bind (named) isn't listen on server ips

B

BestBoard

Verified User
Joined
Sep 8, 2006
Messages
199
hi,
bind isn't listen on port 53 for the server ip, it's listen only in 127.0.0.1
netstat -nap | grep :53
tcp 0 0 ::1:53 :::* LISTEN 8384/named
udp 0 0 ::1:53 :::* 8384/named
Click to expand...

i found a temporary solution, just edit /etc/named.conf and add in "listen-on" line your extra ip manualy.
listen-on port 53 { 127.0.0.1; 1.1.1.1; 2.2.2.2; 3.3.3.3; };
Click to expand...

but it isn't the right way to fix it, because every new ip that you add from DA panel you'll have to edit this file again.
 
Directadmin shouldnt be touching named.conf except to add zone files. Do you have ips added in directadmin with the ip manager?
 
BestBoard said:
bind isn't listen on port 53 for the server ip, it's listen only in 127.0.0.1

i found a temporary solution, just edit /etc/named.conf and add in "listen-on" line your extra ip manualy.
Click to expand...
By default BIND listens on all IP#s. From where did you get your named.conf file?
but it isn't the right way to fix it, because every new ip that you add from DA panel you'll have to edit this file again.
Click to expand...
What is your logic for that? All BIND needs to listen on is the server IP#.

Jeff
 
jlasman said:
By default BIND listens on all IP#s. From where did you get your named.conf file?

What is your logic for that? All BIND needs to listen on is the server IP#.
Click to expand...

When you add a new Virtual Name Server you'll need named to listen to it.
 
i'm using default named.conf (after a clean install of centos 6 & directadmin 1.39.2).
currently i have 2 IPs, before my changes BIND isn't listen in these IPs at all.

by the way, i'm using BIND 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1.
 
Probably so you made a yum update that updated your bind and (dunno why) moved your named.conf to named.conf.rpmsave (probably) downloading a compatible version of named.conf for the bind that was going to be installed.

Just my opinion, but i saw another user days ago that had exact the same problem but i cant remember if it was centos 5 or 6.

Regards
 
ok :)
by the way, i have a better solution, just comment this line out and then named will listen to all IPs.
 
Yes that work aswell, the main reason for my test is understand why :)

Maybe is a bug with DA and CentOS 6 that DA Staff would be interested to work on ^^
 
For me as well Bind is listening on localhost as default.
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
Click to expand...
 
Fixed

sorry to wake up a zombie thread but google turned this up in my results for

"bind dig works but ping does not"

I figured it out myself, here it is:

refs listed on my personal wiki: http://50.87.145.226/~mem1/wiki/ind...NS_to_cache_and_provide_hostnames_for_lan_IPs

fix:

Code: 
listen-on port 953 { 127.0.0.1; 192.168.0.2;};
service named restart
[root@bind9 etc]# netstat -tupln | grep named
tcp        0      0 192.168.0.2:53              0.0.0.0:*                   LISTEN      2866/named-sdb
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      2866/named-sdb
tcp        0      0 192.168.0.2:953             0.0.0.0:*                   LISTEN      2866/named-sdb
tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN      2866/named-sdb
tcp        0      0 ::1:953                     :::*                        LISTEN      2866/named-sdb
udp        0      0 192.168.0.2:53              0.0.0.0:*                               2866/named-sdb
udp        0      0 127.0.0.1:53                0.0.0.0:*                               2866/named-sdb
udp        0      0 192.168.0.2:953             0.0.0.0:*                               2866/named-sdb
udp        0      0 127.0.0.1:953               0.0.0.0:*                               2866/named-sdb

if it is not listening on port 953 it will not work for lan.
 
"bind dig works but ping does not"

I figured it out myself, here it is:

refs listed on my personal wiki: http://50.87.145.226/~mem1/wiki/ind...NS_to_cache_and_provide_hostnames_for_lan_IPs

fix: add the following line to named.conf
Code: 
listen-on port 953 { 127.0.0.1; 192.168.0.2;};
then run:
Code: 
service named restart
[root@bind9 etc]# netstat -tupln | grep named
tcp        0      0 192.168.0.2:53              0.0.0.0:*                   LISTEN      2866/named-sdb
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      2866/named-sdb
tcp        0      0 192.168.0.2:953             0.0.0.0:*                   LISTEN      2866/named-sdb
tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN      2866/named-sdb
tcp        0      0 ::1:953                     :::*                        LISTEN      2866/named-sdb
udp        0      0 192.168.0.2:53              0.0.0.0:*                               2866/named-sdb
udp        0      0 127.0.0.1:53                0.0.0.0:*                               2866/named-sdb
udp        0      0 192.168.0.2:953             0.0.0.0:*                               2866/named-sdb
udp        0      0 127.0.0.1:953               0.0.0.0:*                               2866/named-sdb

if it is not listening on port 953 it will not work for lan.

whoops formatting error :p
 
fix: add the following line to named.conf
Click to expand...
That's one way of doing things, but normally DA changes the named.conf and then you will have it like this:
Code: 
        //listen-on port 53 { 127.0.0.1; };
        //listen-on-v6 port 53 { ::1; };
Now this way the default is used and named will listen to all ip's, which is a better fix imho.

Next to that, keep the ip of Ben29 in mind, you should not have firewall issues.
 
I cinda have the same problem on my new centos 6 installation...

When i enable

//allow-query { localhost; };
//allow-recursion { localhost; };
//recursion yes;

The first line then the DNS is no longer working, i cant ping to a local setup domain and from my home i also cant connect to the site. When i disable allow-query everything works right.
What can i do since allow-query is http://help.directadmin.com/item.php?id=115 following this tutorial the right way...
 
I think that

Code: 
allow-query     { localhost; };

in that KB you linked it a mistake, it should be set to 'any' or just commented out (which leaves it to the internal default of 'any').

I've sent an e-mail to DA for confirmation.
 
You must log in or register to reply here.
Back
Top