[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"named -g" listens on ext interface, "named" does not

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: "named -g" listens on ext interface, "named" does not
From: fecund_(_at_)_speakeasy_(_dot_)_net
Date: Sat, 21 Aug 2004 21:52:15 +0000
Sensitivity: Normal

I'm running BIND 9.2.3 on OpenBSD 3.5 stable

named responds to queries on the loopback address, and to queries on the internal interface (10.0.0.1), but not to queries on the external interface (66.93.something)

To debug, I
kill `cat /var/run/named.pid`
named -g

and lo and behold, it starts answering queries on all interfaces!
I hit control-c to kill the forground "named","ps -auxww|grep named" to make ure it's really gone, and try
named
alone, and again, it's not responding on the external interface.
so I kill that and try
named -f
that's also broken, responds to localhoast and to the internal interface to my internal hosts, but not to the outside world.  One more time for sanity sake, I hit control-c and
named -g
outside hosts can query on the external interface again.

I checked the log directory, and named can write to it when running as a daemon- ran "rndc dumpdb" and saw it created "named_dump.db" in there.

What's going on here?  How can I make named respond to external hosts when it's running as a backrgound daemon (without resorting to redirect rules in pf please?)

Here's my /var/named/etc/named.conf, some names changed to protect the innocent:

options {
        directory "/";

//      directory "/var/named";
//      named-xfer "/var/named/named-xfer";

        // Don't reveal BIND version
        version "";

        // Don't recurse
        recursion no;

        // Let our friends do zone transfers
        allow-transfer {/// .... list of ips removed for this posting
                        };

        // say where the stat files go
        statistics-file "/log/named.stats";
        dump-file       "/log/named_dump.db";
};

logging {
        category lame-servers { null; };
//      category cname { null; };
};

// ndc control socket
controls {
        inet 127.0.0.1 allow { 127.0.0.1; };
};

// Standard zones
//
zone "127.in-addr.arpa" IN {
        type master;
        file "standard/loopback";
        allow-transfer { localhost; };
};

zone "localhost" IN {
        type master;
        file "standard/localhost";
        allow-transfer { localhost; };
};

zone "." IN {
        type hint;
        file "standard/root.hint";
};

// Master zones

zone "home.san-francisco.ca.us" {
        type master;
        file "master/home.san-francisco.ca.us";
};

zone "vanity.domain.org" {
        type master;
        file "master/vanity.domain.org";
};

zone "FOO.US"          {type master; file "master/foo.us";};
zone "EXAMPLE-DOM.COM"        {type master; file "master/www";};
zone "EXAMPLDOM.COM"          {type master; file "master/www";};
zone "EXAMPLEDOM.COM"         {type master; file "master/www";};
zone "SECOND-EX.COM"        {type master; file "master/www";};
zone "SECONDEX.COM"         {type master; file "master/www";};

Prev by Date: Re: Collisions for Hash Functions
Next by Date: Re: OT: Re: 2 Questions
Previous by thread: Serverside spam filter using bmf and postfix?
Next by thread: Need help covering shipping costs to Brazil
Index(es):
- Date
- Thread

Visit your host, monkey.org