
> > lo:1      Link encap:Local Loopback
> >           inet addr:10.0.0.1  Mask:255.255.255.224
> > 
> > augie at augnix:~$ ping 10.0.0.2 -c 1
> > PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
> > 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.027 ms
> > 
> > --- 10.0.0.2 ping statistics ---
> > 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> > 
> > Given all that, can anyone suggest a reason why Bind won't listen on
> > that address?
> 
> No, we all saw the netmask.
> 
> A few tried to point out the answer...you first need to get the desired
> aliases UP on the system for BIND to listen-on.
> 
> For example, loopback is 127/8 so I can ping all those addresses:
> 
> OPS:507 root at dev-ops-test11.vega:mhoskins# ifconfig lo
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:32 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:32 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:8148 (7.9 KiB)  TX bytes:8148 (7.9 KiB)
> 
> OPS:508 root at dev-ops-test11.vega:mhoskins# ping 127.0.0.2
> PING 127.0.0.2 (127.0.0.2) 56(84) bytes of data.
> 64 bytes from 127.0.0.2: icmp_seq=1 ttl=64 time=0.012 ms
> 
> --- 127.0.0.2 ping statistics ---
> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> rtt min/avg/max/mdev = 0.012/0.012/0.012/0.000 ms
> 
> OPS:509 root at dev-ops-test11.vega:mhoskins# ping 127.0.0.3
> PING 127.0.0.3 (127.0.0.3) 56(84) bytes of data.
> 64 bytes from 127.0.0.3: icmp_seq=1 ttl=64 time=0.011 ms
> 
> --- 127.0.0.3 ping statistics ---
> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> rtt min/avg/max/mdev = 0.011/0.011/0.011/0.000 ms

The fact that you can ping them just means that you have a kernel
bug.

% ifconfig lo0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	options=3<RXCSUM,TXCSUM>
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 
	inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet 10.53.0.1 netmask 0xffffffff 
	inet6 fd92:7065:b8e:ffff::1 prefixlen 64 
	inet 10.53.0.2 netmask 0xffffffff 
	inet6 fd92:7065:b8e:ffff::2 prefixlen 64 
	inet 10.53.0.3 netmask 0xffffffff 
	inet6 fd92:7065:b8e:ffff::3 prefixlen 64 
	inet 10.53.0.4 netmask 0xffffffff 
	inet6 fd92:7065:b8e:ffff::4 prefixlen 64 
	inet 10.53.0.5 netmask 0xffffffff 
	inet6 fd92:7065:b8e:ffff::5 prefixlen 64 
	inet 10.53.0.6 netmask 0xffffffff 
	inet6 fd92:7065:b8e:ffff::6 prefixlen 64 
	inet 10.53.0.7 netmask 0xffffffff 
	inet6 fd92:7065:b8e:ffff::7 prefixlen 64 
	inet 10.53.0.50 netmask 0xffffffff 
	inet 10.53.0.60 netmask 0xffffffff 
	inet 10.53.0.70 netmask 0xffffffff 
	inet 10.53.0.80 netmask 0xffffffff 
	inet 10.53.0.90 netmask 0xffffffff 
	inet 10.53.0.100 netmask 0xffffffff 
	inet 10.53.0.110 netmask 0xffffffff 
	inet 10.53.0.120 netmask 0xffffffff 
	inet 10.53.0.130 netmask 0xffffffff 
	inet 10.53.0.140 netmask 0xffffffff 
	inet 10.53.0.150 netmask 0xffffffff 
	inet 10.53.0.160 netmask 0xffffffff 
	inet 10.53.0.170 netmask 0xffffffff 
% ping 127.0.0.45
PING 127.0.0.45 (127.0.0.45): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
^C
--- 127.0.0.45 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
% 
 
> However, I can't bind daemons to 127.0.0.2, etc. until I configure lo:0,
> etc. aliases for those addresses!  If your ifconfig output doesn't show the
> IP you want to listen-on, it won't work.  This is how it's been as long as
> I've been alive.
> 
> If this is hard to believe, try adding a 10.0.0.2 (or whatever) loopback
> alias with a netmask of 255.255.255.255 (the correct netmask for aliases)
> and see how BIND behaves.
> 
> -- 
> By nature, men are nearly alike;
> by practice, they get to be wide apart.
>         -- Confucius
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list